Aqovia

NeuerEnergy Net Zero and ESG platform (powered by Aqovia)

Harness our years of extensive net-zero and ESG expertise through a platform that simplifies sustainability. Trusted by Richmond & Wandsworth Councils, NKDC, Westminster City Council, and Port of Dover, we help optimise energy, track emissions, and ensure compliance, enabling you to achieve your ESG goals efficiently and with reporting transparency.

Features

• Customisable and Scalable: Platform flexibility and scalability​​.
• Integration with Existing Systems: Integration capabilities with infrastructure​​​​.
• Education and Capacity Building: Educational resources and training modules​​.
• Data Protection: Adherence to security and data protection standards​​.
• Stakeholder Engagement and Reporting: Stakeholder reporting and engagement tools​​.
• Regulatory Alignment: Compliance checks and support for sustainability standards​​​​.
• Carbon Reduction Initiatives: Scenario analysis and implementation planning tools​​.
• Sustainable Supply Chain Management: Integrated supply chain sustainability management​​.
• Energy Resource Optimisation: Energy, reduce waste, and enhance operational sustainability.
• Emissions Tracking/Reporting: Centralise, automate, and report all emission scopes.

Benefits

• Real-time dashboards for informed sustainability strategy decisions.
• Reduce costs and improve efficiency with optimization tools.
• Automated regulatory updates ensure ongoing compliance.
• Monitor ROI and justify sustainability investments effectively.
• Seamless integration with existing systems ensures data consistency.
• Enhance employee engagement through CSR initiatives.
• Boost brand reputation using sustainability achievements.
• Develop a resilient supply chain with sustainability assessments.
• Sustainable practices aid innovative product development.
• Mitigate environmental compliance risks with analytics.

£7,800 an instance a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at louis.sutherland@aqovia.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

