Skip to main content

Help us improve the Digital Marketplace - send your feedback

Unisys Limited

Unisys Application Framework (U-AF)

Unisys U-AF provides a configurable, modifiable, highly secure framework supporting law enforcement, case management, records management, criminal justice, digital asset management, disclosure, visualisation, intelligence management, resource scheduling, booking and assignment, providing law-enforcement and other public sector agencies with efficient procedures, collaboration, data quality, analysis and value for money.

Features

  • Extensible, configurable low code framework with comprehensive law enforcement functionality
  • Case, Records and Intelligence Management, Resource Scheduling/Booking within one application
  • Entity Model simplifies data input and retrieval for operational staff
  • Provides investigators with analytical, mapping, temporal and association/link analysis
  • Commercial or Open Source platform, simplified external system integration
  • Options include Digital Asset Management, Resource Scheduling, Booking, Assignment
  • Completely configurable data model, security, rules and workflow
  • Supports intelligence, crime management, screening, work allocation and management
  • Meets requirements for complex criminal justice procedures and disclosure (Case)
  • Optional configurable Public Portal allowing citizen collaboration, information/attachment capture

Benefits

  • Improves targeting of crime and criminals
  • Improves the security of, and access to, sensitive information
  • Enables the seamless sharing of information with other agencies
  • Configuration approach improves responsive to changing business requirements
  • Delivers a modular approach and a configurable level of capabilities
  • Reduces operational costs through open source and application driven efficiencies
  • Improved public engagement via secure public facing portal
  • Provides investigators with analytical tools enhancing their predictive policing
  • Optional Graph Visualisation module allows advanced visualistion for all users
  • Optional DAMS allows gathering/managment of all assets in one solution

Pricing

£1,208 to £1,571 a user a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cloudstore@unisys.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

6 7 8 2 6 3 8 2 5 8 7 6 8 8 5

Contact

Unisys Limited Simon Arnold
Telephone: +44(0)7808391153
Email: cloudstore@unisys.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
No
System requirements
  • Customer provides ESRI licences for mapping if required
  • Customer provides i2 ANB licences for link analysis if required
  • Cusomter provides LocatorHub licences for gazetteer if required

User support

Email or online ticketing support
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Ranges from 8 to 6 (Mon-Fri) to 24/7 depending on option chosen. For further details, please see service description
Support available to third parties
Yes

Onboarding and offboarding

Getting started
See Service Description
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
See Service Description
End-of-contract process
See Service Description

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Chrome
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
U-LEAF has a series of native web services (SOAP and some Rest) allowing external solutions to interfacing with the application allowing the creation, read, update, delete and search of entities. The web services include authentication to ensure access is from an authorised user/service.
Accessibility standards
None or don’t know
Description of accessibility
Application is designed to be accessible but has not been accredited to the WCAG standards.
Accessibility testing
None
API
Yes
What users can and can't do using the API
U-LEAF provides an API as a set of SOAP and Rest based services into the solution allowing the creation, read, update, search and deletion of information. The services provide a set of capabilities in the system which depends on the security level of the "token" passed in the interface. The service also support bulk information upload via formatted batch files
API documentation
Yes
API documentation formats
  • PDF
  • Other
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
U-LEAF allows the configuration of numerous parameters, users roles, markers, tags, custom fields and the content of all drop down lists which are used for input of specific data within forms entry.

Users can also build there own reports through the U-LEAF query builder and provide word document templates for the production of output forms from the system

Users can also execute and save searches, which can then be shared with other solution users.

Scaling

Independence of resources
See Service Description - Capacity

Analytics

Service usage metrics
Yes
Metrics types
See Service Description

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
See Service Description
Data export formats
  • CSV
  • Other
Other data export formats
XML
Data import formats
  • CSV
  • Other
Other data import formats
XML

Data-in-transit protection

Data protection between buyer and supplier networks
Private network or public sector network
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network
Assured by CESG-assured components.

Availability and resilience

Guaranteed availability
See Service Description
Approach to resilience
See Service Description
Outage reporting
See Service Description

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
  • Other
Other user authentication
Assured by independent testing of implementation
Access restrictions in management interfaces and support channels
Cloud Management Environment (CME) separation is achieved at Management, Network, Hypervisor and Storage Layers.

The CME does not have access to the tenant’s environment within the platform.

CME is responsible for monitoring and managing the cloud platform, but does not monitor guest OSs.

At network layer, data is separated by VLANs from virtual machines to the physical network switching infrastructure.

Inter VLAN traffic flow is protected by a firewall.

Management of Hypervisor Layer hosts and the VMs are separated; traffic to the hypervisor host is physically separated by using different network adaptors and switches to those serving tenant VM traffic.
Access restriction testing frequency
Less than once a year
Management access authentication
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
14/10/21
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
  • CESG certification to IL3
  • Police Assured Secure Facility

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Client Information Security policy (IS) incorporates Unisys Corporate IS policy. Adherence and compliance to both of these policies, for delegates engaged in providing the U-LEAF services, is mandatory requirement to joining the team.

