Social Value Portal

Social Value Measurement, Management and Reporting

A platform for comparing, measuring and managing Social Value commitments and monitoring their delivery, according to the principles of the Public Services (Social Value) Act 2012.

Using the National TOMs as a base, tailor social value Themes, Outcomes and Measures that apply to a specific organisation or community.

Features

  • Social Value Policy and Strategy
  • Social Value Calculation
  • Social Value Measurement and Management
  • Social Value Corporate and Project Reporting
  • Social Value Training
  • Social Value Procurement Platform and Support
  • Procurement with National TOMs
  • UN Global Goal/Sustainable Development Goal Reporting
  • Social Value Contract Management
  • Social Value Market Place/Community Wealth Building Platform

Benefits

  • Uses consistent, transparent approach to measuring social value
  • Uses social value robustly as part of procurement
  • Monitors the delivery of social value commitments
  • Differentiates between bids by considering their social impact
  • Monetises social value outcomes to compare/report total Social Value Add
  • Aggregates social value across departments/regions showing where impacts accrue
  • Uses dashboards to view progress towards social value targets
  • Illustrates geographical spread of social value with GIS mapping
  • Sets up sub-accounts to reflect your organisation hierarchy

Pricing

£6,000 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@socialvalueportal.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

7 1 6 8 2 2 8 7 0 0 1 1 0 7 4

Contact

Social Value Portal Guy Battle
Telephone: 02033550530
Email: sales@socialvalueportal.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Planned maintenance will occur periodically outside of standard business hours, with warning provided to customers in advance.
System requirements
  • Internet connection
  • Chrome, Firefox, Safari 5 or above, IE 9 or above
  • Please enable javascript, cookies, and TLS 1.2

User support

Email or online ticketing support
Email or online ticketing
Support response times
We aim to respond to queries within 1 working day. Support is currently available during normal business hours, Monday to Friday.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We provide a standard level of support to our customers, included as standard in our pricing structure. Each customer account has a dedicated account manager, and may escalate to managers or technical support as necessary. On site training and support is available as standard part of the membership, with additional support available on request.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide onsite training and user documentation.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Users may download copies of their data in CSV format when a contract ends.
End-of-contract process
At the end of a contract, user credentials will be deprovisioned.
User data may be requested at the end of the contract, and will be provided in CSV format if requested.
Any personal data associated with the user account will be deleted after a period of one year.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Pages are designed to be responsive to screen size, with layouts adapting for use on smaller screens and accessible using a touchscreen interface.
Service interface
No
User support accessibility
WCAG 2.1 A
API
Yes
What users can and can't do using the API
Users can query account and project data, create projects and update project data through the API. Users may request credentials to access the service through their Social Value Advisor. Sandbox environments to test the integration are available on request.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
A social value questionnaire must be used to outline the key themes, outcomes and measures that are to be measured as part of a project, and users may customise this to reflect their specific social value policy, or policies that they are responding to.
Customer branding may be included on certain pages accessible to their suppliers.
Account hierarchies may be set up and customised to provide an organisational structure to arrange projects, and restrict access to specific users.

Scaling

Independence of resources
Our platform is hosted on a public cloud platform provider (Salesforce) that provides assurances regarding performance degradation and user number limits. The user limits in terms of page views and access are far and away in excess of what we would expect to provide for, and are monitored and reviewed regularly.

