ICS.AI LTD

SMART: Generative AI Model Managed Service

The SMART: Generative AI Model Managed Service delivers bespoke AI language model solutions, optimising selection and billing to ensure cost-effective usage. Utilising patent-pending technology, it fragments transactions across multiple models, significantly reducing costs while providing continuous efficacy monitoring and adaptable, scalable services for diverse client needs.

Features

• Choice of commercial and proprietary AI language models
• Management of model selection for each transaction
• Integrated billing system for AI usage
• Patent-pending technology for transaction fragmentation
• Execution of fragments across multiple AI models
• Continuous monitoring of transaction efficacy
• Scalable service suitable for both large and small models
• Optimised cost reduction strategies for AI consumption
• Customisable solutions based on client needs
• Comprehensive reporting and analytics tools

Benefits

• Reduces the cost of using generative AI by distributing loads
• Ensures optimal performance by using the most effective model
• Simplifies the billing process for AI transactions
• Provides flexibility with a variety of AI model options
• Enhances efficiency through advanced proprietary technology
• Adapts to clients’ changing needs with scalable services
• Offers greater control over AI resource usage
• Improves budget management through cost-effective strategies
• Delivers detailed insights with advanced analytics
• Guarantees high-quality outputs through continuous performance monitoring

£0.01 a transaction

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.smith@ics.ai. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

680058206401694

Contact

Andrew smith
01256 403800
andrew.smith@ics.ai

Service scope

• Service constraints: https://docs.microsoft.com/en-gb/azure/ to determine applicable constraints based on buyers requirements
• System requirements: https://docs.microsoft.com/en-gb/azure/

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 1 hour, Monday to Friday 9am to 5pm
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: See https://azure.microsoft.com/en-gb/support/plans/
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Through an implementation of the SMART: Staff Copilot, ICS.AI configure the services necessary and provide online training and video guides to assist users
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Customer are able to remove their data at any time through the same means they uploaded. Either over their network (internet or express route) or via the Azure Import/Export services. Also see https://www.microsoft.com/en-us/trustcenter/privacy
• End-of-contract process: Microsoft is governed by strict standards and removes cloud customer data from systems under our control, overwriting storage resources before reuse, and purging or destroying decommissioned hardware. https://www.microsoft.com/en-gb/trust-center/privacy/data-management?rtc=1

Using the service

• Web browser interface: Yes
• Using the web interface: The web interface is delivered through our Staff Copilot product available on Lot 2.
• Web interface accessibility standard: WCAG 2.1 AAA
• Web interface accessibility testing: Accessibility report available on request
• API: Yes
• What users can and can't do using the API: https://msdn.microsoft.com/en-us/library/azure/ee460799.aspx
• API automation tools: Terraform
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: https://docs.microsoft.com/en-us/azure/virtual-machines/capacity-reservation-overview.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
• Other metrics:
  • User interactions managed by the SMAT: Staff Copilot
  • Power Bi dashboard shows every users interaction
  • Provides insights into usage patterns
  • Data driven decisions based on consumption
• Reporting types: Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Other
• Other data at rest protection approach: Azure Key Vault & Azure Active Director see https://docs.microsoft.com/en-us/azure/security/fundamentals/encryption-atrest?msclkid=b2f26c8ea91a11ecac8f8d24fb4e36fc
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Azure Managed Disks
  • Azure File shares
  • Azure Backup
• Backup controls: Through the agreed statement ofwork that covers the service and takes into consideration the clients requirements of backup and recovery
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: Microsoft’s approach to enabling two layers of encryption for data in transit is:; ; Transit encryption using Transport Layer Security (TLS) 1.2. All traffic leaving a datacenter is encrypted in transit, even if the traffic destination is another domain controller in the same region. TLS 1.2 is the default security protocol used. TLS provides strong authentication, message privacy, and integrity (enabling detection of message tampering, interception, and forgery), interoperability, algorithm flexibility, and ease of deployment and use.; Additional layer of encryption provided at the infrastructure layer.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Microsoft’s approach to enabling two layers of encryption for data at rest is:; ; Disk encryption using customer-managed keys. You provide your own key for disk encryption. You can bring your own keys to your Key Vault (BYOK – Bring Your Own Key), or generate new keys in Azure Key Vault to encrypt the desired resources.; Infrastructure encryption using platform-managed keys. By default, disks are automatically encrypted at rest using platform-managed encryption keys.

Availability and resilience

• Guaranteed availability: See SLA's for each service here https://azure.microsoft.com/en-gb/support/legal/sla/summary/?msclkid=0132c6f0a91b11ec927496d95a52a9a9
• Approach to resilience: Network reliability through intelligent software; Safe Deployment with AIOps; Resiliency threat modeling for large distributed systems; Low and no impact maintenance; For more detail please see https://azure.microsoft.com/en-us/features/reliability/#features
• Outage reporting: Through Azure Service Health which gives personalised alerts and guidance for Azure service issues via the supplier and through email alerts

Identity and authentication

• User authentication: Identity federation with existing provider (for example Google apps)
• Access restrictions in management interfaces and support channels: "Azure Active Directory is Microsoft’s multi-tenant cloud based directory and identity management service. Azure-AD provides an affordable, easy to use solution to give employees and business partners single sign-on (SSO) access to thousands of cloud SaaS Applications like Office365, Salesforce.com, DropBox, and Concur. For application developers, Azure-AD lets you focus on building your application by making it fast and simple to integrate with a world class identity management solution used by millions of organizations. Azure-AD also includes a full suite of identity management capabilities including multi-factor authentication, device registration, self-service password management, self-service group management, privileged account management.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password
• Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: We have policies for infrastructure security, physical security, availability, components & boundaries, network architecture, production network, SQL DB, operations, monitoring, integrity and data protection. For more information please visit https://docs.microsoft.com/en-gb/azure/security/fundamentals/infrastructure-availability

