KONSOLUTE

Konsolute ISO Certified Quality Management System (QMS)

Implement a robust ISO Certified Quality Management System (QMS) with our solution tailored for Microsoft 365. Manage, track, and audit your organisation's compliance and standards efficiently, enhancing quality management practices across your business operations.

Features

• Integrated compliance management for key ISO standards
• Comprehensive document lifecycle management
• Dynamic dashboarding and reporting for real-time oversight
• Automated auditing and compliance tracking
• Seamless integration with Microsoft 365 applications
• Custom standard incorporation and management
• Preloaded with the latest popular ISO standards
• Clause management tailored to organisational needs
• Risk assessments and action plan implementations
• Enhanced data protection with sensitivity and retention labelling

Benefits

• Ensures continuous compliance with international standards
• Streamlines quality management processes
• Reduces administrative burden through automation
• Improves document control and security
• Facilitates easier audit processes with ready reports
• Supports a culture of quality and continuous improvement
• Offers a centralised platform for all quality management needs
• Enhances visibility and control over compliance activities
• Data remains on your tenant
• Increases efficiency and reduces errors in compliance management

£850 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ashkan@konsolute.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

770401291400234

Contact

Ashkan Jabbari
+44 20 8152 4102
ashkan@konsolute.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Our complimentary services enhance Microsoft 365 and Azure capabilities. We optimise efficiency and compliance within existing IT infrastructures, also supporting other cloud environments and bespoke systems to meet specific organisational needs.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: N/A
• System requirements:
  • Requires Microsoft 365 subscription with admin rights
  • Adequate storage and processing for QMS functions

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We provide support through both email and an online ticketing system. This ensures you can reach us conveniently for assistance with any issues or questions.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: To ensure that your organisation receives the exact support it needs for optimal performance and efficiency we offer a bespoke services tailored around your organisational requirements.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Our services are delivered through a combination of on-site and off-site workshops. At the start of the project, we collaborate closely with you to define and customise the project onboarding process. This approach ensures that our services are perfectly tailored to meet your specific needs and objectives.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All project deliverables and raw data generated through our service are made available for secure download in suitable formats, ensuring easy access and compliance with security standards.
• End-of-contract process: At the end of the contract, all project deliverables and raw data generated through our service are made available for secure download in suitable formats, ensuring easy access and compliance with security standards.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: No
• Customisation available: Yes
• Description of customisation: Our services are highly customisable to meet the needs of our clients. We offer personalised consultations to fine-tune our offerings, ensuring they align seamlessly with your strategic objectives. This adaptability guarantees that you derive maximum benefit from our services.

Scaling

• Independence of resources: N/A

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Organisations can request for their data and associated data to be exported
• Data export formats: Other
• Other data export formats: PDF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: N/A
• Approach to resilience: N/A
• Outage reporting: N/A

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: N/A
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essential Plus
• Information security policies and processes: At Konsolute, we prioritise security, maintaining robust processes across our operations. Our security practices are governed by several policies, including Information Risk Security, Asset Management, and Handling Sensitive Information. We regularly review and update these policies to adapt to evolving security demands. Additionally, our commitment to security is validated through regular assessments and audits conducted by an independent security organisation.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Konsolute adheres to ITIL Service standard, ensuring compliance with industry best practices
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: At Konsolute, our threat assessment process integrates Microsoft Defender's advanced monitoring and analytics capabilities. This allows us to continuously scan for, identify, and mitigate potential security threats efficiently. We prioritise rapid response to vulnerabilities, deploying critical patches within 24 hours through automated systems enhanced by Microsoft Defender's insights. Our intelligence on emerging threats is sourced from reputable cybersecurity partners and global databases, alongside Microsoft’s own security advisories. This comprehensive approach ensures that we uphold stringent security standards, leveraging Microsoft Defender to keep our services secure and reliable for all clients.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: At Konsolute, we utilise Microsoft Defender and XDR capabilities to enhance our proactive monitoring efforts. These advanced technologies allow us to continuously scan for and identify potential security threats before they can impact our systems. By leveraging Microsoft’s cutting-edge tools, we ensure comprehensive surveillance and rapid response capabilities, safeguarding our information and assets to the highest security standards. This vigilant approach to security demonstrates our commitment to maintaining robust protection across all operations. Incidents logged by the system prompt an immediate response and investigation.
• Incident management type: Supplier-defined controls
• Incident management approach: Konsolute promotes a culture where employees are encouraged to report incidents via a secure, electronic incident management portal. Each reported incident follows a structured procedure that leads to a thorough investigation. Additionally, we implement Corrective and Preventive Action (CAPA) processes to assess and ensure the effectiveness of the implemented solutions.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At Konsolute, we are deeply committed to combating climate change through responsible business practices and innovative solutions. Our sustainability strategy is integrated into all aspects of our operations. We focus on reducing our carbon footprint by optimising energy use of our devices, and promoting remote work to decrease commuting emissions. Additionally, our products and services are designed to help our clients achieve their own environmental goals, contributing to a broader positive impact on the planet. We continuously seek ways to enhance our sustainability measures and collaborate with industry partners to amplify our collective response to climate change.

  Covid-19 recovery

  At Konsolute, our response to the COVID-19 pandemic focused on ensuring the safety of our employees and supporting our clients through these challenging times by making our products free available to government entities. We adapted our operations to promote remote working, ensuring that our team remained connected and productive while working safely from their homes. We also continue to enhance our digital collaboration tools to support seamless remote interactions, both internally and with our clients.; ; Understanding the economic impact of the pandemic, we are committed to aiding our clients in navigating the new normal. This includes offering flexible solutions and services designed to ensure business continuity and resilience. Our approach combines immediate actions with long-term strategies to support a sustainable recovery and foster a more resilient future.

  Tackling economic inequality

  At Konsolute, tackling economic inequality is a core aspect of our corporate responsibility strategy. We are committed to creating opportunities that foster equitable growth both within our organisation and in the communities we serve. Our initiatives include offering skills training and development programs to empower underrepresented groups, implementing fair hiring practices that promote diversity, and engaging in partnerships that support local economic development.

  Equal opportunity

  At Konsolute, we are committed to equal opportunity as a fundamental principle guiding our business practices and organisational culture. We ensure that all employees and candidates are treated fairly and with respect, regardless of their background, identity, or circumstances. Our hiring processes are designed to eliminate bias, promoting a diverse and inclusive workforce that reflects the communities we serve.

  Wellbeing

  At Konsolute, we prioritise the wellbeing of our employees as a key element of our workplace culture. We understand that our team's health and happiness are critical to our collective success. To support this, we offer a comprehensive wellbeing program that includes mental health resources and flexible working arrangements that allow for a healthy work-life balance.; ; We regularly engage with our employees to understand their needs and adapt our programs accordingly. Our initiatives are designed to ensure that every team member feels supported both professionally and personally. By investing in the wellbeing of our employees, we aim to create a supportive and productive work environment where everyone can thrive.

Pricing

• Price: £850 a unit
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ashkan@konsolute.com. Tell them what format you need. It will help if you say what assistive technology you use.