Datavid Limited

Quill - Component Content Management and Structured Content Authoring

Quill is a DITA based component content management system (CCMS) which enables production of policy documents. It allows users to build reusable content which can be used across documents.

Features

• Structured Content Authoring Application
• Metadata Management
• DITA based reusable content
• Reference Data Management
• Component Content Management System (CCMS)
• Review Policy documents
• Author Policy documents
• Integration with upstream and downstream departmental systems

Benefits

• collaborative authoring
• robustly manage policy or any other departmental content
• quickly find relevant information across departmental business units
• reduced time to deliver value from content
• SAAS and managed version available

£100 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Balvinder.dang@datavid.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

648232345160265

Contact

Balvinder Dang
+44(0) 203 488 5494
Balvinder.dang@datavid.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: None
• System requirements: Supported in docker, VMs and bare metal

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: 2 hours during weekdays 4 hours during weekends
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: None
• Onsite support: Yes, at extra cost
• Support levels: We work closely with our customers to provide the necessary support levels. We follow a managed service delivery approach, with an experienced account and delivery team shaped to the required size, scale and specifics of the organisation. Core support hours are Monday to Friday 08.00 to 18.00 excluding Bank Holidays. During these support hours customers can make enquiries by phone or via email directly.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide a mix of training options for users from onsite user based training, train the trainer, on line user documentation and web based eLearning style training courses. We also provide webinars and classes for ongoing training and exposure to new functionality as it is released.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The users data can be moved to any server using existing APIs
• End-of-contract process: A customer may terminate a Subscription at any time during its Term; however, you must pay all amounts due and owing before the termination is effective. Included in the price of the contract is all the hardware and software as agreed at the time of the contract. What is not included as standard if the integration of the Cloud service into any on existing on premise or other Cloud solutions the customer may require. This will include API's, bespoke anlaytics or reports, or customisations, The customer is also responsiblle for the connectivity from their own Datacentre to the AWS or Microsoft Azure datacentre

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Responsive web application
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: API & webhooks and web application
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Quill system is accessible to people with disabilities who are using assistive technologies. The above was designed based off UI accessiblity testing.
• API: Yes
• What users can and can't do using the API: Manage reference data; Manage files
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Migrate their legacy documents; Connect downstream Sharepoint or file system to load data

Scaling

• Independence of resources: Software is deployed on docker/kubernetes as well as VM's and is designed to scale and self heal when nodes/machines go down.

Analytics

• Service usage metrics: Yes
• Metrics types: Cloud provider have telemetry to gain visibility into the performance and health of your workloads on Azure or AWS. Quill Application also has google analytics enabled to track usage metrics.
• Reporting types:
  • API access
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: At all times during the term of Customer’s subscription, Customer will have the ability to access and extract Customer Data stored in each Online Service. Except for free trials, Datavid will retain Customer Data stored in the Online Service in a limited function account for 90 days after expiration or termination of Customer’s subscription so that Customer may extract the data. After the 90-day retention period ends, Datavid will disable Customer’s account and delete the Customer Data.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • XML
  • RDF
  • TTL
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • WORD
  • PDF
  • EXCEL
  • IMAGES (JPEG, BMP, any image format)
  • IMAGE PDF
  • JSON
  • XML
  • RDF
  • TTL
  • Any Semantic Format

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Software is deployed on docker and kubernetes cluster and/or VM's on public and private clouds (generally AWS or Azure of Google Cloud) and hence we offer SLAs dependent on the cloud provider of choice. ; ; On AWS it is 99.9%
• Approach to resilience: Software is designed to be scalable and resilient as it is deployed. on docker and kubernetes cluster and/or VM's on public and private clouds (generally AWS or Azure of Google Cloud) and hence it is resilient by design
• Outage reporting: https://health.aws.amazon.com/health/status; https://status.azure.com/en-us/status; ; Quill also has it's own health page

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: NA
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Intercert INC
• ISO/IEC 27001 accreditation date: 01/09/2023
• What the ISO/IEC 27001 doesn’t cover: NA
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We are working with a provider and targeting to get ISO 27001 this year
• Information security policies and processes: Datavid has a robust information security policy which is reviewed every year and updated in line with the industry best practices and regulations. ; ; Each employee and contractor has to read, understand and adhere to the policy. ; ; We have our own IT Security policy which is directly managed by our Data Protection Officer and CEO. ; ; We host software on AWS or Azure hence their security policy are also applicable ; ; https://docs.aws.amazon.com/whitepapers/latest/aws-overview/security-and-compliance.html; https://azure.microsoft.com/en-gb/support/trust-center/

