Collaborative, Research-based Stakeholder Requirements Capture Service
User research: focus groups/surveys/interviews/literature reviews/task analysis/card sorting/brainstorming/workshops/analytics/digital audit/landscape review Organisational/user needs Rationalise/Streamline/De-duplicate Wishes/Needs vs. Requirements/Tasks/Functionality Validation Stakeholder comms/buy-in Segment/Prioritise/Phase/Sense-check Top-down/bottom-up budget assessment Use Cases/Functional/non-functional specifications/Technical architecture Proof of concept/prototyping
Features
- User research: focus groups, surveys, interviews, literature reviews, job/task analysis
- User research: card sorting, brainstorming, workshops, analytics, digital audit/landscape review
- Organisational/user needs
- Business analysis
- Rationalise/Streamline/De-duplicate
- Wishes > Needs > Requirements > Tasks > Functionality
- Validation
- Segment, Prioritise, Phase, Sense-check
- Top-down & bottom-up budget assessments
- Design/build & hosting
Benefits
- Suitable for all public-sector organisations
- User-friendly, multi-platform (web/tablet/mobile)
- Management Information/audit
- Suitable for non-technical users
- User self-service
- User research: focus groups, surveys, interviews, literature reviews, job/task analysis
- User research: card sorting, brainstorming, workshops, analytics, digital audit/landscape review
- Stakeholder communications and buy-in
- Use Cases/functional specification/non-functional specification/technical architecture
- Proof of concept/prototyping
Pricing
£650 to £1,200 a person a day
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
6 5 4 3 8 4 4 8 8 9 7 7 0 6 9
Contact
Panlogic Limited - Digital Engineering
William Makower
Telephone: 0333 3395234
Email: william.makower@panlogic.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Service constraints
- None
- System requirements
-
- Contract
- Clam-AV anti virus
- Linux Debian 8 or Ubuntu 16.04 OS
- PHP 5.5+
- MySQL 5.5
- Apache2 or NGINX
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
-
Within the hours of 09:00 and 17:00 (Monday to Friday) excluding UK Bank Holidays and Public Holidays) - extended hours (including 24x7x365) available on request:
Critical issues: Support initiated within 4 core hours from notification
Urgent issues: Support initiated within 12 core hours from notification
Routine issues: Support initiated within 24 core hours from notification
Non-standard maintenance requests: Scheduled promptly and notification of initial analysis and/or action taken (or to be taken) forwarded to the Client within 8 core hours of receip - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 A
- Web chat accessibility testing
- Web chat is always an important component to our digital solutions and even more so for Assistive Technology users. We leverage the extensive testing done by market leaders in web chat components such as LiveChat and ZenDesk to ensure this feature meets the required level of compliance. We further ensure the web chat product enables a seamless transition for AT users from the chat experience to the core solution.
- Onsite support
- Yes, at extra cost
- Support levels
-
Levels & costs depend on agreement.
We can provide a technical account manager. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Self-service on-boarding process
- Service documentation
- Yes
- Documentation formats
-
- HTML
- Other
- Other documentation formats
-
- Word
- Excel
- End-of-contract data extraction
- JSON export is possible
- End-of-contract process
-
Included: access to the payment platform
Not included: any bespoke elements
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None
- Service interface
- No
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- API
- No
- Customisation available
- Yes
- Description of customisation
-
Causes
Products
Payment methods
Payment amounts
Organisational information
Option to completely white-label the solution
Scaling
- Independence of resources
- Real-time resource monitoring & auto-scaling
Analytics
- Service usage metrics
- Yes
- Metrics types
- Real-time dashboards
- Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with another standard
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- No
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- JSON & CSV export
- Data export formats
-
- CSV
- Other
- Other data export formats
- JSON
- Data import formats
- Other
- Other data import formats
- N/A
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- 99.9%
- Approach to resilience
- Available on request
- Outage reporting
- Email alerts
Identity and authentication
- User authentication needed
- No
- Access restrictions in management interfaces and support channels
- N/A
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- No audit information available
- Access to supplier activity audit information
- No audit information available
- How long system logs are stored for
- Between 1 month and 6 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
-
Security governance is defined in the SLA. However, responsibility typically for the systems procured via Panlogic lies with the Project Manager, Client Services Director and ultimately one of the Company Directors. Each of the policies that make up the security policy are reviewed annually by the senior staff.
Changes or additions can be proposed at any time by any member of staff, any substantive changes made to any documents will be communicated to all relevant personnel. - Information security policies and processes
-
Panlogic has the following policies:
-Compliance Policy
-Information Handling Policy
-User Management Policy
-Acceptable Use Policy
Reporting Structure:
William Makower - Director
John Foster-Hill - Director
Designated Project Manager
On a day to day basis its the responsibility of the Project Manager to ensure the policies are set in place and overall its the Directors' responsibility to ensure all policies including HR and data protection are adhered.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Incident change and planned development changes are documented via the Panlogic ticketing system along with User Guide revisions.
