Skip to main content

Help us improve the Digital Marketplace - send your feedback

Plan Alpha Systems Limited

Drupal CMS, Drupal CRM, Drupal forms, integration support and hosting

Plan Alpha Drupal: Drupal Customer Relationship Management System (CRM). Drupal Content Management Systems (CMS). Drupal integration services. Drupal strategic consultancy in business transformation using open source assets. Plan Alpha Systems guarantee Best Value and best use of Drupal platform. All current versions of Drupal supported, as well as legacy Drupal.

Features

  • Customer-agent use, by telephone (including screen sharing) and face-to-face
  • Access whole system with any web-enabled device, including mobile
  • Total citizen account management in one place
  • Easily tailorable workflow and case management processes
  • E-forms that that are inbuilt to the system
  • The world's most powerful and advanced future development roadmap
  • Access system data to any level of security and location
  • Integrate with anything - no proprietary lock-ins
  • Build new functionality in the platform itself
  • Ask not what the-system can-do, but what the-system. . .

Benefits

  • All channels, all agents swiftly do business with one system
  • Customers do business with you the way they want to
  • Customers and agents access to the entire customer record straight-away
  • No expensive programmer expertise required
  • E-forms, not a costly add on but a powerful system-foundation
  • The future is assured, safe, and packed with innovation
  • Underlying architecture means data is in one agreed, secure place
  • Drupal: designed and built to swiftly integrate with other IT-systems
  • Full Enterprise-class web-enabled database systems development platform
  • The system can do just about anything you want

Pricing

£10,000 to £250,000 a unit

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris.morton@planalpha.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

7 6 9 4 0 2 1 0 9 7 9 0 6 6 5

Contact

Plan Alpha Systems Limited Chris Morton
Telephone: 07769 88 22 84
Email: chris.morton@planalpha.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
No - the hosting is on a managed platform with guaranteed 99.9 expected uptime. Any software updates are carried out at agreed times, and occupy very small (usually minutes or less) levels of interruption.
System requirements
  • Access is through any web-enabled browser
  • It's open-source and does not need any proprietary software

User support

Email or online ticketing support
Email or online ticketing
Support response times
24x7 managed Cloud environment

Our help desk services are provided initially through Plan Alpha Systems: Standard methods of contact include: telephone, email and online ticket placement.

Our online support ticketing system enables our clients to login, raise and edit call tickets and to track the progress made on resolving the issue, view all tickets raised by you and see comments and information added by our support staff.

The standard support hours are Monday to Friday 08.00 to 17.30.

Support outside these hours can be arranged upon request.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
The platform itself requires no support locally - all that is required is a web browser to use it. Were you to integrate it with local systems, then in our experience we can almost always do this remotely. We can provided levels of support locally, which we can be arranged with you. On the whole, this is not necessary.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide all the necessary on-site training for your system, and we provide advisory support and skills transfer thereafter.

The system is not difficult to use in any way. It has been designed as a web system based on the user experiences that we all encounter in day to day use of the web.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
At the end of any contract - the system and all the data within it belongs to you, It is open source and there is no proprietary lock-in.

Should you wish to extract the data, however, this can be undertaken with powerful Drupal tools in any standard file format.
End-of-contract process
At the end of the contract the system belongs to you in its entirety. There are no charges.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
All of our systems will work on desktops and mobile, but the mobile screen, because of the size, would be unsuited to, say a customer agent's usual means of interacting with a customer.

From the perspective of a customer, the system they use is entirely available with a mobile.
Service interface
No
User support accessibility
WCAG 2.1 AAA
API
Yes
What users can and can't do using the API
Drupal has a fully open API allowing two-way integration.

If another system needs to access the platform then the Drupal API will enable it, without limitation.
API documentation
Yes
API documentation formats
Other
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Anything in the system can be customised.

User can add Drupal modules, or add code if they wish (this is almost always unnecessary). Customisation is carried out in Drupal by adding pre-built modules, not by programming.

Anyone with the appropriate permissions can customise.

Scaling

Independence of resources
As an organisation we deliver projects that are based on a highly performant and stable technology that does not require a large overhead of support. We have KPIs that guarantee response times.

We have resources that represent a small fraction of time that is required to provide ad hoc support, and this is almost always for system enhancement and not for system availability. This is provided by our hosting partner with vast support resource capability and availability.

Analytics

Service usage metrics
Yes
Metrics types
Users are able to engagement use to have complets access to service usage metrics if they wish.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
We provide additional support for the platform with our hosting-partner

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Other
Other data at rest protection approach
Our hosting provider is regularly reviewed by third parties to verify platform security, privacy, and compliance

SOC 2 compliance provides third party assurance to our customers about the adequacy of our hosting provider information security system. Our SOC 2 Type 2 compliance covers the Security and Availability Trust Services Criteria.

