Liberata UK Ltd

Liberata Automated Invoice Processing Service

A full end-to-end automated invoice processing solution.

Features

• Automation of end-to-end invoice processing
• Invoice data extraction
• Supplier validation
• PO matching
• GL Coding for non-PO invoices
• Audit for duplicate invoices
• ERP posting

Benefits

• Reduction in processing time
• Zero review time for the vast majority of invoices
• Reduction in duplicates prior to payment through real-time checking
• Invoice cycle time reduced to less than one day

£0.10 to £9.50 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidadmin@liberata.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

730651132465711

Contact

Bid Co-ordinator
020 7378 3700
bidadmin@liberata.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Hybrid cloud
• Service constraints: None
• System requirements: Modern web browsers with internet access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We have a Customer Helpdesk to provide immediate assistance during office hours 8.45-5.30 Monday to Friday
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Dedicated Customer Support Manager for each account to provide immediate assistance. On-boarding and off-boarding assistance included and technical support also available at no extra cost.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Dedicated Customer Support Manager to guide through and track implementation. Full on-boarding documentation is also provided with data provision templates.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: All data is available to download in a number of different file formats and instructions are given as part of the on-boarding/off-boarding process.
• End-of-contract process: User accounts are disabled and data removed in an agreed timescale. An end of review/off-boarding call will also be held with the buyer.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Data input; Data extraction
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customisation is agreed through the implementation process or subsequently via the Customer Helpdesk

Scaling

• Independence of resources: Regular server capacity monitoring

Analytics

• Service usage metrics: Yes
• Metrics types: A provision of reports available on the cloud highlighting the progress of processing
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Dependent on requirements

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Application file download
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 24/7 accessibility, 99.75% availability over the review period
• Approach to resilience: The solution is provided from a UK-hosted, dual datacentre, private cloud platform which supports SAN to SAN replication of data between the two sites. The platform is design to give tolerance to single points of failure, and is support by our 24x7 support organisation. Data can also be backed up locally to a virtual tape library, enabling rapid restore when required.
• Outage reporting: Email notifications to users

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: User roles restrict access to specific functions with the application.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 19/04/2010
• What the ISO/IEC 27001 doesn’t cover: IT hosting as that has been outsourced to a third party
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: • ISO20000 (IT Service Management); • ISO22301 (Business Continuity); • ISO27001 (Information Security); • PSN; • Cyber Essentials
• Information security policies and processes: Liberata Acceptable Use Policy; Liberata Access Control Policy; Liberata Information Security Management Policy; Liberata Compliance Policy; Liberata Data & Asset Management Policy; Liberata Mobile Working Policy; Liberata Personnel Security Policy; Liberata Risk Management Policy; Liberata Incident Management Policy

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The Change Management process is aligned and certified to ISO20000 IT Service Management. A UKAS accredited body performs external audits to test the Policy/Procedural compliance of ISO20000. ; ; A Change Advisory Board sets the requirements to which the life-cycle of change is managed.; ; CAB objectives: ; Ensure that changes to the IT Infrastructure are assessed, prioritised and scheduled in a timely and cost effective way that maintains contractual client service levels;; Ensure Changes are reviewed throughout the Change Lifecycle;; Ensure appropriate resources are in place to meet clients’ business requirements;; Improve clients’ overall satisfaction with the services provided; and; Manage emergency change.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Regular scanning is in place to identify vulnerabilities and the required remediation implemented to a defined plan to comply with PSN and ISO27001.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Servers have security logs in Audit Collection Services, within Microsoft System Operations Manager.; ; Managed network devices have security logs shipped to Cisco Monitoring, Analysis and Response solution. ; ; Logs are retained for at least 6 months including:; User or process Unique ID; ; Date and time of event; ; Physical or logical address; ; Type of service executed; ; Privileged command executions;; In-bound email traffic claiming origination from PSN addresses or from 'null' addresses;; Excessive outgoing web traffic;; Regular data exchanges with external addresses;; Log record changes.; ; We have a SyOPs document which details the frequency for manually validating access controls and firewalls logs, etc.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents are managed via the Service Desk with an incident management team responsible for coordinating and directing the response. Conforms to the requirements of ISO27001 and ISO20000.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Wellbeing

  Fighting climate change

  We are working towards achieving net zero emissions by 2040, and our plan is published on our company website. We are already making progress to achieve this including:; ; • Emissions Reduction Targets- Achieve a 100% reduction of direct carbon dioxide equivalent (CO2e) emissions by 2040. We project that carbon emissions will decrease over the framework duration by 345.4 tCO2e by 2026. This is a reduction of 31% compared to the 2020 baseline.; • Energy-efficient Data Centres – Delivering scalable platforms reducing carbon production by 65% compared to traditional hosting; • Hybrid Working Programme – Enabling more flexible working to encourage individuals back into work and reduce travel related carbon emissions by up to 96%; • Sustainable Transport Scheme – Including electric car purchase and cycle to work initiatives alongside favourable car allowance schemes for use of electric/hybrid cars for business purposes; ; We also have projects and working groups in place covering the following initiatives:; ; • Full Implementation of ISO 14001; • Procurement of energy supplies from renewable sources; • Decarbonisation of heating systems; • Increased reuse and recycling of consumables; • Co-location of data services to low carbon centres

  Wellbeing

  Our Giving Back Social Value programme invests in supporting our employees, struggling families and the most vulnerable to address their health and wellbeing. Every product or service sold contributes towards the Giving Back funding which is allocated to delivering initiatives across the UK. The initiatives that we deliver include:; ; • Sports Team Kits - Providing match kit and equipment for local youth sports teams to ensure greater participation and improve wellbeing; • Volunteer Programme – Supporting activities including: school reading and writing CV building, interview skills & cycling proficiency; • Crowdfunding Programme – Managing initiatives to support community developments; • Outplacement/Career Coaching Services – Delivering tailored programmes to help those struggling with their mental health or anxiety to secure new opportunities; • Summer of Love – In partnership with the British Heart Foundation, we promote Health & Wellbeing across the business and offer free of charge comprehensive health-checks (blood pressure, heart-rate, metabolism, BMI for information and recommendations to maintain a healthy lifestyle). The recent theme has been on ‘mindfulness’, considering the importance of mental health through the pandemic.; ; In addition we have a dedicated local Health and Wellbeing co-ordinators at each of our sites from which we deliver this service who are there to promote the wellbeing of our employees and residents and host fortnightly 15 minute sessions on a variety of health initiatives including meditation, yoga and relaxation techniques which are available to all employees during the working day.; ; Other initiatives include free eye testing and flu vaccinations along with resilience workshops run with Renovo who are part of the Liberata organisation. We also have our Employee Assistance Programme which provides support, counselling and advice to all employees and family members free of charge and is available 24/7.

Pricing

• Price: £0.10 to £9.50 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidadmin@liberata.com. Tell them what format you need. It will help if you say what assistive technology you use.