Tata Consultancy Services Limited

TCS Digital Smart City - TCS DigiGOV

TCS’ DigiGOVTM Smart City solution provides the base to build end-to-end solutions to transform citizens services. It is a unified platform for efficient G2B, G2C, and G2G service delivery, the solution is based on TCS DigiGOV™ and offers advanced capabilities in file management, knowledge management, accounting, taxation, and HRM.

Features

  • Mobile-enabled for anytime-anywhere access
  • Multi-tenancy architecture. Heightened scalability, data security
  • Robust analytics engine provides 360-degree citizen view
  • Open standards, compatible with all integration protocols
  • Integrates with finance, command/control , GIS, POS, smart card etc
  • SSO enabled: easy integration with enterprise and external applications
  • Digital signature enabled and barcode enabled

Benefits

  • Reduce malpractice: Secure, transparent online processing, configurable approvals, audit.
  • Accelerate and streamline service delivery from months to days
  • Improve efficiency of revenue collection: accurate and automated calculation
  • Inform decision making: sophisticated query engine and smart reporting tools
  • Enhance citizen experience through automated multichannel comms
  • On-demand access: Anytime, anywhere, access through omnichannel experience
  • Build new and custom solutions meeting citizen and organisation needs

Pricing

£30 a user a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK.PublicSector@tcs.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

7 7 8 1 4 7 1 7 1 3 9 7 0 2 8

Contact

Tata Consultancy Services Limited Meena Meghani
Telephone: 07860 259091
Email: UK.PublicSector@tcs.com

Service scope

Software add-on or extension
No
Cloud deployment model
Hybrid cloud
Service constraints
None
System requirements
Working internet connection

User support

Email or online ticketing support
Email or online ticketing
Support response times
Severity 1 – 6 business hours
Severity 2 – 3 business days
Severity 3 – 12 business days
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
Severity 1 – 6 business hours
Severity 2 – 3 business days
Severity 3 – 12 business days

We provide Support Management as the support tool.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
User documentation will be provided
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Integration to enable export / import of data will be provided.
End-of-contract process
Renew contract or exit points as mentioned in standard contract template

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The service been designed to work on mobile devices. We support Android and iOS mobile operating systems
Service interface
No
User support accessibility
WCAG 2.1 AAA
API
Yes
What users can and can't do using the API
The APIs are available for the users to integrate the functionality provisioned for them with their applications or systems. The setup or the initial service is not available through the APIs but there are APIs at the business function level which can be enabled for integration. The users will be able to create, retrieve, update, delete the data for the functions provisioned for them. The APIs are only limited to the functionality provisioned for the user or organisation.
API documentation
Yes
API documentation formats
  • ODF
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Customisation of the service is the part of initial set-up and due-diligence process. Customisation can be done for the following
- Look and feel, Logo
- Field level changes for the processes
- Configuration of workflows if any
- Reports and Dashboards.
A template needs to be filled in which would cater from the look and feel to the field level for the processes. The reports can be customised and can be created on ad-hoc basis. Workflows can be configured by the users. Typically, a business analyst would be able to configure these.

Scaling

Independence of resources
We perform usage and resource utilisation monitoring coupled with performance testing enable capacity planning to ensure no impact from other users.

Analytics

Service usage metrics
Yes
Metrics types
We provide Support Management as the support tool that will provide service usage metrics.

Support Management consists of:
1. Clarifications – regarding navigation, business process flow, workflow status, interfaces.
2. Data Management – Requests requiring correction to data and User Requested Data Extracts. TCS will support up to 10 Data Management requests per month beyond which Change Request charges apply
3.User Account Management – Request for providing user roles privileges
4.Exception Transaction Management – Request for processing ad-hoc transactions or approved exceptions. TCS will support up to 5 Transaction Management requests per month beyond which Change Request charges apply.
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
Other data at rest protection approach
Secure containers, racks or cages
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Integration to enable export / import of data is provided.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • XML
  • JSON
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • XML
  • JSON

