Core

RPA Automation and AI Software Solutions - CoreGov

Our AI-enabled Robotic Process Automation (RPA) platform service is designed to simplify the creation, execution, and management of automation tasks, catering to users regardless of their technical proficiency. It offers an intuitive automation studio featuring a visual drag-and-drop interface for constructing software-bot driven business process automation workflows.

Features

• AI-powered - computer vision, OCR, ML and other AI techniques.
• Automation using attended or unattended bot operation for maximum flexibility.
• Cloud-hosted management console
• Hundreds of pre-defined activities to build your RPA flows.
• Performance and SLA reporting
• Detailed logs and audit trails
• Secure credential management
• Identifying processes suitable for automation
• Integrates with workflow platforms for a complete Intelligent Automation solution
• Designed for business users and IT professionals

Benefits

• Automate on-screen processes for speed and accuracy.
• Frees up staff to perform more useful tasks
• Use AI to improve performance and robustness of process flows
• Integrate systems through direct access, API and computer vision
• Improve employees experience with a digital assistant
• RPA recorder process steps to help automation
• Easy to build using drag-and-drop bot flow designer.
• Increase productivity and reduce operating costs
• Rapid deployment and instant scalability to meet changing demands
• Fast, repeatable, error-free process and task automation

£395 to £1,695 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at webenquiry@core.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

754639233124821

Contact

Paul Saer
+44 (0) 207 626 0516
webenquiry@core.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Within the wider automation landscape, our RPA solutions benefit from a range of accompanying extensions: AI for intuitive automation, expediting workflows and boosting engagement. Leveraging low-code platforms for application development, transforming processes and enhancing digital experiences. Elevating customer interactions through contact center solutions, seamlessly blending digital automation with human engagement.
• Cloud deployment model: Public cloud
• Service constraints: The service is subject to planned maintenance which will be notified in advance.
• System requirements:
  • Internet Connectivity
  • Internet Browser
  • Windows Server Platform for Unattended RPA software bot

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Target - 90 minutes initial response.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We will provide a Standard level of support based on which will be included within the service licence cost. This includes access by telephone or email to the remote support teams during contracted hours. A technical account manager will be provided.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide comprehensive assistance throughout the RPA implementation journey. This includes project management, engineering, and training support. Our Training Academy offers accredited remote training with trainer-supported eLearning. Additionally, we provide eLearning resources and expert mentoring for RPA users. Full user documentation is also provided.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: RPA does not store any customer data. It remains on the users' systems. RPA job flow reporting can be exported in a text file format.
• End-of-contract process: Once written notice to terminate the service (in line with the agreement) has been received, service will be scheduled for closure on the agreed date. We will work with you to ensure your data is extracted in an agreed format. All data stored, including backups, will be securely deleted using industry standard best practise methods.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Our RPA software service provides a browser-based service interface. This interface is designed to be intuitive and simple to use, whilst enabling full access to the user and administrative features provided by the RPA application. User access to the service interface is secure.
• Accessibility standards: None or don’t know
• Description of accessibility: As a browser-based interface, third-party tools deployed on the users' desktop or browser can be used to support user accessibility.
• Accessibility testing: Testing for specific third-party assistive technology is carried out by users and based on the individual needs of their staff.
• API: Yes
• What users can and can't do using the API: Service platform has a mature REST APIs that allows accessibility to all platform capabilities - including data input/output, application management, security APIs; ; Further details available on request.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: RPA bot flows can be fully customised by users with RPA build training and authorised access. Administrative tasks, such as bot scheduling and priorities, can also be configured.

Scaling

• Independence of resources: RPA applications operate on specialised virtual instances hosted on either Azure or AWS cloud platforms. Each customer receives personalised dedicated service. Users are equipped with server monitoring tools to oversee and manage their allocated resources effectively.

Analytics

• Service usage metrics: Yes
• Metrics types: RPA offers real-time and historical reporting functionalities: Dynamic Real-Time Dashboards: These provide graphical representation of critical metrics such as job scheduling, CPU/memory/disk usage. Customisable Dashboards: Users can tailor/share dashboards based on specific needs Supervisor Reports: Historical reports (all RPA metrics). Graphical Representation: Reports, including bot performance and job execution, are visually depicted / are refined using various filters like date and time. Saved Custom Reports: Reports can be archived for quick access. Manual CSV Downloads: Historical reports can be manually retrieved in .csv format. API Access: API is accessible to extract report data efficiently, offering flexibility in data retrieval methods.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Netcall, Nintex, Mendix, UiPath

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: RPA process flows XML based. Jobs information is CSV based. Both can be exported easily.
• Data export formats:
  • CSV
  • Other
• Other data export formats: XML
• Data import formats:
  • CSV
  • Other
• Other data import formats: XML