All delegates are security vetted and are provided annual Security briefings.

Compliance, renewals and Joiners & Leavers registers are reviewed, monitored and reported on quarterly bases.

Ad-hoc unannounced spot checks are also carried out by the Security Authority who is responsible for managing and reporting on all service related Information Security incidents.

Further, delegates are also presented with the U-LEAF Service SyOps as well as the individual client SyOps that details how the system meets and delivers the G Cloud Security Principles.

Delegates roles and responsibilities are defined by the processes and procedures outlined in the accompanying SOPS documentation.

U-LEAF Service Catalogue details the Security Risk Incident and Emergency Security Incident management procedures.

The U-LEAF service Security Authority has a dotted line into the Unisys UK CIO and has a seat on the Corporate Security Governance board.

Unisys operates an anonymous incident and dispute reporting scheme.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
U-LEAF is managed against a set of processes and procedures in place for every Unisys product.

All artefacts are held in a version control and fault tracking repository which ensures all components are tracked through their lifetime

Changes are assured by independent validation of assertion
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
At the infrastructure level, the U-LEAF infrastructure is protected by perimeter security provided by a combination of, different vendor, Physical and Virtual Firewalls.

Intrusion Detection System (IDS), such as SNORT, would provide perimeter security.

A SIEM solution (such as SolarWinds or LogRythm) would provide the required proactive Security incident or event monitoring services to detect potential threats.

Periodic Vulnerability Scans would be performed to check for any new vulnerabilities that may be detected in the wild or may have crept into the live service.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
The infrastructure would utilises network IDS such as SNORT to monitor network traffic and alert on malicious activity.

Security information and event management (SIEM) software would collate and analyse the logs on the environment to proactively detect compromised vulnerabilities.

On UKPSC these tools have been configured to analyse and alert on all 12 Protective Monitoring Controls described in the UK Governments Good Practice Guide 13 document.

BAU Ops team monitor the UKPSC 24 x 7 x 52 using SolarWinds and System Centre Operations Manager (SCOM).
Incident management type
Supplier-defined controls
Incident management approach
During on-boarding stage, tenants are introduced to Unisys IM process that details how incidents are logged with the service desk, how to allocate priority and how incident flow takes place from being received by the appropriate resolver-groups until it is resolved.

The Incident severity levels are defined by the incident characteristic that are defined in the service description, which also details the process flow between Incidents and Problem record and how Incident and Problem Management tracking and reporting is performed.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)

Social Value

Fighting climate change

Fighting climate change

Unisys is committed to preserving the environment and have a number of strategies to do this, for our own business, our supply chain and our customers. Solutions to help our clients reduce their carbon footprints largely focus on applying advances in technology to improve the energy efficiency of IT Platforms through migration to the cloud and by enabling secure home working. Our security, collaboration and application services enable our workforces and those of our clients to securely work from home and collaborate and share data. This helps reduce real estate footprint for office space, as well as minimising the impact of business travel. Our consultancy and application services support the migration of workloads to the cloud. This delivers many environmental benefits, primarily increased energy efficiency of IT platforms and more efficient and sustainable use of IT infrastructure. Cloud based infrastructure is more energy efficient than on-premise models for many reasons. For example, additional capacity for temporary requirements such as capacity for peak workloads or development environments can be decommissioned when not in use. Unisys has deployed many secure cloud services to meet highly classified Public Sector requirements, with cloud services delivered from our PASF, ISO27001 and ISO22301 certified secure UK data centres. We bring proven government security compliance coupled with the additional layer of Unisys Stealth® Zero Trust security software built on a foundation of the NIST Risk Management Framework (RMF). Our deployment approach focuses on making decisions about security and cost-effectiveness during planning and features a Zero Trust approach to achieve no failures in compliance or security vulnerability. The use of these measures internally within Unisys have contributed to exceeding our target of a 75% reduction in our Scope 1 and 2 carbon emissions by 2026, five years ahead of plan, with a reduction of 80% achieved in 2021.
Covid-19 recovery

Covid-19 recovery

Unisys services helped support the workforces of Unisys and our clients in the almost overnight transition to remote and flexible working. This helped our employees and those of our clients to adapt the traditional work week and cope with the many challenges of lockdown, such as home schooling. We also supported businesses in adapting to specific business challenges. Our products and services, particularly cloud UC, digital workplace and Stealth security services enabled our clients to rapidly adapt their operating models and keep running during the pandemic. We amended the operational support model of our public and private cloud hosting services to enable working from home, even for high security government customers. To allow social distancing and reduce the number of staff required on site, operational team members were split according to data access. Those working below the application layer with no access to data could work from home. The subset of team members with access to data with a Government security classification continued to work on-site, with all access monitored and audited using a SIEM solution. Employees were rotated in a 2-week shift pattern. At a company-wide level, Unisys is committed to making a positive impact in the communities where our employees and clients live and work through corporate philanthropy. Through the global Unisys Cares programme, we partner with non-profit organisations driving better outcomes and positive change around the globe. We created a campaign across Unisys to support families impacted by COVID-19. A dedicated 24/7 COVID-19 Task Force assisted employees and their dependents during medical emergencies. During the pandemic, we partnered with a healthcare services provider in India, which was heavily impacted by COVID-19. We organised two vaccination drives in Bengaluru and Hyderabad. More than 1,400 employees and their dependents were vaccinated across both cities.
Tackling economic inequality