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Azure has developed formal standard operating procedures (SOPs) governing the change management process. These SOPs cover both software development and hardware change and release management, and are consistent with established regulatory guidelines including ISO 27001, SOC 1 / SOC 2, NIST 800-53, and others.; ; Microsoft also uses Operational Security Assurance (OSA), a framework that incorporates the knowledge gained through a variety of capabilities that are unique to Microsoft including the Microsoft Security Development Lifecycle (SDL), the Microsoft Security Response Center program, and deep awareness of the cybersecurity threat landscape.; Please see https://www.microsoft.com/en-us/SDL/OperationalSecurityAssurance and https://www.microsoft.com/en-us/sdl
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: When providing the Antimalware solution for Virtual Machines, Azure is responsible for ensuring the service is highly available, definitions are updated regularly, that configuration through the Azure Management Portal is effective and that the software detects and protects against known types of malicious software. MCIO-managed hosts in the scope boundary are scanned to validate anti-virus clients are installed and current signature-definition files exist.; ; Vulnerability scans are performed on a quarterly basis at a minimum. Microsoft Azure contracts with independent assessors to perform penetration testing of the Microsoft Azure boundary
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Microsoft Azure employs sophisticated software-defined service instrumentation and monitoring that integrates at the component or server level, the datacenter edge, our network backbone, Internet exchange sites, and at the real or simulated user level, providing visibility when a service disruption is occurring and pinpointing its cause.; ; Proactive monitoring continuously measures the performance of key subsystems of the Microsoft Azure services platform against the established boundaries for acceptable service performance and availability. When a threshold is reached or an irregular event occurs, the monitoring system generates warnings so that operations staff can address the threshold or event
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Microsoft has developed robust processes to facilitate a coordinated response to incidents.; • Identification – System and security alerts may be harvested, correlated, and analyzed.; • Containment – The escalation team evaluates the scope and impact of an incident.; • Eradication – The escalation team eradicates any damage caused by the security breach, identifies root cause for why the security issue occurred.; • Recovery – During recovery, software or configuration updates are applied to the system and services are returned to a full working capacity.; • Lessons Learned – Each security incident is analyzed to protect against future reoccurrence

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Hyper-V
• How shared infrastructure is kept separate: In the cloud-enabled workplace, a tenant can be defined as a client or organization that owns and manages a specific instance of that cloud service. With the identity platform provided by Microsoft Azure, a tenant is a dedicated instance of Azure Active Directory (Azure AD) that your organization receives and owns when it signs up for a Microsoft cloud service. Each Azure AD directory is distinct and separate from other Azure AD directories. The Azure AD architecture isolates customer data and identity information from co-mingling. For more information: https://docs.microsoft.com/en-us/azure/security/fundamentals/isolation-choices

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Please see https://www.microsoft.com/en-us/corporate-responsibility/sustainability

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our SMART AI platform advances public sector efforts to combat climate change by reducing carbon footprints through digital transformation. By enabling 24/7 self-service and automating routine enquiries, our technology significantly reduces the need for physical infrastructure and associated energy consumption. This digital shift minimises the environmental impact of commuting and office operations, aligning with governmental targets to reduce greenhouse gas emissions. Travelling to clients whilst implementing solutions is kept to the minimum and when travel is required the company policy is to use public transport. 90% of other interactions are exclusively online. By locating our hosting service in the Microsoft cloud we are proud to support a supplier their plans of carbon neutral https://blogs.microsoft.com/blog/2020/01/16/microsoft-will-be-carbon-negative-by-2030/

  Covid-19 recovery

  In the wake of COVID-19, our SMART AI platform plays a crucial role in the recovery process by supporting resilient and flexible public services. It alleviates pressure on front-line staff by providing robust self-service options across multiple channels, 24-7, allowing users to access services without physical interaction. This capability has been essential in maintaining service continuity during social distancing measures, enhancing the public sector's ability to adapt to similar future challenges efficiently. This has been repeated in other situations where inbound demand signifcantly increases for a period of time and the platform can deal with massive spikes. Post COVID-19 examples are the Ukraine refugee crisis and more recently the cost of living crisis.

  Tackling economic inequality

  Our SMART AI platform contributes to reducing economic inequality by democratising access to essential public services. By lowering operational costs through automation and AI-driven efficiencies, public sector organisations can reallocate funds to critical services and vulnerable communities. Additionally, our technology facilitates wider access to services, ensuring that economically disadvantaged groups receive timely and equal support, thus bridging the service gap across socioeconomic statuses. When working in different parts of the Uk, our on site activivites contribute to the local eceonmy through the use of facilitites such as local, hotel, restaurants and other local services when we are onsite.

  Equal opportunity

  To enhance equal opportunity, our SMART AI platform incorporates accessibility and inclusivity at its core. It adheres to WCAG 2.1 AA standards, ensuring that our digital services are usable by people with disabilities. We extend this commitment by supporting multiple languages, which not only aids non-native speakers but also fosters inclusivity in diverse demographic settings. This approach ensures that all community members have equitable access to public services, regardless of physical ability or language proficiency.

  Wellbeing

  Our platform enhances community wellbeing by offering round-the-clock access to public services, reducing stress and improving life quality for users. By automating routine tasks, we enable public sector organisations to focus more on personalised support where it matters most, improving overall service quality and user satisfaction. Additionally, the support for multiple languages and accessible interfaces ensures that all individuals, including those facing language barriers or disabilities, can engage with services comfortably and independently.

Pricing

• Price: £0.01 a transaction
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.smith@ics.ai. Tell them what format you need. It will help if you say what assistive technology you use.