Analytics

Service usage metrics
Yes
Metrics types
Number of Active Users
Number and Status of Live Projects
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users may export their data in Microsoft Excel (html), CSV, or PDF formats, using export functions. They are able to export data at the account level (including sub-accounts), the project level (including all social value records associated with that project), and the social value record level (including all responses associated with that record).
Data export formats
  • CSV
  • Other
Other data export formats
  • XLS
  • PDF
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Neither we nor the platform on which the services are built offer a specific SLA on availability. However the platform on which the services are built has a redundant network and comprehensive data backup and recovery plan, that has provided a >99.9% uptime historically. We (and the platform) commit to use all commercially reasonable efforts to make the online platform available 24 hours a day, 7 days a week, except for: (i) planned downtime (of which we shall give advance notice), and (ii) any unavailability caused by circumstances beyond our reasonable control.
Approach to resilience
The datacentres where our data is stored are managed by our cloud hosting provider. According to the provider:
All networking components, network accelerators, load balancers, Web servers and application servers are configured in a
redundant configuration. All Customer Data submitted to the Covered Services is stored on a primary database server with
multiple active clusters for higher availability. All Customer Data submitted to the Covered Services is stored on highly
redundant carrier-class disk storage and multiple data paths to ensure reliability and performance. All Customer Data
submitted to the Covered Services, up to the last committed transaction, is automatically replicated on a near real-time basis
to the secondary site and is backed up on a regular basis and stored on backup media for an additional 90 days in production
environments and 30 days in Sandbox environments after which it is securely overwritten or deleted. Any backups are
verified for integrity and stored in Salesforce data centers.
Outage reporting
Service outages will be reported through:
Public website notifications (hosted separately to the service)
Social media alerts
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Access is restricted in management interfaces and support channels using two factor authentication and strong password policies, and making use of defined users profiles that restrict permissions and access.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Specific members of the organisation are tasked with responsibility for security, one at the board level and one at the operational level. Security is a key element of our ongoing business strategy, which is inherently tied to our IT strategy. Security and privacy training is provided to employees with access to the platform. This ensures that there are clear decision making processes in place to maintain security best practice, compliant with the latest legislation.
Information security policies and processes
The company has a suite of policies relating to information security:
- Information Security Policy
- Remote Access Policy
- Acceptable Use Policy
The responsibility of the security and integrity of IT systems and data stored thereon lies with our Information Officer. Line managers are required to ensure that all users under their direction must adhere to and comply with information security policies. Training and support is provided to employees to ensure that they understand their requirements.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The various components of the service are all handled and tracked through the cloud platform that the service has been built on.
Potential changes are proposed to the technical team, which reviews the requirements and assesses the potential impact on the service and security. Major changes require approval from a director. Development and testing of changes occurs in sandbox environment prior to being deployed into the production environment.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The vulnerability management process is driven through the cloud platform provider on which the service is built. This includes security tools to monitor system activity in real time to assess threats and intrusion attempts. Application and database activity is monitored,while event management tools call attention to potential threats. The system is updated periodically with regular security updates, and patches are deployed automatically to our service.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Protective monitoring is provided through the cloud platform provider on which the service is built. This includes security tools to monitor system activity in real time to assess threats and intrusion attempts. Application and database activity is monitored,while event management tools call attention to potential threats. The system is updated periodically with regular security updates, and patches are deployed automatically to our service.
Incident management type
Supplier-defined controls
Incident management approach
The platform on which the service is built undergoes an independent evaluation in the form of SOC 1 (SSAE 16 / ISAE 3402), SOC 2 and SOC 3 reports.
For incidents specific to our service, users report incidents to our support team through the standard support channels. Incident reports are logged by the support team or account manager, and if necessary feedback is provided internally, or externally through the platform.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

Social Value Portal’s entire proposition is built on social value creation. We don’t expect others to become social value creators if we are not contributing too.

We’re committed to creating value for the communities and people where we work. We learn by doing, which is why Social Value Portal has always been proactive in delivering our own corporate responsibility.

Our Social Value Action Plan targets £1,888,412 of social value delivered by our staff between 2022-2025*. Furthermore, we’ve pledged to work with our customers to deliver £100 billion of social value by 2025.

Our targets to fight climate change include our policy and programme to achieve net zero carbon including a monitoring plan with specific milestones.

Savings in CO2 emissions will also be achieved through de-carbonisation of our business activities.

We’re proactive to uphold our vision of a world where people and organisations collaborate to build flourishing and sustainable communities for all.

The purpose of the TOMs is to report added value. In environmental terms, this means going above and beyond the minimum required, and to support initiatives that help the world to decarbonise as quickly as possible. It also means pushing for a “green normal”, rather than treating environmental outcomes as a bolt-on or an afterthought.

*Utilising the National TOMs Framework methodology
Covid-19 recovery

Covid-19 recovery

Our Social Value Action Plan targets £1,888,412 of social value delivered by our staff between 2022-2025*.