684094855583618

Contact

Louis Sutherland
07473520134
louis.sutherland@aqovia.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: A working internet connection and recent version of one of the major internet browser.
• System requirements:
  • Ability to upload data in excel format
  • Internet accesss
  • Must have the latest version of a modern web browser.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Priority Level Agreement; ; Priority 1:; ; Acknowledgement: Within 1 hour.; Work-Around: Within 4 hours.; Fix: ASAP.; ; Priority 2:; ; Acknowledgement: Within 1 hour.; Work-Around: Within 8 hours.; Fix: ASAP.; ; Priority 3:; ; Acknowledgement: Within 1 hour.; Work-Around: Within 5 days.; Fix: As agreed.; ; Priority 4:; ; Acknowledgement: Within 1 hour.; Work-Around: Within 3 weeks.; Fix: In next release.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support Levels:; ; Standard Support: Included with all subscriptions, grants access to our helpdesk and online resources. Report issues and request assistance via ticketing system or email, with guaranteed response times per our SLA. Available during regular business hours.; ; Premium Support: Available for an extra fee, extends service hours, reduces response times, includes proactive system checks, and frequent performance reports.; ; Costs:; ; Standard Support: Included in subscription fee.; ; Premium Support: Costs vary based on service tier and additional features required. Tailored for those needing more than Standard Support.; ; At Aqovia, we offer tailored technical support for our NeuerEnergy platform:; ; Technical Support Roles:; ; Customer Success Manager (CSM): Assigned to every subscriber, technically skilled, understands and meets business requirements, main point of contact ensuring a smooth experience.; ; Escalation to Technical Experts: Support may escalate to include a Technical Account Manager (TAM) or Cloud Support Engineer based on complexity and technical demands. These specialists offer deeper technical expertise and strategic support, ensuring technology aligns effectively with business goals.; ; Our need-based escalation approach guarantees appropriate support levels when required, maintaining efficiency and effectiveness without constraints of standard or premium service tiers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: To ensure smooth integration of our services into your organisation, we offer a tailored onboarding process. Initially, we conduct a project kick-off meeting to align on objectives, scope, timelines, and deliverables. Following this, we engage stakeholders and plan data collection, ensuring thorough understanding and cooperation. Throughout the process, we provide ongoing support and guidance, addressing any queries or concerns promptly.; ; In addition, we offer comprehensive documentation detailing steps for utilising our services. This serves as a valuable resource, offering clear guidance on data collection, analysis procedures, and reporting requirements. Furthermore, we provide tailored training sessions, either onsite or online, to equip users with the necessary skills and knowledge to navigate our platform effectively.; ; By combining personalised support, detailed documentation, and tailored training sessions, we empower users to confidently utilise our services. Our aim is to facilitate a seamless onboarding experience, enabling your organisation to maximise the benefits of our collaboration. With our assistance, you can navigate the process efficiently, ensuring that you derive maximum value from our services and achieve your sustainability goals effectively.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: If the customer is not renewing they can extract their data via the tools provided or the data extraction can be provided by NeuerEnergy at an additional cost.; The Customer should, no later than ten days after the effective date of the contract end, submit a written request for the delivery of the then most recent back-up of the Customer Data and any attachments that have been uploaded to the system.; On termination of the service, a copy of the Customer data can be supplied within 30 days of receipt of a written request. Normally provided in CSV format with any attachments. An option for XML or JSON format would be available for a fee. The Customer shall pay all reasonable expenses incurred by the Supplier in returning of Customer Data.
• End-of-contract process: In addition to the data extraction process, access will be removed on the first day after the end of the contract. ; All instances and environments will be archived after 30-days of the end of the contract. After a further 30-days, all data, instances, and environments will be deleted. ; The Customer will be able to request further access to their data in accordance with the timescales listed above for an additional fee. Access can be extended beyond the defined windows for an additional fee.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: While our service is designed with mobile usability in mind, there may be minor differences between the mobile and desktop versions. These differences are small and unlikely to impact functionality, ensuring a seamless user experience across all devices.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Users can perform a variety of tasks using our API:; Making Changes through the API: The API facilitates modifications to certain aspects of the service, such as adjusting settings or updating basic data structures. However, users may encounter limitations when attempting more complex changes or integrations with specific enterprise platforms. In such cases, manual adjustments or alternative methods may be necessary.; Limitations on Making Changes through the API: While the API offers flexibility, there are inherent limitations based on the complexity of certain configurations or integrations. Users may find that achieving specific setups or making certain changes requires additional steps beyond what the API alone can provide. Additionally, compatibility issues with certain enterprise platforms may necessitate workarounds or custom solutions. Despite these limitations, users can still accomplish tasks such as data uploading and sharing between platforms to a significant extent using our API.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
  • Other
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Users can personalise our service extensively:; What can be customised: Users have control over layout dashboards, determining which data is visible. They can also customise widgets, tailoring data displayed on them to their preferences.; How users can customise: Customisation features are easily accessible within our platform's user interface. Users can adjust layout dashboards to display relevant data and configure widgets to show specific information as desired.; Who can customise: Authorised users, typically administrators or designated personnel within the organisation, have the ability to customise the service. They can tailor layout dashboards and widgets according to the needs of their teams or departments.; Additionally, users can directly export data as required, enhancing the service's adaptability and utility.

