Resource bookings
Our resource booking system is a cloud software service that allows your organisation to effectively manage access to a resource or a service that you provide.
With strong emphasis on customer self-service, the system streamlines the application process to keep staff involvement to a minimum at point of application.
Features
- Online booking facility
- Address checking ensuring only local residents gain access to resource
- Flexible booking schedules
- Automatic notifications to customer via email and optional text messages
- Built in reporting services
- Data extraction to familiar MS Office application formats
- Data management module for GDPR compliance
- Reminder emails/texts sent at predefined intervals before the booking
- No limit to the total number of system bookings allowed
Benefits
- Huge savings on manual administration
- Quickly react to service or council changes
- Reduction in staffing costs, less manual management of queues
- Eliminates unexpected demand
- Reduction in paperwork
- Provides automation of manual and time-consuming processes
- Can be tailored to your organisation
- Ability to close resources and change opening hours quickly
- Ability to to predict resource usage patterns
- Provides your team with a single point of management
Pricing
£5,995 an instance a year
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
7 0 3 8 0 8 5 9 9 4 2 4 7 5 3
Contact
Pentagull Ltd
Stuart Gilbert
Telephone: 0845 680 7147
Email: sales@pentagull.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
-
Maintenance Windows:- Maintenance windows for regular maintenance and product updates are always scheduled outside normal working hours.
We aim to give at least 48 hours’ notice of any planned maintenance work that we intend to undertake.
Product Schedules:- Product roadmap and related information is available on request. - System requirements
-
- Supported web-browsers
- Working LAN, firewall and internet connectivity
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Dedicated customer service number, manned from 9am to 5pm excluding English national holidays. All customers have access to our dedicated customer helpdesk via phone and on-line 24 -7.
• Priority A: - 1 hour
• Priority B: - 4 hours
• Priority C: - 1 day
By agreement for weekends and bank holidays. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- Support is standard and included within the licence charge. All customers benefit from the same excellent level of support. Each customer will be provided with a dedicated Account Manager available between 9am and 5.00pm.
- Support available to third parties
- No
Onboarding and offboarding
- Getting started
-
Pentagull will create a training plan based on evaluation of the functionality that has been specified within the ESB platform. We anticipate that there will be differing roles and responsibilities so this will be organised based on their individual tasks and access rights to the system. Pentagull will assess the numbers of users to be trained as well as the timeframe for rollout, based on this assessment we will select the most suitable delivery method. We have a variety of training methods:
• Individual training – one on one basis walking the user individually through the procedure of carrying out ordinary tasks
• Group training – as above but with multiple users
• Train the trainer – a more concentrated programme which accounts for the above but with the intention of permitting an individual to carry out internal training themselves.
• Classroom training – located at the offices of the client (with the tools to facilitate it) or at the office of Pentagull.
These training methods would be through a combination of onsite training, online training, and access to our extensive online documentation site. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
-
The service has in-built functionality to extract information in various formats available to the users.
If the data is required in a different format or there is a bespoke requirement to the extraction of the data then this will need to be estimated and the work costed accordingly with prices based on the SFIA rate card. - End-of-contract process
-
• All client data returned to client via data extraction process.
• Data return validated by client
• All client access deactivated
• Data permanently deleted on the system
• System decommissioned
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- Web browser
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- Use of accessibility tools such as JAWS have been tested for use with browser form UI. Labels and field content have been verified for speech output. We also utilise the WAVE suite of evaluation tools to ensure our content is accessible for people with disabilities.
- API
- No
- Customisation available
- Yes
- Description of customisation
-
The ESB platform provides the functionality to perform in-depth customisation straight out of the box. You can rename and add new fields and sections to your processes with ease. PDF templates can be created and amended to be automatically produced by the system along with bespoke email notifications for your staff or customers.
Our in-built granular permission set allows for precise access changes to processes as staff and situations change without having to resort to contacting Pentagull thus ensuring you have control to deal with variations in the work.
More experienced users can go even further and amend the rules that govern the automation for your processes. This allows you to continually make changes in the workflow of your process ensuring it remains fit for purpose and effective all without incurring any additional costs. Features such as allocation of work to shared or individual workbaskets within the system can be configured by your own staff.
All this customisation is available with no coding knowledge required, the platform is designed to be used by anyone with basic computer literacy and a few days training.
Scaling
- Independence of resources
-
A series of key performance metrics are constantly monitored, ranging from low level operating system counters to high level application layer metrics. This allows us to automatically respond to increases in demand by scaling up the resources allocated to the application before any impact is felt by end-users. By partnering with Amazon Web Services we are able to leverage the vast resources of their Elastic Compute Cloud
(EC2) to ensure that we can continually exceed our capacity requirements.
Analytics
- Service usage metrics
- Yes
- Metrics types
- As a web application our primary performance metric is the page response time. This is carefully monitored to ensure it stays within acceptable levels. In addition to the HTTP response metrics, a number of lower-level metrics are monitored to ensure the application stack remains healthy and responsive. These include CPU usage, memory usage and disk I/O metrics.
- Reporting types
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- A wide variety of formats and platforms are supported for secure data export. Some will be chargeable over and above the standard formats listed below.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
Service Availability - 99.9% up-time per month
Service Availability - 24 hours per day (all days)
Response time for accessing screens - within 3 seconds (99% of the time)
Response time for system searches - within 5 seconds (97% of the time)
Pentagull will work with each of our customers on an individual basis to determine if a recompense model is required to meet the needs of the specific council or public department/ organisation. We strive to exceed, wherever possible, our SLA targets for service levels.