The Covid-19 pandemic has focused attention like never before on how we all live our lives and how we all run our businesses. What is beyond dispute is that we can all improve the quality of our lives and our environment by accounting for social value.

We measure environmental, social and economic activities and help to identify, prioritise and measure the additional social value delivered through a contract in terms that are meaningful to internal and external stakeholders.

Measures in our Action Plan to support Covid-19 recovery include:

- Mental Health campaigns for staff on the contract to create community of acceptance, remove stigma around mental health
- Provision of expert business advice to VCSEs and MSMEs (e.g. financial advice / legal advice / HR advice/ HSE)

*Utilising the National TOMs Framework methodology
Tackling economic inequality

Tackling economic inequality

We’ve already created almost £12 billion in social value with our members. As more organisations across the public, private and voluntary sectors commit to providing social value support, we know that we can achieve even more. We’ve pledged to work with our customers to deliver £100 billion of social value by 2025.

Our Social Value Action Plan targets £1,888,412 of social value delivered between 2022-2025*.

Measures in our Action Plan to tackle economic inequality include:

- Total amount (£) spent with VCSEs in our supply chain
- Provision of expert business advice to VCSEs and MSMEs (e.g. financial advice / legal advice / HR advice/ HSE)
- Equipment or resources donated to VCSEs
- Equipment or resources donated to VCSEs (£ equivalent value)
- Number of voluntary hours donated to support VCSEs
- No. of employees (FTE) hired by the organisation during the reporting period, who are long term unemployed/NEET/ex-offender/disabled (unemployed for a year or longer) as a result of a recruitment programme
- No. of staff hours spent on local school and college visits e.g. delivering career talks, curriculum support, literacy support, safety talks (including preparation time)
- No. of weeks of apprenticeships, for apprenticeships that have either been completed during the year or that will be supported to completion in the following years by the
- No. of hours of support into work provided to under 24 y.o. (young people) unemployed people through career mentoring, including mock interviews, CV advice, and careers guidance
- Meaningful work placements that pay Real Living wage according to eligibility - 6 weeks or more (internships)

*Utilising the National TOMs Framework methodology.
Equal opportunity

Equal opportunity

We’ve already created almost £12 billion in social value with our members. As more organisations across the public, private and voluntary sectors commit to providing social value support, we know that we can achieve even more. We’ve pledged to work with our customers to deliver £100 billion of social value by 2025.

As part of our Social Value Action Plan we measure the following within our organisation:

- Percentage of women (FTE) employed in leadership positions in our organisation

- Percentage of people from Ethnic Minority Groups (FTE) employed in leadership positions

- Organisation's median gender pay gap for staff

- Organisation's median ethnicity pay gap for staff

Furthermore, we carry out a Diversity and Inclusion survey every year.

This approach enables meaningful direct action to be steered both by local need and by the overarching strategic aims of the organisation aiming to deliver social value. Implemented effectively, the TOMs framework then creates a mutually reinforcing link between strategy and delivery.

*Utilising the National TOMs Framework methodology
Wellbeing

Wellbeing

We’re committed to creating value for the communities and people where we work. We learn by doing, which is why Social Value Portal has always been proactive in delivering our own corporate responsibility.

Our Social Value Action Plan targets £1,888,412 of social value delivered by our staff between 2022-2025*.

This includes 2,400 hours of volunteering time committed to support local community projects. This is supported by our commitment to all those employed by SVP to have 56 hours paid volunteering to use per year (7 days), during regular business hours.

Other Wellbeing related measures in our Action Plan include:

- No. of employees (direct and corporate contractors) that have been provided access for at least 12 months to comprehensive and multidimensional wellbeing programmes
- Mental Health campaigns for staff on the contract to create community of acceptance, remove stigma around mental health
- Equality, diversity and inclusion training provided both for staff and corporate contractors
*Utilising the National TOMs Framework methodology

Pricing

Price
£6,000 a licence a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Free trail account available to try out the National TOMs.
Link to free trial
https://socialvalueportal.force.com/freeaccountregistration?registrationType=free

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@socialvalueportal.com. Tell them what format you need. It will help if you say what assistive technology you use.