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
99.5% availability
Approach to resilience
High Availability across all layers
Outage reporting
We have provisioned monitoring/ alerting tools

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Username or password.
Firewall based restriction applies as appropriate.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
TÜV NORD CERT GmbH
ISO/IEC 27001 accreditation date
Initial certification: 2006. Last certification 29.03.2022
What the ISO/IEC 27001 doesn’t cover
-
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
SSAE16/ ISAE3402
Information security policies and processes
TCS adopts a process-based approach for establishing, implementing, operating, monitoring, maintaining and improving the effectiveness of the TCS Information Security Management System (ISMS).
TCS has adopted the “Plan-Do-Check-Act” (PDCA) model that is applied to all ISMS processes. This ensures that an ongoing management process is in place for Information security.

TCS has a defined and implemented Information Security Management Framework based on ISO 27001 security standard. TCS has received Enterprise wide Triple ISO (27001, 9001, 20000) certification.

The TCS Information Security Management Framework consists of the following:
• Information Security Policy
• Information Security Standards
• Information Security Procedures.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
The change management procedure conforms to ISO 27001 standard and ensures that all changes are controlled, including the submission, recording, analysis, decision making, and approval of the change.

• Changes are analysed for business and technical impact. This analysis is shared with Change Management Committee and on approval changes are planned for implementation.
• Changes are documented, tested and based on user approvals migrated in Production. Changes are tested in development and QA environment. Roll back mechanism is in place in case of any adverse effect.
• Changes are tracked in Change Register and are reconciled at regular interval.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Application Security assessment includes testing of the vulnerabilities identified (Open Web Application Security Project (OWASP), Authentication, Authorization, Data Validation, SQL injection and so on.

Tools selection is done keeping in mind specific application scenario which ensures that tools best suited for an application are used. For Application Assessment TCS uses a various tool such as HP Webinspect, IBM Appscan, Paros, Nikto.

Network Security Assessment:
Network Security assessment includes testing of the Host, internal network, and perimeter. For Network Assessment TCS uses a various tool such as Nessus, Core Impact, Wireshark, Nmap.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
TCS has implemented both IDS and IPS. Alerts generated by the IDS & IPS devices are continuously monitored. The Network Monitoring team takes appropriate action based on any suspicious activity observed. There is a dedicated (Corporate SOC) team to ensure 24*7 monitoring.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
TCS provides its ticketing tool – Support Management - as the primary channel for support. Customer SPoCs will be expected to:-
• Log tickets in Support Management for incidents/queries/requests related to TCS Platform
• Coordinate with TCS Platform service delivery team dor ticket resolution status, conduct 1st level validation of TCS resolution and close ticket in Support Management
• Notify resolution of tickets to respective Customer users, post resolution by TCS
• Manage internal business change for new functionality releases.

For Priority-1 issues TCS provides on- call support.
Customer is expected to provide Level – 1 support to its Users.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

Fighting climate change
1. TCS commits (and is on track) to reduce absolute Scope 1+ Scope 2 emissions by 70% by 2025, achieving Net Zero by 2030 or earlier, and to working with customers to achieve this.

2. UK&I Carbon reduction plan signed at board level.

3. We shall continue this approach under G-Cloud 13, aligned with TCS corporate policies:
a. “Beyond Compliance” Environmental Sustainability Policy: proactive engagement with governmental and other agencies to design and drive environmental policy and regulation.
b. Green Procurement Policy: all TCS consider life-cycle cost and potential environment impact of products and services.
c. Climate Change Policy: all Tata companies to set carbon footprint benchmark within their industry.
d. Sustainable Supply Chain Policy: establishing good environmental, social and governance practices within supply chain.

