CUTNALL GREEN CONSULTING LTD

eSourcing and eAuction Service

We provide cutting edge eSourcing and eAuction software combined with practical hands-on support enabling customers to maximise savings whilst "learn by doing".
This approach can be applied to all non-pay expenditure, allowing clients to maximise savings on all purchases while simultaneous accounting for non-price factors such as quality, social value

Features

• Access to real practical experience with "hands on support"
• Focus on "Learn by doing" to share knowledge
• Real time, cloud based, transparent reverse auction process
• Clear audit trails and archiving for sourcing events
• Intuitive event creation and bid interfaces and real-time analytics
• Multi-parameter, multi-format, multi-line negotiations
• Side-by-side, line-by-line comparisons and multiparameter scoring
• Comprehensive reporting and analysis on sourcing events
• Secure architecture and structure designed to protect data

Benefits

• Access to experienced “hands on support”
• Transfer of knowledge via “learn by doing”
• Opportunity to aggregate spend across multiple organisations
• Opportunity to deliver benefits at pace
• Obtain best value for money in real time
• Efficiently exchange information and define requirements
• Reduce off-contract, off-catalogue pricing and buying
• Allow suppliers to access and maintain information
• Efficiently assess and select suppliers
• Execute informed sourcing and supplier decisions

£5,000 a transaction

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at robcarter@cgconsultingltd.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

772071589693710

Contact

Robert Carter
07866 436815
robcarter@cgconsultingltd.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: We can interact with existing eSourcing and Dynamic Purchasing Systems
• Cloud deployment model: Private cloud
• Service constraints: We do not have real time electronic messaging
• System requirements: Internet Access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We respond to calls and emails within a business day
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: The support we provide depends on the service chosen. This falls into 2 main types of support. ; 1.Managed Pilots. For managed pilots we will provide both “hands on support”, combining deep eAuction experience which we will combine with a proven eAuction platform. For this service we will: ; • For the chosen categories pull data from multiple sources to build a “true baseline line” of consumption; • Cleanse and enrich data to make it “fit for purpose”. As part of this process we will use our spend analytics software to automate data cleansing.; • Undertake detailed data analytics to help clients to define requirements & build the specification; • Build the bid template and use this in the eAuction event; • Quantify the savings achievable and the steps required by the client to implement the benefits; 2.Serviced eAuction events. For a Serviced eAuction event we provide virtual eAuction event support, sourincg support and a technical account manager for general account management and information. Further we allocate a dedicated bid manager for every electronic auction to oversee and project manage sourcing, setting up the bid, ensure the success of the event and general communication
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide one to one online and in person training on using the software platform for both vendors and buyers. The training pack is scripted and thoroughly documented in order to maintain consistency and transparency. We always provide additional training if necessary.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
  • Other
• Other documentation formats:
  • Excel
  • Hard copy
• End-of-contract data extraction: As part of our process we share all information particular to the buyer at every stage during any given procurement project in which we participate. Our client can also access their data and extract it anytime from the portal upon completion of the contract.
• End-of-contract process: Customers are not obliged to term commitment. They can stop using the platform at anytime. Once they give us notice that they are not going to use the platform, we start the off boarding process. We charge a fee per procurement event. It includes setting up and running each event. We offer additional services such as sourcing and market research for additional fees

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: We provide an easy to use, intuitive user interface that we train each user on. This ensures that both buyers and sellers are able to get the most of the eSourcing/eAuction platform.
• Accessibility standards: None or don’t know
• Description of accessibility: The platform access is based on permission levels, so depending on the users function, they will see different information and be able to perform different functions.
• Accessibility testing: We haven't undertaken any interface testing
• API: No
• Customisation available: Yes
• Description of customisation: We generally customise each bid to match the needs of the specific category being auctioned. This will be done in conjunction with the user adn we will configure the systems for them

Scaling

• Independence of resources: We take particular care and meticulously schedule events so that processing resources on our services on our servers as CPU and memory are not over extended. In addition, we use internal monitoring and reporting processes to manage and plan server capacity

Analytics

• Service usage metrics: Yes
• Metrics types: We provide information on number of events, amounts and quantities of goods and services auctioned, savings against baseline and sourcing information
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users export their data from our platform by logging in with their unique username and password. They then can export their data in various formats.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats: Excel

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our aim is 99.9% availability
• Approach to resilience: Our equipment that holds our software is housed in data centres with n+1 levels of resilience
• Outage reporting: The preferred method of outage reporting is usage of email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Management interfaces are only accessible by authorised users, authenticated by username and password. Sensitive factors are restricted to authorised networks.
• Access restriction testing frequency: Less than once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our approach to security governance is to use the best practise for the industry
• Information security policies and processes: The company follows best practise information security policies and processes for the industry. It is the establish policy of Cutnall Green Consulting Ltd to operate within the requirements of a documented information Security Policy statement as a means to comply with all statutory, regulatory and contractual requirements, and to protect the interest, property and information of the company and if it clients and employees against threats or loss. In pursuance of this policy its stated requirements have been implemented together with the specified requirements of the company's associated information security and computer systems access management. The purpose of this Information Security Policy statement is to describe how security is implemented, to give guidance to our employees whose actions can affect the confidentiality and integrity of the business, it product and services and to illustrate the overall commitment to security issues within our company. The Information Security Policy is maintained by audit and review in order to provide effective assurance that all aspects of company, employee and customer specified security requirements are being implemented

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Servers are set to automatically install security patches nightly. Any changes to services are vetted for security impact at the planning and implementation stages.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Security managers monitor and evaluate security bulletins for application components. If possible the component is updated and if an update is not immediately available, a patch or mitigation is applied within 72 hours
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Logging is used to identify potential compromises. When discovered, compromises are responded to with 24 hours
• Incident management type: Supplier-defined controls
• Incident management approach: We maintain a security point of contact. Any security related matters are forwarded to the security POC. Incident reports are emailed to the affected customers

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  As a micro entity ourselves, we are keen to create opportunities to help small organisations to grow. So we are promoting the development of Machine Learning & Artificial Intelligence in Spend Analytics for the Health Service using a network of small specialist tech companies. This will enable us to consider taking on apprentices, increasing our own capability and capacity. The technology we are proposing to develop will be disruptive, creating new systems to identify opportunities to leverage spend across multiple healthcare organisations delivering real value to our customers

Pricing

• Price: £5,000 a transaction
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at robcarter@cgconsultingltd.com. Tell them what format you need. It will help if you say what assistive technology you use.