Tackling economic inequality

Unisys is committed to a sustainable and socially conscious future and are a member of the United Nations Global Compact, the world’s largest corporate sustainability initiative focusing on advancing human rights, labour, anti-corruption, environment, and other societal goals. Our investment in professional development remains focused on building a diverse and inclusive bench of future leaders empowered to improve our business. This includes reskilling initiatives to ensure that our associates remain as competitive as possible in rapidly evolving technical fields. This is delivered in a number of ways, including (1) the Unisys University with more than 50,000 on-demand development programs supporting a wide range of development opportunities; (2) partnerships with training organizations such as Skillsoft, Global Knowledge and Franklin Covey; (3) Tuition reimbursement for degree programs or certifications and (4) Our Connected Leadership programme focused on developing underrepresented ethnic groups at executive and management levels. Our technology solutions including cloud based hosting, digital workplace services and secure connectivity for flexible remote working support the creation of similar initiatives in our customer base. In addition, our products and services that enable home working tackles economic inequality for job candidates, removing the restriction of requiring candidates to live in a commutable distance from company office locations and reducing the cost of business commuting. We also promote equal opportunity in our Supply Chain: While there is no official policy, Unisys is by the nature of our business a supporter of small and medium providers. We work with many niche and specialist providers to build bespoke client-specific solutions. Suppliers for these requirements by the nature of the services they provide tend to be smaller in size.
Equal opportunity

Equal opportunity

From the top down, Unisys’s mission is not only to offer excellent products and services, but to make the world a better place. We are a member of the United Nations Global Compact and follow its ten principles, which addresses equal opportunity under Principle 6. We encourage equal opportunities and treat all people in a fair and impartial manner, without prejudice as to race, colour, nationality, ethnicity, religion, gender, sexual orientation, marital status, age, and disability or family responsibilities. This is the definition of the fundamental right to equality, safeguarded by the Unisys approach to Diversity, Equity and Inclusion (DEI). We actively represent, develop, promote and celebrate the rich diversity of our workforce. Evidence of this includes our perfect score on the 2021 Disability Equality Index, the world’s most comprehensive benchmarking tool to measure disability workplace inclusion. Ongoing skills development is open to all our employees through the Unisys University, which includes more than 50,000 on-demand development programs. Our Connected Leadership programme focuses on developing underrepresented ethnic groups at executive and management levels. Our products and services help level the playing field for employees, both within Unisys and for our client workforces. For example, our products and services that enable home working opens the pool of potential candidates to a much wider audience, removing the restriction for candidates to live within a commutable distance of company office locations. We also promote equal opportunity in our Supply Chain: While there is no official policy, Unisys is by the nature of our business a supporter of small and medium providers. We work with many niche and specialist providers to build bespoke client-specific solutions. Suppliers for these requirements by the nature of the services they provide tend to be smaller in size.
Wellbeing

Wellbeing

Unisys is a people company. We strive for greater outcomes for our employees, clients and partners. We continually expand our Diversity, Equity and Inclusion programs and deploy new ways to engage, recognise and develop our employees. A large part of recent workforce wellbeing activity focused on keeping our own employees and those of our clients safe during the pandemic. We limited the number of people working on-site at any given time to ensure social distancing and required face coverings and thermal screenings, as necessary. We maintained safety standards across our sites. This was successfully achieved, as Unisys total recordable, lost and restricted workday rates continued the downward trend of the past decade. Now that the world is returning to normal, wellbeing efforts now focus on the provision of products and services to support flexible working. This contributes to the wellbeing of our employees and those of our clients by enabling the traditional work week to flex to cope with the many challenges of daily life, such as child care, while remaining in full-time employment. Unisys products and services that support flexible home working include Stealth® Zero Trust security software, cloud-based unified communications and collaboration services and digital workplace services with a managed service for ergonomic equipment for home based employees. Unisys has a zero-tolerance policy toward slavery and human trafficking and will not support or conduct business with any organisation involved in such activities. We respect individual human rights and require that our business partners do the same. We recognise our responsibility to protect human rights globally and to provide a fair and ethical workplace for our associates. General awareness on this topic is communicated to all Unisys employees annually.

Pricing

Price
£1,208 to £1,571 a user a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cloudstore@unisys.com. Tell them what format you need. It will help if you say what assistive technology you use.