Skotkonung Ltd

MetricsLed PROJECT

MetricsLed PROJECT brings together the speed, scalability, and efficiency of the Cloud for the complete end-to-end project management of complex programmes and large grant facilities. PROJECT can be deployed at project, portfolio and enterprise levels. The platform brings together your tasks, projects and programmes in a single, secure management platform.

Features

• Brandable portal for advertising procurement opportunities and grant windows
• Eligibility assessments of potential grants, grantees and subcontractors
• Monitoring assessments for baseline, milestones and end of project
• Workflows for monitoring assessments to maintain audit trail/internal controls
• Work breakdown tool to track activities, deliverables and approvals
• Customer Relationship Management tool including network mapping and visualisation
• Financial management tool to track budgets, forecasts and variances
• Risks tool to monitor and report on risks and mitigations
• Export of data, risk maps and monitoring assessments
• Customised reporting and dashboards to track performance

Benefits

• Consistent and validated compliance data collection
• Visualised evidence of performance to drive effectiveness and adaptive management
• Keeps project delivery and payment schedule on time
• Aids drawing lessons from broad evidence-base across programmes and portfolios
• Reduced costs of performance comparison at programme and portfolio levels
• Reduced costs of performance comparison over time and between partners
• Dashboards provide strategic view of risks, performance and financial disbursements
• Visibility of all assessments and projects in one place
• Scalable to give increased value for money with use
• Shared workspace

£24,000 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@metricsled.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

662785154228880

Contact

MetricsLed
+44(0) 33 0088 3933
tenders@metricsled.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Maintenance is planned in advance (normally to take place between 8pm and 6am) and users are advised of disruption (normally with 48hr notice).
• System requirements:
  • Internet connection and browser
  • Service is designed to work on a tablet/laptop/desktop
  • Screens will render on a mobile device

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The help desk is available 09:00 to 17:00 on UK business days. We respond to high priority issues within four working hours. Medium priority within one business day. Low priority as agreed with the Customer on receipt of a service request.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support level is tailored to client needs and is normally set out in full in a service level agreement with the client. We provide single point of contact for technical support, finance and management. We provide a 24hr monitored single email address for all technical issues and run server monitoring on all client servers to flag connectivity and other issues. We can provide further details on request.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Clients are assigned an account manager. The account manager will organise training for client administrators. Initial training is included in the licence. Further training is available as agreed with the client. Data can be migrated at a charge.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Data export is provided at the end of service. We provide customer data in excel, csv and pdf formats depending on type and requirement.
• End-of-contract process: Based on an agreed end-of-service date, we provide data as above. We hold data for an agreed period, not exceeding two months, and then delete it unless we are legally required to retain it.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Pages reformat depending on the size of the device screen. The product is primarily designed for desktop use.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: Users can build standards and configure indicators and due diligence, compliance and results monitoring. Users can build workflows and manage user groups. Template permissioning and dashboard configuration are part of the on-boarding process.

Scaling

• Independence of resources: We use Microsoft Azure Cloud servers that scale on real-time demand.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Touchstone Review Ltd

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users are able to download written assessments and the results of analysis performed in the system.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • HTML
  • PDF
  • PNG
  • Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Word
  • Excel
  • PDF
  • PNG
  • JPEG

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Only named administrators have access to customer databases. Sensitive data for government services can only be accessed by SC cleared personnel.

Availability and resilience

• Guaranteed availability: 99.5% uptime.
• Approach to resilience: Available on request.
• Outage reporting: A public dashboard is used to report outages and email alerts to administrators. Planned outages are notified to users via email alerts and or system announcements.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Other user authentication: Access is restricted to named users and user accounts are subject to strong password policies. Two-factor authentication can be enabled.
• Access restrictions in management interfaces and support channels: Access is restricted to named users and user accounts are subject to strong password policies, 2 Factor Authentication and validated IP connections.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: Access is restricted to named users and user accounts are subject to strong password policies. Two-factor authentication can be enabled.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Approachable Certification
• ISO/IEC 27001 accreditation date: 26/09/2017
• What the ISO/IEC 27001 doesn’t cover: ISO 27001 certification covers all aspects of this service. Details of scope are available on request.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO 9001
• Information security policies and processes: We have fully documented information security policies. A copy is available on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We have internal processes for change control that includes a full cycle of testing and audit from development to production release. Changes are assessed at time of request for security implications and if necessary additional testing or external verification is completed prior to production release. These processes are documented and comply with our ISO 9001 and 27001 quality systems.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Available on request.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Available on request.
• Incident management type: Supplier-defined controls
• Incident management approach: Available on request.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  MetricsLed is disability confident ("Committed") Employer. Our tools are used to implement and track the impact of international development programmes, linking inputs with outcomes across issues including: Climate change, economic development, and equal opportunity. ; ; Our tools are also used to track and manage staff well-being.

  Tackling economic inequality

  MetricsLed is disability confident ("Committed") Employer. Our tools are used to implement and track the impact of international development programmes, linking inputs with outcomes across issues including: Climate change, economic development, and equal opportunity. ; ; Our tools are also used to track and manage staff well-being.

  Equal opportunity

  MetricsLed is disability confident ("Committed") Employer. Our tools are used to implement and track the impact of international development programmes, linking inputs with outcomes across issues including: Climate change, economic development, and equal opportunity. ; ; Our tools are also used to track and manage staff well-being.

  Wellbeing

  MetricsLed is disability confident ("Committed") Employer. Our tools are used to implement and track the impact of international development programmes, linking inputs with outcomes across issues including: Climate change, economic development, and equal opportunity. ; ; Our tools are also used to track and manage staff well-being.

Pricing

• Price: £24,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Proof of concept service giving users an opportunity to test on a small data set (provided by client or if requested by us). Trial period is negotiable but not to exceed 6 weeks. Please contact us to discuss further.
• Link to free trial: Www.touchstonereview.com

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@metricsled.com. Tell them what format you need. It will help if you say what assistive technology you use.