Skip to main content

Help us improve the Digital Marketplace - send your feedback

CEGEKA UK LIMITED

Cegeka UK's Secure Portal for Communications Data Disclosure

Cegeka UK's Disclosure Management System (DMS); an advanced software solution designed to streamline and automate disclosure processes. Organisations can efficiently handle a range of disclosures, retrieving and aggregating data from multiple sources. DMS provides a secure centralised platform for raising, fulfilling, reviewing, and approving disclosure requests, ensuring accuracy and consistency.

Features

  • Portal for internal and external stakeholders to raise disclosure requests
  • Automated request fulfilment and disclosure to stakeholders
  • Workflow for users to track requests through their lifecycle
  • Ability to interface with SOAP and RESTful APIs
  • Configurable styling of disclosed data formats
  • Data Loading and Storage
  • Witness statement generation
  • Emergency requests: Prioritises high priority requests for law enforcement/999 operators

Benefits

  • Streamlined process: Simplifies disclosure request, fulfilment, approval and response processes
  • Improved accuracy: Ensures precise and consistent disclosures
  • Speeds up disclosure processes and reduces human effort required
  • Ensures adherence to relevant legislation such as IPA and DPA
  • Document security: Safeguards sensitive information with robust security features.
  • Easy distribution: Simplifies secure sharing of disclosure results with stakeholders
  • Adaptable: Can be interfaced with most data retention solutions
  • Cost savings: Reduces expenses associated with manual processes and errors
  • Centralised repository: Stores transactional information inline with retention rules
  • Emergency requests: Prioritises high priority requests for law enforcement/999 operators

Pricing

£250 to £1,200 a unit a day

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info.uk@cegeka.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

6 5 3 3 1 5 1 1 7 0 0 9 6 1 2

Contact

CEGEKA UK LIMITED Cegeka UK
Telephone: +44(0)1189 750877
Email: info.uk@cegeka.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Hybrid cloud
Service constraints
There are no constraints that can be identified until understanding the buyer's requirements
System requirements
  • Linux environment dependant
  • Requires network connectivity
  • Oracle Enterprise Edition Database License (can be supplied on request)
  • Java Standard Edition License (can be supplied on request)

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Designed company response times are specified as per customer requirements - as an example: During Business Hours (Mon-Fri, 0900-17:00) P1: Total Loss of Service - Dedicated number for immediate response P2: Loss of Service, affecting a group of users - Response in 24 hours P3: Loss of service, affecting a single user - Response in 24 hours Evenings, Weekends, Public Holidays P1: Total Loss of Service - Cost-Plus 24/7 Support available for immediate response Time, else, next Business Day P2, P3: next Business Day
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Microsoft Teams
Web chat accessibility testing
None
Onsite support
Yes, at extra cost
Support levels
Within the client environment, CTG can reinforce or staff the service desk team based on function profiles and a guaranteed staffing of a required number of seats. We can provide a team leader if requested. The client can keep the responsibility of the incident management process, if required. CTG brings a team in place at the client site and assumes the responsibility of the service desk processes. A service level agreement is put in place between CTG and the client. CTG will present the performance results of the service desk to the management of the client on a monthly basis. Bronze - Phone and email support. No hands on support/maintenance. Mon-Fri 0900-1700. Silver - Phone, email and remote access support. No hands on support/maintenance. Mon-Fri 0900-1700. Gold - Phone, email and remote access support. No hands on support/maintenance. Mon-Fri 0900-1700 for non-P1. 24/7/265 for P1.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The service will be started with a requirements gathering workshop to understand the scope of the project. User training and user documentation is provided toward the end of the project.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
If applicable, the buyer can request their data by directly requesting it from CTG. CTG will work with the buyer to provide the data in an appropriate format.
End-of-contract process
The price of this service will include the necessary resources required to meet the client's requirements

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
The service interface can be accessed via a Web GUI or API
Accessibility standards
None or don’t know
Description of accessibility
The service interface can be accessed via a Web GUI or API
Accessibility testing
None
API
Yes
What users can and can't do using the API
Users are able to obtain a service catalogue, raise a request, get the status of an existing request, download the results from an existing request and cancel a request
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
CTG will take time to understand the clients requirements to tailor the existing off the shelf solution if required

Scaling

Independence of resources
Resources aren't shared and environments are segregated to ensure users aren’t affected by the demand other users are placing on the service

Analytics

Service usage metrics
Yes
Metrics types
CTG will provide manually produced reports tailored to the buyer's requirements. There is also an application dashboard which provides real time information.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
If applicable, users can request that CTG export their data on their behalf
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
Any format requested by the buyer
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
CTG guarantee 99.99% availability (under 2 hours outage per year)
Approach to resilience
CTG will create primary and standby environments and implement data replication across environments
Outage reporting
Proactive Monitoring via email and Nagios can be provided

