BESPOKE SOLUTIONS CONSULTANCY LIMITED

Power Platform Assessment, Governance CoE and App Development

Bespoke Power Platform assessment assesses your maturity in governance, security, and platform management. It envisions use cases for development and creates a roadmap based on priority, complexity, business goals, and value. Following this, we construct your tailored, well governed infrastructure and validate it by developing a high-priority solution.

Features

• Develop strategy for embracing Power Platform on a wider scale.
• Create a roadmap for the most critical apps and workloads.
• Assess risks related to security and governance of platform infrastructure.
• Implement crucial components of enterprise architecture.
• Create and deploy prioritised solutions.
• Offers guidance on best practice processes and policies.
• Provide ongoing training and support services.
• Utilise Power Apps, Power Automate, Power BI and Copilot.

Benefits

• Drive continuous business value.
• Enhance efficiencies, streamline processes and boost productivity.
• Revamp and modernise existing applications or legacy technology processes.
• Address emerging business requirements.
• Adopt a comprehensive governance strategy.
• Mitigate risk through centralised platform management control.
• Leverage data insights from one data source.
• Optimise your license investments.
• Boost ROI.
• Empower your business with a secure platform.

£625.50 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jordan.brookes@bespoke-xyz.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

692595939931065

Contact

Jordan Brookes
01618832655
jordan.brookes@bespoke-xyz.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Power Platform
• Cloud deployment model: Public cloud
• Service constraints: There are no constraints involving planned maintenance arrangements, support or limitations to specific hardware configurations
• System requirements: Access to client tenant

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Dependent on customer requirements.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Low, Medium, High, and Critical. We also provide a support manager to help with any questions they may have.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We help users through a pre-sales discovery and guidance call to help them identify needs and pain points for their business.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Not applicable
• End-of-contract process: Not applicable

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Microsoft provides a mobile application compatible with iOS (10+), Android (4.4+), and Windows (10+), allowing users to configure access to records within the Power Platform.; ; Alternatively, the unified interface ensures that accessing the Power Platform via a web browser on mobile, desktop, or tablet provides a consistent user experience.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The unified interface for the Power Platform ensures that accessing the application on various devices, such as tablets, desktops, and mobiles, maintains a consistent look and feel. This ensures a streamlined user experience across devices.
• Accessibility standards: None or don’t know
• Description of accessibility: Accessible through the Power Platform App and Microsoft services
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: This can be controlled and configured by Bespoke
• API documentation: Yes
• API documentation formats:
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The Power Platform can be extensively tailored to meet the unique needs of each customer. As an integral part of our implementation process, Bespoke will provide comprehensive training to your core team, empowering them to efficiently manage and configure the solution in the future.

Scaling

• Independence of resources: Power Platform is hosted by Microsoft. Service includes platform monitoring allowing you to see in real-time if there are service or performance issues.

Analytics

• Service usage metrics: Yes
• Metrics types: Power Platform features metrics which can be monitored
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Power Platform allows us to configure exports to various common formats including CSV and Excel.
• Data export formats:
  • CSV
  • Other
• Data import formats:
  • CSV
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: Other
• Other protection within supplier network: N/A

Availability and resilience

• Guaranteed availability: Microsoft ensures service availability. The admin centre enables you to view any potential downtime or issues that might have caused system disruptions for various reasons.
• Approach to resilience: Multiple data centres around the globe
• Outage reporting: The Power Platform has admin controls where users can monitor applications in real-time.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Within the Power Platform, there is highly granular permission capability including business units, teams, and security roles. All the way down to field level security.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber essentials.
• Information security policies and processes: Information and cyber security risks are managed through Staff onboarding training, refreshers of training and policies, and periodic review of the above documents. This is supplemented by technical controls such as deployment of Microsoft Defender for Office 365 and regular review of the Microsoft security portal.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We always recommend working with an agile project management methodology so that the client is in control of which requirements are addressed and when through the sprint deliveries. ; ; In terms of technical change control, we recommend separate Development, Test and Live environments, so that all changes, as well as the deployment steps themselves, are tested prior to a solution impacting the live environment.; ; In addition, all our documentation and system releases are version-controlled, enabling a history of changes to be tracked.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All user accounts have Microsoft Defender for Office 365 licences, and all company owned devices have Defender Antivirus.; ; Bespoke will be working on Power Platform solutions on the client's tenant. Potential threats and patching are largely managed by Microsoft.; ; The latest Power Platform penetration tests may be found on the Microsoft Service Trust Portal:; ; Power Platform security FAQs - https://learn.microsoft.com/en-us/power-platform/admin/security/faqs#where-can-i-find-power-platform-or-dynamics-365-penetration-tests.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Bespoke will be working on Power Platform solutions on the client's tenant. Potential threats and patching are largely managed by Microsoft.; ; The latest Power Platform penetration tests may be found on the Microsoft Service Trust Portal:; ; Power Platform security FAQs - https://learn.microsoft.com/en-us/power-platform/admin/security/faqs#where-can-i-find-power-platform-or-dynamics-365-penetration-tests
• Incident management type: Supplier-defined controls
• Incident management approach: Bespoke provide an ongoing support service. Price on request depending on the complexity of the solution and the volume of users.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  Bespoke upholds principles of equity and fairness throughout its operations, firmly denouncing any form of discrimination. Equal opportunities have been a cornerstone of our employment practices, underpinned by our comprehensive equal opportunities policy. Breaches of this policy will result in disciplinary proceedings and, where warranted, disciplinary action.; ; The policy aims to prevent any discrimination, whether direct or indirect, based on factors such as race, colour, ethnic or national origin, religious belief, political opinion or affiliation, sex, marital status, sexual orientation, gender reassignment, age, or disability. We ensure this policy is shared with recruitment agencies responsible for our hiring process, and it is readily available to all employees and applicants for employment.

  Wellbeing

  Bespoke prioritises the well-being of its employees across all aspects of its operations. Our commitment to promoting employee wellbeing, has long been integral to our employment practices.

Pricing

• Price: £625.50 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jordan.brookes@bespoke-xyz.com. Tell them what format you need. It will help if you say what assistive technology you use.