4. Our commitment is evidenced by the following:
a. Organisation-specific energy consumption reduced >60% since 2008
b. Reduced greenhouse gas emissions (Scopes 1 + 2) by 61.8% since 2008 (3 tCO2E/FTE/Annum to 1.15 tCO2e/FTE/Annum in FY 2020)
c. Reduced specific energy consumption YoY by 11.9%; specific carbon footprint down 11.8%.
d. 31% renewable sources electricity powering UK offices.
e. 35% of UK properties divert all waste from landfill.
f. 100% UK properties with extensive waste recycling programmes.
g. >60% of real estate portfolio certified green building space, 80% of owned real estate IGBC/LEED-certified green infrastructure.
h. Freshwater consumption down 5.5% (2019) and by 19.4% over baseline year.
i. Reduced business air travel carbon footprint in FY2020 by >67% over baseline year and by 19% over FY2019.

5. We minimise non-essential travel through agile, flexible approaches, supported by “Vision 25x25” (by 2025 <25% employees will attend a TCS facility at a point in time; nobody will need to spend >25% of time at a facility to be 100% productive).
Covid-19 recovery

Covid-19 recovery

Covid-19 recovery
1. To aid Covid-19 recovery we seek opportunities to work with local partners and training providers in our contracts.
2. We operate in locations around the UK and are committed to supporting these local communities. We have local SME supply chains to invest in those communities.
3. We partner qualified training organisations, local colleges and universities to offer a range of Apprenticeships from Level 2-7. Current examples of established programmes with customers include Diligenta, Scottish Power and PwC. We provide apprenticeships, placements and internships. We currently employ 95 apprentices in the UK, through a variety of education establishments and engage 5 or 6 per annum. Apprentices enjoy access to our training portal, which contains thousands of IT courses supporting developing career aspirations. On completion, participants are encouraged to apply for employment with TCS, where suitable openings are available.
4. This provides value for the workforce, our customers, local communities and TCS.
a. Individuals benefit from enhanced skills relevant to their role, increased job satisfaction, higher market value - in TCS and externally.
b. Customers benefit from high-quality service delivered by skilled, motivated, engaged employees.
c. Local communities benefit through employment and training schemes.
5. We shall continue this approach for all G-Cloud 13contracts, seeking opportunities for level 2, 3 or 4+ apprenticeships for 1 year in relevant technical disciplines. This recognises the impact of Covid-19 young people seeking employment. Progress will be reviewed each term against pre-defined criteria and will include participant feedback.
6. We shall run other initiatives, including workshops in partnership with local Job Centres, for people unemployed due to Covid-19. This provides mentoring in IT career opportunities, training and skills suggestions , CV creation and interview preparation. We shall ensure people interested in IT opportunities receive information on forthcoming TCS vacancies.
Tackling economic inequality

Tackling economic inequality

Tackling economic inequality
1. We have a modular and flexible approach to tackling economic inequality. Ongoing initiatives include:
a. Recruiting long-term unemployed people and/or those facing other barriers to work, for at least one year, offering a broad-based and comprehensive training scheme to establish experience in work, develop knowledge and build confidence;
b. Providing business/IT expertise and guidance each year for local businesses with specific emphasis on overcoming inequality in the supply chain and identifying new opportunities from which they can profit;
c. Setting up Innovation Forums for local SMEs/MSMEs, start-ups and entrepreneurs to share learning and development, and consider relevant innovation in technology. TCS’ Co-Innovation Network (COIN™) brings together universities, industry experts, start-ups and entrepreneurs to conceptualise breakthrough solutions. It consists of over 2,400 start-ups globally. The Academic COIN™ programme has 67 active partnerships.
2. TCS will commit to the 30% threshold for SME revenue as part of this contract and will tackle inequality through a number of initiatives and approaches, including:
a. Structuring statements of work to contain flexible terms and conditions (always meeting the requirements of the main contract) that facilitate SME participation and encourage the innovation and versatility that SMEs can provide;
b. Streamlining the procurement process (whilst maintaining quality) to reduce the overheads for SMEs, ensure opportunities are available well in advance with clear requirements to allow planning;
c. Selecting suppliers from the supply chain via fair, open, transparent competition;
d. Establishing and developing relationships and contractual arrangements with our supply chain in line with PPN 01/18 Supply Chain Visibility;
e. Providing consistent and timely information on current and future opportunities, and working with SMEs to identify and engage with new opportunities;
f. Fully committing to the Government’s Prompt Payment Policy in line with Public Contract Regulations 2015.
Equal opportunity