Scaling

• Independence of resources: Load balance

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users have the option to export their data in PDF or CSV format. They can initiate this process manually by accessing the "Export Data" feature within the application interface. Once selected, the data will be exported to either a PDF or CSV file, depending on the user's preference. This provides users with flexibility in obtaining their data in formats suitable for their needs.; Additionally, with Aqovia's NeuerEnergy can export the data on the Customers behalf and provide it in a PDF or CSV format.
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Aqovia's NeuerEnergy platform's systems offer robust monitoring and communication processes to ensure optimal application availability and performance. The systems are under continuous surveillance 24/7, enabling immediate detection of issues through automated alerts that notify our advanced support team. All service issues are communicated to relevant stakeholders and discussed during monthly Service Review meetings with clients where applicable.; ; The service operates 24 hours a day, Monday through Friday (24x5), with a commitment to maintaining 99.5% system availability during these business hours. ; ; Maintenance events, which are excluded from uptime calculations, adhere to contractual clauses and are limited to not exceeding 4 hours in any calendar month. This approach ensures minimal disruption and maintains system efficiency and reliability.; ; Availability of Hosting Services; In the event that the Supplier fails to achieve the specified availability thresholds within a given calendar quarter, the Supplier will provide the Customer with a Service Credit against the next annual Software Licence Fee as per the SLA document agreed . Please note that service credits are not cumulative and will not be carried over from one quarter to another.
• Approach to resilience: Our SaaS platform is meticulously engineered to embody resilience, ensuring uninterrupted service delivery. Leveraging Azure as our hosting provider, we uphold the highest standards of reliability. Our datacentre setup is designed with robust resilience measures, aligning closely with the government's Cloud Security Principle of 'Asset Protection and Resilience'. While specific details regarding our datacentre setup are not disclosed publicly, we are committed to transparency. Upon request, comprehensive information regarding our resilience strategies is available for scrutiny. Azure's infrastructure provides a solid foundation, offering fault-tolerant systems and redundancy mechanisms to mitigate potential disruptions. Our architecture encompasses redundant components, load balancing, and automated failover mechanisms to swiftly respond to any unforeseen events. Additionally, we employ continuous monitoring and proactive maintenance practices to identify and address vulnerabilities promptly. By prioritising resilience in our design and operations, we assure our customers of a dependable and resilient service experience, safeguarding their critical data and operations.
• Outage reporting: Email alerts; These alerts, generated and distributed by our technical and customer success teams, play a pivotal role in our commitment to meeting our SLA obligations. They ensure that users are promptly notified of any service disruptions or incidents, aligning closely with the response time stipulated in our SLA. This streamlined approach to outage reporting via email alerts reflects our dedication to transparent communication and the swift resolution of issues for our users, in accordance with our Service Level Agreements as might be agreed with each buyer.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Named user - username and password
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Less than 1 month
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We maintain stringent security processes.; ; Compliance Standards:; We align our security governance with best practices similar to those outlined in ISO/IEC 27001 and other relevant standards, although not formally certified.; ; Security Governance Approach:; Our approach to security governance is rigorous and systematic. We employ a comprehensive Information Security Management System (ISMS) reviewed annually to ensure continuous alignment with industry best practices. Our Chief Technology Officer oversees this, ensuring strict compliance through regular training, audits, and performance monitoring to manage and mitigate risks effectively.
• Information security policies and processes: Aqovia's NeuerEnergy platform adheres to stringent information security policies and processes, governed by our comprehensive Information Security Management System (ISMS), which aligns with ISO 27001 standards. Our ISMS is reviewed annually, most recently in May 2024, ensuring our practices remain robust and responsive to the latest security challenges.; ; Policies and Processes:; ; Password Policy: We implement Microsoft 365 Security Defaults and equivalent Google Workspace settings, mandating strong passwords and multi-factor authentication.; Subcontractor Compliance: All subcontractors are contractually required to adhere to our security policies, undergoing rigorous onboarding and continuous monitoring.; ; Reporting Structure:; ; Our Chief Technology Officer (CTO), also our Information Security Officer, oversees our ISMS, ensuring strategic alignment of security with business objectives.; Security policies are enforced across departments with regular audits to ensure compliance. Non-compliance issues are escalated through structured channels to the CTO and addressed promptly.; ; Ensuring Policy Adherence:; ; Training and Awareness: All employees participate in regular cybersecurity training.; Regular Audits: Internal and external audits assess adherence to security policies.; Performance Metrics: Key performance indicators related to security incidents and response times ensure continuous improvement.; ; This approach guarantees active adherence to our security protocols, maintaining data integrity and confidentiality.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We utilise Jira, Confluence, and GitHub to manage our configuration and change processes effectively. Through these tools, each component of our services is meticulously tracked from inception to retirement, ensuring complete lifecycle visibility. Changes are proposed and documented in Confluence, with tasks and workflows managed in Jira, and code changes handled through GitHub. For security, each change undergoes a detailed assessment using risk and issues logs to evaluate potential security impacts. This process helps us identify vulnerabilities early and mitigate risks efficiently, maintaining the integrity and security of our services.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Systems are monitored using both automated tools including Azure monitoring services and manual checks. We stay informed about emerging threats by closely following industry news, alerts from trusted sources like security advisories, software vendors, industry-specific threat feeds. Threats are pro-actively identified and mitigated through penetration testing and an OWASP-based Web Application Firewall.; Once a vulnerability is identified, we assess its severity and potential impact on our services. We prioritise vulnerabilities based on factors such as the exploitability, potential impact, and the availability of patches or workarounds. Critical vulnerabilities are addressed with the highest priority. Security patches are applied within 30-days
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We monitor our systems, networks, and endpoints for suspicious activities, unauthorised access attempts, and indicators of compromise. This includes analysing logs, network traffic, and system behaviour for anomalies that may indicate an incident. ; We have incident response procedures that outline steps to be taken based on severity and nature of the incident. Including collecting data for analysis, and notifying relevant stakeholders. Our response is coordinated and collaborative, involving cross-functional teams.; We prioritise incidents based on their severity and potential impact on systems, data, and operations. Critical incidents are addressed immediately. For other incidents, we aim to respond per the SLA.
• Incident management type: Supplier-defined controls
• Incident management approach: We have predefined processes for common events, which are documented in our Incident Response Plan. These processes outline the steps to be taken for different types of incidents, including data breaches, malware infections, denial-of-service attacks, and unauthorised access attempts. Each process includes clear roles and responsibilities, escalation procedures, and protocols to facilitate a coordinated response.; Users can report incidents through email or over the phone. Reports are triaged and escalated to the appropriate team based on the severity and nature of the incident.; Once resolved, we provide reports to communicate the details, including cause, impact, remediation steps, and lessons learned.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Aqovia's NeuerEnergy ESG platform is at the forefront of addressing climate change through our G-Cloud services, actively supporting the UK government's environmental goals. Our platform facilitates comprehensive carbon footprint analysis and management, helping organisations transition towards low-carbon operations. By implementing our technology, clients can monitor and reduce emissions across all aspects of their business, contributing to the national target of net zero emissions. Our approach includes the integration of renewable energy sources, optimisation of energy use, and strategic planning for long-term environmental sustainability. Through collaboration with industry experts and leveraging cutting-edge technology, we provide actionable insights and scalable solutions that enhance environmental stewardship while maintaining business efficiency and compliance with evolving environmental regulations. This proactive engagement not only supports our clients' sustainability goals but also aligns with global efforts to combat climate change, reinforcing our commitment to responsible environmental management.