Documented changes are recorded in states:
-Current state#
-Transition State
-Future state
These are announced via email and/or blog updates for significant developments.
Source code is maintained in a Git code repository and is tagged for releases, as are database changes.
Deployments of changes are automated using deployment services. - Vulnerability management type
- Undisclosed
- Vulnerability management approach
-
Threats are assessed by reviewing log files and traffic abnormalities and identifying non-genuine traffic.
Patches are deployed immediately after an issue is identified. A patch is first developed and tested and then implemented when proven to resolve the issue.
Information regarding threats is collated through social media, github, news groups, dedicated forums relating to the technologies used (e.g. PHP website, MySQL website etc.). - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Third-party tools are used to help gain insight from the server level upwards, to aid in identifying any internal or external incorrect use or abuse.
When a potential compromise is identified resolutions are defined, developed, tested and deployed as soon as possible.
Timings are typically covered within an SLA, but responses start usually from 4 working hours. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Any incidents are recorded using Panlogic's ticketing system for tracking, escalation and reporting.
All incidents receive an initial response and then a follow-up with more detail. The timings will be governed by the agreed SLA.
Security breaches will be deemed a 'Level 1: Critical' incident and actioned accordingly.
Following a security incident and/or personnel changes, policies for access to systems are applied.
Security and other 'Level 1: Critical' incidents are notified to the service Project/Account Manager who will in turn notify their equivalent at the client organisation.
FAQs provided online are a 1st-line support option to common issues and questions.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
Sustainable development - • Panlogic will always seek to take account of both the world's poor and future generations in its strategic decision making • We will not work with organisations that have been proven to contravene these principles either as suppliers or clients Travel - Panlogic operates the 'Bike 2 Work' salary sacrifice scheme (www.bike2workscheme.co.uk). This allows employees to save up to 52% on the cost of a new bike and equipment and spread the costs over 12 monthly interest free payments. Hosting & energy efficient networks Panlogic will continue to take an interest in BT's carbon emission reduction strategies and keep abreast of other providers who are working towards a more energy efficient internet, particularly those who are members of the Green Grid (www.thegreengrid.org) and EU funded projects such as GreenShift (www.greenshift.org.uk). Energy consumption • To never leave PCs idling or on standby • To upgrade to more efficient operating systems only as required (while newer operating systems is a more energy efficient operating system, the e-waste created by an upgrade solely for this reason, would be counter-productive) • All printers, faxes and any other PC or peripheral equipment is turned off overnight and at the weekends. • Panlogic currently uses only low energy efficient lighting solutions and aims to procure only Energy Star Rated products • To upgrade to new hardware which incorporates more materials re-use and less environmentally harmful substances, as this becomes sensible (i.e. the e-waste created by an upgrade solely for this reason, would be counter-productive) Office operations • Panlogic sources its food and beverages for meetings from local suppliers. • Panlogic investigates sustainable sources of materials and assets (such as carpets, chairs, desks etc.) and fully considers environmental factors in its procurement of these items when considering office improvements. - Equal opportunity
-
Equal opportunity
We aim to abide by and promote equality legislation in both the letter and the spirit of the law and we try to avoid unjustified discrimination (i.e. discrimination based upon characteristics people cannot control about themselves) which we recognise is a barrier to equality, diversity, inclusion and human rights. We promote equality, good relations and inclusion aligned to the Equality Act 2010, Section 75 of the Northern Ireland Act 1998 and the Welsh Language Act 1993 and relevant legislation aligned to the geographical regions in which we operate. Specifically, we seek to build meaningful, enduring and respectful relationships across different cultures and, where possible, make equality, diversity and inclusivity (EDI) a key decision-making tool. Panlogic strives to champion equality, diversity and inclusion in: • Challenging and eradicating discrimination in the workplace • As far as possible, ensuring our team reflects the U.K.'s diversity • Providing digital communications services that are accessible to all (please see our separate Accessibility Policy for more on this) We aim to implement this by: • Promoting equality and diversity and challenging discrimination • Creating an organisational culture that recognises the contribution of all team members, and which is supportive, fair, just and free from discrimination • Striving to be an exemplary employer • Complying with our statutory obligations under the relevant legislation We will regularly monitor, and assess our processes to: • Take adequate steps to prevent personal discrimination • Take decisive action when discrimination occurs • Take steps to promote equality and diversity.
Pricing
- Price
- £650 to £1,200 a person a day
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
-
Trial and free options available.
Everything is included.
Time period limited by arrangement.