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: https://azure.microsoft.com/en-gb/support/trust-center/; https://aws.amazon.com/config/
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: https://azure.microsoft.com/en-gb/support/trust-center/; https://aws.amazon.com/inspector/
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: https://azure.microsoft.com/en-gb/support/trust-center/; https://aws.amazon.com/guardduty/
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: https://azure.microsoft.com/en-gb/support/trust-center/; https://docs.aws.amazon.com/incident-manager

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  Datavid's Equal Opportunities Policy adheres to the Equalities Act 2010, emphasizing diversity in recruitment and offering equal pay across similar grades. Recruitment strategies prioritize expertise and diversity, utilizing skills-based assessments and non-discriminatory language in job advertisements that are available in accessible formats. Notably, 60% of UK full-time equivalents (FTEs) are from under-represented groups. Recruitment panels include women and individuals with protected characteristics, and use structured interviews to ensure fairness. Additionally, 13% of UK FTEs are apprentices, highlighting our commitment to training new talent.; ; Retention is strong, attributed to engaging work, continuous skill development, rotational engagements, added responsibilities, and social events. Flexible and remote working options are standard from day one, accommodating diverse employee needs.; ; Training is conducted virtually, with accessible facilities and documentation. Employees have opportunities for public skills training with reimbursable fees. Professional growth is supported through mentoring, with 10% of UK FTEs currently enrolled in training courses.; ; Datavid proposes a comprehensive approach to monitoring, measuring, and reporting on Diversity, Equality, and Inclusion (DEI). This involves conducting a requirements survey with the Authority to align our policies with DLUHC requirements. Any identified gaps will be integrated into our systems within 90 days of contract signing, ensuring efficiency by maintaining a unified process for DEI monitoring.; ; Metrics from recruitment and professional development are crucial for managing compliance with DEI policies and for informing future recruitment strategies. These metrics are reviewed quarterly by the Core Management team and are also utilized in one-on-one staff reviews.; ; Data is currently managed through spreadsheets by location managers, who report these metrics to the enterprise level. These metrics are discussed in weekly meetings with the CEO and quarterly at the Core Management Meetings. Transparency in feedback and improvements is maintained through presentations at monthly All Hands meetings and an open email suggestion box for improvements.

  Wellbeing

  Datavid recognizes its personnel as its primary internal asset and has seamlessly integrated Health and Wellbeing into its core management practices. The company is in the process of adopting the 6 Standards of Mental Health at Work, extending these to include physical wellbeing discussions i.e. Standard-1: Program - The Core Management Team regularly discusses staff recruitment, development, and wellbeing weekly, directly managing about 40% of consultants. Other project-leaders report to the CEO weekly, with any health-related feedback either addressed immediately by project-leaders or escalated. Recruitment and promotion processes consistently emphasize diversity, disability, and inclusivity. Standard-2: Work Design and Organizational Culture - Agile methodologies are standard across all projects, ensuring clarity on deliverables and deadlines through daily stand-ups and biweekly sprint meetings. A supportive team culture is fostered, with resources like a Technical Slack Channel available for additional support. Flexible working-conditions, including work-from-home options, help staff manage work-life balance, and monthly All-Hands meetings align employee efforts with corporate objectives. Standard-3: Promote Open Culture - Regular one-to-one meetings with senior managers ensure that all employees have a platform to discuss work-life issues openly. Standard-4: Mental Health Literacy - By the end of June 2023, training for managers on handling workplace mental health will be introduced, equipping them with necessary tools and techniques. Standard-5: Use of HSE Management Standards Indicator Tool - This tool is actively used within sprint and project teams to identify and address any assistance needs promptly, with actions taken including workload adjustments, emergency leave, or the provision of a mentor. Standard-6: Internal Escalation and Reporting - A robust system for monitoring, acting on, and reporting health issues is in place, with all concerns reviewed during the Core Management Meetings. Through these standards, Datavid is committed to maintaining an environment that supports the mental and physical health of its workforce.

Pricing

• Price: £100 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Limited by time period

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Balvinder.dang@datavid.com. Tell them what format you need. It will help if you say what assistive technology you use.