  Covid-19 recovery

  In response to the COVID-19 pandemic, Aqovia has developed robust solutions to support the recovery and resilience of businesses and communities. Our remote working technologies have been pivotal in maintaining continuity for organisations while ensuring the health and safety of employees. We offer tailored services that help businesses adapt to new operational challenges, such as configuring workspaces for social distancing, enhancing digital security for remote operations, and supporting mental and physical health in the workplace. Our efforts extend beyond immediate recovery, aiming to build long-term resilience against future disruptions. By promoting innovative work practices and sustainable business models, we help organisations navigate the post-pandemic landscape. This commitment to recovery is reflected in our partnerships with health organisations and community groups, where we provide support and resources to manage the ongoing impacts of the pandemic, strengthen community ties, and foster a culture of health and well-being.

  Tackling economic inequality

  Aqovia is dedicated to reducing economic inequality through our G-Cloud services by fostering job creation, entrepreneurship, and educational opportunities. We focus on areas with high unemployment and economic deprivation, implementing programmes that equip individuals with the necessary digital skills for today's job market. Our initiatives include partnerships with educational providers to provide training and certifications that are directly aligned with industry needs. We also support small businesses and startups by offering access to our platforms and expertise, enhancing their growth potential and economic impact. By creating opportunities for people who face barriers to employment, such as those from disadvantaged backgrounds or with disabilities, we contribute to social mobility and economic diversity. Our comprehensive approach not only addresses immediate job needs but also prepares the workforce for future technological advancements, ensuring long-term economic sustainability and equality.

  Equal opportunity

  Aqovia champions equal opportunities by embedding inclusivity into our corporate culture and business practices. Our commitment is demonstrated through rigorous adherence to equality and diversity policies, proactive recruitment strategies that target underrepresented groups, and continuous training programs that promote an inclusive workplace. We monitor our progress through regular audits and feedback mechanisms, ensuring that our goals for diversity and inclusion are met and that all employees feel valued and empowered. By fostering a culture that respects and celebrates diversity, we attract and retain a talented workforce that reflects the communities we serve. Our efforts extend beyond employment, influencing our supply chain and partnership choices, where we advocate for equal opportunities and support businesses that uphold similar values.

  Wellbeing

  Prioritising the wellbeing of our employees, Aqovia has implemented a comprehensive health and wellness program that addresses both physical and mental health. Our initiatives include flexible working arrangements that accommodate personal and family needs, and mental health support services to promote preventive care. We believe that a healthy workforce is more productive and engaged, and our policies are designed to support our employees in achieving a balanced and fulfilling work-life experience. By investing in health and wellbeing, we enhance employee satisfaction and retention, reduce absenteeism, and improve overall business performance. Our approach is holistic, considering various aspects of wellbeing, including financial health, career development, and social connectivity, ensuring that our employees are supported comprehensively throughout their tenure with the company.

Pricing

• Price: £7,800 an instance a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at louis.sutherland@aqovia.com. Tell them what format you need. It will help if you say what assistive technology you use.