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Agreed service availability of up to 99.9%, 24/7 Service level agreements can be discussed as part of your contract.
• Approach to resilience: Information regarding the resilience of the data centre is available upon request.
• Outage reporting: The event management process diligently oversees the cloud systems and services of our RPA platform for availability and system health. Our system management tools promptly detect events and notify our Customer Support team of any threshold breaches or service outages. Our Customer Support team takes immediate action to inform customers of any service disruptions, customised to their specific business requirements. Communication channels include email or telephone, reaching out to the customer's service desk or designated contacts. Customers receive detailed alerts specifying the affected service, potential impact on their IT operations, and reference information for further inquiry. Our Customer Support team maintains continuous communication, providing regular updates on the expected service restoration time until resolution.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Our RPA service has a range of security controls to ensure the security requirements will be met. These include built in Role management, Security Policy, Login Control, Object permissions and Interface permissions.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyds Register
• ISO/IEC 27001 accreditation date: 15/04/2020
• What the ISO/IEC 27001 doesn’t cover: Not Applicable
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: It is also accredited to the NHS DSP Toolkit and CyberEssentials+
• Information security policies and processes: All Information Security Policies and procedures adhere to the ISO27001:2013 standard, documented within the Information Security Statement of Applicability (SOA). Process owners undergo both internal and external audits to ensure adherence to the policies delineated in the SOA, including but not limited to: - Quality Policy - Security Guiding Principles - Information Security Policy - Clear Desk Policy - Keyholder Policy - Access Control Policy - Information Classification Policy - Data Protection Policy - Network Access Control Policy - Information Exchange Policy - Password Policy - Cryptographic Policy - External Parties Access Control Policy These policies undergo regular review throughout the year, with updates and revisions documented in the Audit Calendar.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: RPA service Change Management procedures undergo audits in accordance with the ISO27001:2013 and ISO9001:2015 Information Security standards. The Statement of Applicability for these standards is available upon request. Any proposed changes must obtain approval from the appropriate authority at our organisation, validated against the corresponding tracker ticket, before implementation.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our compliance approach involves conducting both external and internal vulnerability scans to bolster our vulnerability management system and streamline internal patching. Identified vulnerabilities are escalated through our tracker system, integrated into our Risk Assessment and Vulnerability Management Process, supporting our ISO accreditations. Prioritised vulnerabilities from scans are melded into our Risk Assessment and resolution process. Our operations team and relevant process owners review these findings to prompt resolution. If needed, threat control measures and corrective actions are taken, with tickets linked to the original vulnerability for audit, ensuring robust risk mitigation and resolution.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We effectively manage and mitigate compromises to confidentiality, integrity, and availability of information assets through our Incident Management System. While control and ownership are centralised, they are overseen collaboratively with stakeholders. This process adheres to ISO 27001:2013, linking risks to treatments and SLAs. Incidents are monitored /recorded through various channels: - Customer or production support calls - Account managers' reports - Post-change assessments - Routine risk reviews - Actual security incidents - Identification via Intrusion Detection Systems or Intrusion Prevention Systems Information Security Manager (collaboration with process owners and relevant stakeholders) takes ownership of resolving compromises and implementing preventative measures.
• Incident management type: Supplier-defined controls
• Incident management approach: We employ both native and licensed software solutions to effectively manage risks, ensuring compliance with ISO27001:2013 standards for Incident Management. Our approach integrates tracking mechanisms, linking risks and assessments to corrective and preventative actions. Incidents are logged following changes, risk reviews, security breaches, event identification, or, in extreme cases, activation of the Business Continuity Plan. The Information Security Manager takes ownership of incidents, collaborating with process owners and affected stakeholders to swiftly identify, contain, and resolve issues. Our Tracker system plays a pivotal role in prioritising, customising, and providing transparent progress updates on risk management to stakeholders.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  All Core solutions are hosted in the Microsoft Cloud platform, which is currently 79-93% more energy efficient than a traditional on premise datacentre. All Core staff are also issued with modern Energy Star rated laptop devices which typically consume 2/3 less electrical power than desktop computers.; ; Core runs no on premises IT infrastructure and all internal services are cloud-based, ensuring that all service compute is done using high efficiency hardware and powered by renewable energy. It reduces the demand for mined precious materials, manufacturing and road transportation impacts associated with acquiring and receiving private infrastructure, as well as overall energy consumption inefficiencies of running infrastructure that may not be being optimally utilised.; ; Core advocates and supports the adoption of Remote and Hybrid Working to reduce unnecessary travel and associated emissions, reduce our corporate office footprint and support flexible working practices for our teams. ; ; In early 2022, we completed an audit of all end user devices in use across the company and calculated the carbon footprint generated as they are used to deliver our business outcomes, and we are currently developing a program to not only offset this in a properly accredited scheme, but to provide offerings to support our customers and partners to be able to easily do the same. We use Greenly as our carbon management reporting platform to calculate and monitor our scope 1,2, and 3 emissions, and build custom action plans to work towards reduction. In the recent years, we have also contracted Oblong Trees to plant a tree for any existing employee and new starter.; ; Microsoft, with their commitment to reaching net zero emissions by 2030, will enable Core to become a net zero emissions organisation in the same timeframe.