In the unlikely event of failure to meet our SLA targets we would invoke the agreed process which would award an appropriate level of service credits by way of compensation. - Approach to resilience
- Our service is hosted on infrastructure provided by Amazon Web Services, who provide a monthly uptime percentage of 99.99%. To achieve maximum resiliency, we utilise all 3 AWS London data centres (known as Availability Zones) as either active or DR locations. This means that in the event of total data centre failure we are able to resume service using one or both of the alternate locations. Impacts to service delivery caused by more routine events such as server patching, server reboots and failure of individual components are mitigated through the use of load balancing and redundant storage. At the network level, AWS provides multiple carrier-independent feeds to each of its data centres.
- Outage reporting
-
Customer's are contacted directly by a member of the company.
Email alerts can be setup upon request from Pentagull monitoring tools.
The email alerts service is hosted using infrastructure that is totally independent from that which is used to host the service, ensuring that even a catastrophic failure of AWS infrastructure does not affect our ability to communicate with our customers.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
-
Access is restricted to designated support staff at a level required for them to perform their role.
In terms of management interfaces there is an escalation process in place whereby senior staff can interface if required. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- World Certification Services
- ISO/IEC 27001 accreditation date
- 26/02/2020
- What the ISO/IEC 27001 doesn’t cover
- There are no exclusions in Pentagull ISMS Statement of Applicability (Annex A) ISO 27001:2013 covers all aspects of Information Technology Security
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- Quality Management ISO9001:2015
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- As part of our ISO27001 certification, Pentagull applies its comprehensive ISMS (Information Security Management System) throughout the Company. The ISMS manager reports all incidents directly to the board of directors. All policies which form part of the ISO 27001 system are applied to staff as part of their induction to the Company and their yearly reviews. Any policy changed outside this time frame is applied when required.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Change control to our ESB platform’s core is managed through the practice of continuous integration (CI). Each build is tracked through formal version control process supported by a software version control system.
Each new release has formal unit, integration, security and regression testing and is released into our test environment before subsequently being deployed onto our customers live environments. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Our vulnerability management process is based on industry standards combined with advice from our own hardware/software suppliers. We regularly review our infrastructure to ensure we identify and categorise components based on risk/impact.
Patching is automated where it’s practical to do so, outside of this there we have a robust patch management procedure including a named individual responsible for patch management. All patches are applied within 7 days of release.
In order to keep abreast of the latest infrastructure threats we obtain information from multiple sources - our own hardware, software and infrastructure suppliers, additionally from a number of industry outlets. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
We employ proactive monitoring of various logs to detect unusual patterns of activity. This includes traffic and request patterns, authentication attempts and analysis of source IP addresses.
Our Incident Management System is used to manage and respond to any suspected compromise. This provides us with a structured way of handling potential security issues at each step of the investigation, and ensuring timely disclosure to our customers where appropriate. All suspected security incidents are investigated within 24 hours and co-ordinated by our Security Officer. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Customers are able to report incidents using our support portal, this is logged directly into our support desk system with automated RAG categorisation and escalation of priority items.
Workflow within this system is also capable of routing specific problems or customers to an individual or team.
The teams also have access to a knowledge based system that enables for rapid diagnosis of problems.
We proactively monitor incidents on a regular basis to highlight any mitigation that we can put in place to reduce the likelihood of re-occurrence.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Pentagull have actively been recording and monitoring our organisations carbon footprint over the last three years. We had a board level commitment on 2021 to achieving net zero by 2023, we are proud to say we have achieved this objective by 2022 and continue to be net zero. Small steps that have taken us to our objective over the last three years were:
• Installation of LED lighting in our office – reducing energy consumption and CO2 emissions
• Having our test and staging environments run on demand, rather than 24-7
• Reduce business travel through utilisation of technology (switching to virtual meetings)
• Switching to an energy supplier with a key focus on renewable, sustainable energy sources
• Where work circumstances allow, employees given options for flexible working model to
reduce accommodation requirements
• Increasing awareness regarding minimising energy use
• Engage with supply chain to ensure suppliers set science-based carbon reduction targets and commit to net zero
More details about our net zero strategy are contained on our corporate website.Tackling economic inequality
SME’s like ours form the backbone of the UK economy, supporting local communities to grow and be prosperous.
We are acutely aware that our head office is located in a town that accounts for eight of the ten most deprived neighbourhoods nationally, we help combat this trend by:
Supporting our local SME’s through our supply chain.
Giving good employment opportunities to a locally deprived area.
Supporting training/apprenticeship opportunities for our existing staff to a minimum of BTEC Level 3Equal opportunity
A company is only as good as the people within it, as such we try very hard to create a company that’s the right fit for each of our employees. Our beliefs and culture underpin our commitment to putting our people first.
We have the following policies in place that help support equal opportunity:
• Flexible working policy
• Family friendly policies
• Fair Pay - Pentagull is an accredited Living Wage Employer
• Volunteering policies
• No use of zero hours contractsWellbeing
Physical, fitness and mental stability is one of our top corporate development goals over the coming two years.
Our approach to this is underpinned by various initiatives:
• Supportive technology for those with a disability or health
condition.
• Supporting our staff with any volunteering/charitable projects
they care to work on both in terms of time-off and donations.
• Regular away days/events
• We incorporate national health and wellbeing campaigns within
our communications calendar, raising employee awareness and
signpost to useful support tools. Campaigns such as:
• Stress awareness day
• Mental health awareness week
• National eye health week
• World diabetes day
• Stress awareness month
• Suicide prevention day
• Men's health week
• Women's health month
Pricing
- Price
- £5,995 an instance a year
- Discount for educational organisations
- No
- Free trial available
- No