The General Data Protection Regulation (GDPR) is a data privacy law that defines a framework for how companies use and protect personal information about European Union citizens. Our hosting provider complies with all applicable data privacy laws including GDPR.
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
There are standard Drupal modules that assist you in extracting the data you need and exporting it in any standard format .csv. .xls, .xml. etc.

Being open source, you can also use any standard web services to extract data.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • XML
  • RSS/Atom
  • OPML
  • Sitemap
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • XML
  • RSS/Atom
  • OPML
  • Sitemap

Data-in-transit protection

Data protection between buyer and supplier networks
Private network or public sector network
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network
No customer data from our clients is stored within our company network at all.

Availability and resilience

Guaranteed availability
Hardware 100% uptime guaranteed.

Users will be refunded to agreed levels of outage time at the time of engagement.
Approach to resilience
This information is available on request
Outage reporting
Dashboard
email alerts

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
All communications with our hosting partner are with two-factor authentication with data encrypted.
Access restriction testing frequency
At least every 6 months
Management access authentication
Public key authentication (including by TLS client certificate)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Our customers' data is never stored with the confines of our IT installations, but is entirely stored within our hosting partners cloud environment,
Information security policies and processes
This policy has been ratified by the organisation and forms part of its policies and procedures, including its Regulations for Conduct. It is applicable to and will be communicated to associates.

This policy shall be reviewed and updated regularly to ensure that it remains appropriate in the light of any relevant changes to the law, organisational policies or contractual obligations.

To determine the appropriate levels of security measures applied to information systems, a process of risk assessment shall be carried out for each system to identify the probability and impact of security failures.

To manage information security within the organisation an information security oversight shall be undertaken. We currently do not hold any personal information. However, during the course of our work we may be asked to build systems which access personal and highly confidential information. In these cases we will adopt the working practices of the organisation in vigilantly protecting the data to which we have access. It is the responsibility of each associate to apprise themselves of the security policies of the client and to adhere to them.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All of the configuration management with the Cloud hosting is carried out by our hosting partner.

From a Drupal perspective, all threats to security are monitored by the Drupal community 24x7, and we adopt a security patching policy for any component of the stack o/s, web-server, database, PHP, Drupal using all reasonable endeavours, this is in addition to the security monitoring by our hosting partner.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Vulnerability management of the Cloud hosting environment is provided by our hosting partner.

For the Drupal platform, the community - which is vast over 1.3 million members worldwide as a vigilance community, this in turn is backed up by over 100,000 technologists. Any security threat is immediately reported to Drupal, that immediately in turn inform its members and provides appropriate remediation.
Protective monitoring type
Undisclosed
Protective monitoring approach
Not exposed.

Any threat is immediately acted upon appropriate to its severity.

Response to a threat is immediate.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Policies and processes aimed at making sure information security events and weaknesses are communicated in a manner allowing timely corrective action.

Users report any incident to us, which if appropriate would be immediately escalated to our hosting partner.

Incident reports are not a standard feature - as we have had no occurrence. It would be treated as an emergency, and dealt with immediately.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
Yes
Connected networks
Public Services Network (PSN)

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Our Cloud provision matches 100 percent of its energy consumed with renewable energy and aims to run on 24/7 carbon-free energy by the end of the decade. By using a managed Drupal WebOps platform paired with Google Cloud, our customers will be that much closer to creating a green and sustainable website. All our services are offered remotely, reducing travel and carbon footprint. We are fundamentally a virtual organisation.

Covid-19 recovery

All Plan Alpha personnel were supported through Covid 19. Remote working is a standard offering. We fundamentally work virtually. Any resurgence of Covid will be similarly managed.

Tackling economic inequality

We encourage all our customers to use the adoption of open source technology as a driver of reskilling of the workforce. WE also recognise the different skills levels of our customers and design training according to the requirements of the project and the people undertaking the work. Opportunities for working with Plan Alpha are based on how we can effectively bridge skills gaps by working with us.

Equal opportunity

Plan Alpha is entirely committed to equal opportunity and there is zero toleration of workplace discrimination on all of the following: Race, gender,religion,physical ability, age, sexual orientation, gender reassignment, marriage or civil partnership, maternity and paternity. Our focus is the well-being of the people who wrk with us and their future potential.

Wellbeing

We recognise that wellbeing is fundamental to a working environment that foster health: physical, health and safety, and mental health by striving to maintain an ergonomically beneficial environment in home working and should the need arose, elsewhere. We always aim at effective people management, training and fostering a good work/life balance. Reward is based on fair and transparent policies. We strive to maintain an ethical relationship with our suppliers and customers, and embrace inclusion and diversity. Positive relationships are our goal and we recognise that whatever career, emotional, learning and creative outlets we can assist with are fundamental to our vision for the company.

Pricing

Price
£10,000 to £250,000 a unit
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris.morton@planalpha.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.