Equal opportunity

Equal Opportunity
1. TCS fully commits to equality. Corporate policies (Code of Conduct, Diversity and Inclusion (D&I) Strategy and Equal opportunities) drive our behaviours. We will continue this approach for G-Cloud 13 contracts.
2. We ensure business leadership accountability for D&I. We will align actions for G-Cloud 13 contracts with our UK strategy and report progress to our Advisory Council, chaired by our Head of Legal and Inclusion Champion.
3. We work with multiple disadvantaged groups. An ongoing success is our support for our female workforce: while the IT industry continues to attract very low numbers of women (around 17% of the workforce), TCS employs over 36% women associates across the organisation (FY21).
4. TCS is a Disability Confident Committed employer, working closely with the Business Disability Forum to recruit and support disabled employees.
5. We are committed to attracting more diverse talent through:
a. Proactive hiring strategy at junior level to create a growing pool of female talent in TCS (currently have > 40% women in junior grades)
b. Gender neutral job descriptions and blind hiring to eliminate unconscious bias
c. Community engagement events to support and recruit from diverse community groups.
d. Return-to-Work programme post maternity or long leave. 92% of women return from maternity and continue to work with us.
6. We support disadvantaged and minority groups among our staff through Employee Network Groups. These include:
a. TCS Hive: Gender Diversity network dedicated to engaging, developing, and retaining talented women. (Currently 2000 members in UK&I).
b. Enable: Disability and Allies Network
c. Culture Ambassador Network: Supporting cultural understanding and diversity
d. Generations Network: Supporting people from different generations / age groups
e. Working Parents Network
f. UNO Parenting: Global network supporting parents who manage their work and child responsibilities single-handedly.
g. TCS Minds: Supports mental well-being.
Wellbeing

Wellbeing

Wellbeing
1. TCS is committed to and invests in the health and wellbeing of its employees. We were named ‘Best Big Company to Work For’ in UK in May 2021 and have very low staff attrition (7.2% in FY21).
2. TCS responded to Covid by establishing a team of 42 Certified Mental Health First Aiders in the UK. They:
a. Support employees experiencing a mental health crisis or emotional distress, from initial conversations through to obtaining professional help from the Employee Assistance Programme (EAP) team.
b. Spot early signs and symptoms of mental ill health and offer support, escalating with EAP, or HR if the employee is at risk.
c. Start supportive conversations with colleagues who may be experiencing mental health issues or emotional distress.
d. Assess risk of suicide or self-harm, connect with EAP and inform HR for necessary interventions.
e. Encourage employees to access EAP, or self-help tool kits available via our UK social network.
3. TCS provides free medical advice to all staff. Employees and dependents can access MediDoc24 (24*7 UK virtual GP support). This is free for employees and provides unlimited consultation. Medical / Physical services include:
a. Regular health screening.
b. First aid facility in all delivery locations.
c. Ergonomics instruction pop-ups on users’ PCs every 15 mins to give advice on rest and safe use.
d. Vaccination programs e.g., COVID, seasonal flu.
e. Health insurance coverage.
4. We run a holistic health and wellbeing initiative for all staff, including:
a. Awareness programmes that address physical, emotional, social and financial wellbeing.
b. Help employees build resilience and spread awareness, understanding, acceptance and support. Topics include:
i. Stress management
ii. Mental health awareness
iii. Work life balance
iv. Emotional Wellbeing
5. We will continue to develop such programmes for contracts awarded under G-Cloud 13.

Pricing

Price
£30 a user a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK.PublicSector@tcs.com. Tell them what format you need. It will help if you say what assistive technology you use.