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Whitelisting of user email addresses
Access restriction testing frequency
At least once a year
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Cyber Essentials and Cyber Essentials Plus
Information security policies and processes
CTG's Information Security Policies are closely aligned to ISO:27001 practices but CTG are not currently ISO:27001 compliant.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
CTG have a Change Management process to ensure all changes are managed and documented correctly. Further information can be provided on request.
Vulnerability management type
Undisclosed
Vulnerability management approach
CTG continuously review the latest security threats and will re-act quickly to high priority threats. All vulnerabilities are assessed on a case-by-case basis and CTG will work with Buyers to release patches in a speedy manner, aligned to the level of threat.
Protective monitoring type
Undisclosed
Protective monitoring approach
Further information can be provided on request
Incident management type
Undisclosed
Incident management approach
CTG have a dedicated Incident Management team who work to a robust process that has been providing reliable support to our customers for over 10 years. Buyers will be provided updates to any incidents regularly. Further information on CTG's IM Process can be supplied on request.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
Yes
Connected networks
Public Services Network (PSN)

Social Value

Social Value

Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

Fighting climate change

CTG UK is committed to achieving net zero greenhouse gas emissions by 2040, and has established initiatives to achieve this goal. To achieve Net Zero, CTG UK Ltd. have adopted the following carbon reduction targets: • Maintain Scope 2 carbon emissions at 0 tCO2eq. by 2040. This is a reduction of 100% from 2021. • Encourage cultural and behavioural change to reduce electricity usage and will offset the remaining emissions through international and UK projects where possible. • Strive to keep Scope 1 emissions at 0 tCO2eq. • Offset remaining emissions through international and/or UK carbon removal schemes. COMPLETED CARBON REDUCTION INITIATIVES • Switch to green energy suppliers across UK site by 2040, achieved by 2022 • Reduce energy use through cultural and behavioural change. (i.e., how frequently the kettle is used, do all the lights need to be on, air con/heating on timer) • Install renewable alternatives if possible (i.e., solar to generate own electricity) • Calculate Upstream Distribution, Waste Disposal, Business Travel, Commuter Miles, Downstream Distribution PLANNED CARBON REDUCTION INITIATIVES Scope 1 I. Continue to not burn any fuels onsite Scope 2 I. Remain on a renewable energy tariff for energy usage at head office to keep UK Electricity emissions at 0 Tonnes CO2 eq. Scope 3 I. Not increase the current 1 day a week in office and 4 working from home II. International travel via Eurostar rather than by air to minimise emissions III. Encourage car sharing amongst employees IV. Encourage the use of public transport amongst employees V. Encourage recycling and waste reduction amongst employees Other recommendations •Calculate Scope 3 emissions of purchased goods and services to gain a better understanding of supply chain emissions •Offset emissions through verified carbon offset projects •Engage in corporate tree planting •Continue to calculate emissions annually to monitor progress

Equal opportunity

CTG is committed to being a successful, caring and welcoming place for all employees. We want to create a supportive and inclusive environment where our employees can reach their full potential, without prejudice and discrimination. We are committed to a culture where respect and understanding is fostered and the diversity of people's backgrounds and circumstances will be positively valued. Equality of opportunity, valuing diversity and compliance with the law is to the benefit of all individuals in CTG as it seeks to develop the skills and abilities of its people. While specific responsibility for eliminating discrimination and providing equality of opportunity lies with managers and supervisors, individuals at all levels have a responsibility to treat others with dignity and respect. Through this policy and procedure and the training and development of managers and staff, CTG will do all it can to promote good practice in this area to eliminate discrimination and harassment as far as is reasonably possible. CTG will also continue to work towards its dedicated goal of encouraging and promoting equality and diversity within the workforce. The policy aims to achieve equality by removing any potential discrimination in the way that our employees are treated by fellow employees or the company, including: •people with disabilities •people of different sexual orientations •transgendered and transsexual people •people of different races •people on the grounds of their sex •those of faith and of no faith •in relation to their age •in relation to their social class or medical condition •people who work part-time •those who are married or in a civil partnership •women who are pregnant, have recently given birth or are breastfeeding. Some of the above are protected characteristics under the Equality Act 2010 and discrimination is prohibited, unless there is a legal exception under the Equality Act.

Wellbeing

CTG understand the positive impact that healthy and engaged employees make to the success of our organisation and that mental health will play a significant role in an employees’ state of mind. CTG appreciate that individuals can experience periods - sometimes prolonged periods - of poor mental health in the same way as with physical health. We commit to providing support for employees going through mental health problems because we recognise such employees can provide a substantial contribution to the success of this organisation. CTG have a Wellbeing plan in place for any issues brought to our attention, including; Employee action plans, Workplace adjustments, Occupational health referrals and Managing absence and return to work. This is supported by; an Employee Assistance Programme (EAP), Confidentiality practice and employee and management training.

Pricing

Price
£250 to £1,200 a unit a day
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info.uk@cegeka.com. Tell them what format you need. It will help if you say what assistive technology you use.