  Covid-19 recovery

  Core changed our operational policies to protect our staff during the Covid 19 pandemic, and to help our customers to continue to build and develop services to support a hybrid workforce.; ; We provide solutions to help customers make the most of remote working, including the ability to support and manage services without having to travel to specific office locations. However, these solutions also seamlessly enable users to work in the office environment too.; ; This includes full collaboration and communication solutions and employee wellbeing platforms to ensure that staff are supported and included, regardless of their location.; ; Our solutions will help customers to continue to work with no impact on user productivity in the event of a future wave of Covid-19 causing health concerns or impacting travel or office attendance capability, such as lockdown or if a member of staff tests positive for Covid-19.

  Tackling economic inequality

  Core is a London Living Wage accredited employer, ensuring that our staff members are able to live and thrive in their life outside of work (Decent work and Economic Growth).; We are an inclusive employer, hiring people based on their talents and capabilities, regardless of any other factors (Gender Equality and Reduced Inequalities).; Core hires new entrants to the employee marketplace where possible, such as graduates, then trains and develops them to start their IT career journey with Core, building skills and experience (Decent work and Economic Growth).; Core’s hybrid working policy enables people who may have personal responsibilities such as care for children or other dependants who may not be suited to an environment where they have to attend an office on a daily basis (Gender Equality and Reduced Inequalities).; Core is continually hiring staff as our business grows and develops. We currently have open roles in both London and Gdansk, and every new contract, such as this one, secures existing employment and presents opportunities for us to continue to grow our team. (Decent work and Economic Growth); Core funds training and development of all staff and encourages involvement in programmes that enable us to continuously develop our technical acumen. (Decent work and Economic Growth); Every employee at Core has a vested stake in our business success, all qualifying post probationary employees participate in an Enterprise Management Incentive where they have an equity stake in the Core business (Decent work and Economic Growth).; Core’s employee benefits package includes Life Assurance and Private Healthcare coverage for the employee and the option of their immediate families at no cost to the staff member, other than the income tax liability (Good Health and Wellbeing).; Every member of permanent staff is enrolled in the company’s Pension Scheme (Decent work and Economic Growth).

  Equal opportunity

  We are an inclusive employer, hiring people based on their talents and capabilities, regardless of any other factors (Gender Equality and Reduced Inequalities).; Core hires new entrants to the employee marketplace where possible, such as graduates, then trains and develops them to start their IT career journey with Core, building skills and experience (Decent work and Economic Growth).; Core’s hybrid working policy enables people who may have personal responsibilities such as care for children or other dependants who may not be suited to an environment where they have to attend an office on a daily basis (Gender Equality and Reduced Inequalities).; Core funds training and development of all staff and encourages involvement in programmes that enable us to continuously develop our technical acumen. (Decent work and Economic Growth).; Every employee at Core has a vested stake in our business success, all qualifying post probationary employees participate in an Enterprise Management Incentive where they have an equity stake in the Core business (Decent work and Economic Growth).; Core’s employee benefits package includes Life Assurance and Private Healthcare coverage for the employee and the option of their immediate families at no cost to the staff member, other than the income tax liability (Good Health and Wellbeing).; Every member of permanent staff is enrolled in the company’s Pension Scheme (Decent work and Economic Growth).

  Wellbeing

  All Core permanent staff are entitled to 25 days annual leave per year, plus Public Holidays.; Core’s hybrid working policy enables people who may have personal responsibilities such as care for children or other dependants who may not be suited to an environment where they have to attend an office on a daily basis (Gender Equality and Reduced Inequalities).; Core’s employee benefits package includes Life Assurance and Private Healthcare coverage for the employee and the option of their immediate families at no cost to the staff member, other than the income tax liability (Good Health and Wellbeing).; Core conducts frequent Employee surveys, collecting feedback from our team on how the business can adapt or improve, internally or externally. We get good engagement from this process and all employee feedback is reviewed, discussed and implemented where appropriate. (Good health and Wellbeing)

Pricing

• Price: £395 to £1,695 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at webenquiry@core.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.