Fulcrum Digital UK Ltd

AI Services (Ryze Platform)

Ryze is a comprehensive GenAI accelerator platform designed to simplify the integration of artificial intelligence within enterprises. It offers a range of features including enterprise search, data analysis and automated agents enabling businesses to efficiently and ethically leverage AI to enhance decision-making and operational efficiency.

Features

• Ryze Reader - Processes all structured and unstructured documents intelligently
• Enterprise Search - Quickly retrieves information from vast datasets
• Data Synthesis
• Agent Automation - Streamlines processes, enhances efficiency and accuracy
• Converts unstructured data into organized, usable formats
• API Connectivity - Integrates seamlessly with systems
• Speech and Avatar-Based Conversational AI Agents

Benefits

• Enhance Decision Making - Utilize advanced analytics
• Boost Operational Efficiency - Automate routine tasks
• Easily search and retrieve data from any Document
• Streamline Document Handling
• Integrate with Existing Systems - Seamlessly connect with Enterprise tools
• Facilitate Global Operations - Support multiple languages
• Secure Sensitive Data - Maintain high standards of data security

£15,000 to £20,000 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukrfp@fulcrumww.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

782366872793836

Contact

Costanza Calajo
07469209397
ukrfp@fulcrumww.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: It can act as an add on service to all software whose data and be retrieved to give additional insights
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: At present it has no known constraints as it is very flexible and adaptable.
• System requirements:
  • Kubernetes Compatible Server
  • Postgres Compatible Database
  • Data Storage Server

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within one working day
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: Keyboard accessibility and compatibility with common screen reader software.; Voice control integration for hands-free chat.; Supporting adjustable font sizes, color contrasts, etc. for visual accessibility.; Proper labeling and workflows optimized for assistive tech users.; Comprehensive accessibility testing with a diverse user group.
• Onsite support: Yes, at extra cost
• Support levels: Support Levels:; We offer tiered support levels such as:; ; Basic/Standard Support - Covers break-fix issues, basic troubleshooting; Premium/Enterprise Support - Includes proactive monitoring, faster response times, dedicated resources; Mission Critical Support - The highest tier with guaranteed uptime, 24/7 access to senior engineers; ; Cost:; The cost will vary significantly based on the support level, but typically:; ; Basic Support may be included or a flat yearly fee; Premium Support is often charged as an annual fee or percentage of product/service cost; Mission Critical can be very expensive, sometimes over 20% of the product cost annually; ; Technical Account Management:; For higher support tiers, we provide:; ; Technical Account Managers (TAMs) - Dedicated resource coordinating support, escalations, roadmaps; Cloud Support Engineers - Specialized cloud architecture/operations experts assigned to customers
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online Training: We offer a series of interactive online training sessions designed to familiarize users with all aspects of the platform, from basic functions to advanced features.; ; User Documentation: Comprehensive documentation is available, which includes user manuals, FAQs, and best practice guides to help users understand and utilize the platform independently.; ; Customer Support: Dedicated customer support is available to assist with any technical issues or queries regarding the platform, ensuring users can get help whenever needed.; ; Feedback Loops: We encourage users to provide feedback, which we use to tailor training materials and develop new features that meet evolving needs.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Built-in data export utilities that allow users to download all their stored data in standard formats like CSV, JSON, etc. This could include transaction data, documents, analytics and more.
• End-of-contract process: To be mutually agreed with the customer

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The screen will render optimally considering the real estate and the OS capabilities
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: AI Model Management: An interface to upload, version, test and deploy AI/ML models into production environments.; Data Integration: Connectors or interfaces to ingest data from various sources to train/run AI models on.; Experiment Tracking: A way to log, visualize and compare training runs, hyperparameters, metrics across models.; AutoML: Automated machine learning capabilities to build, optimize and tune models.; Monitoring: Dashboards to monitor model performance, drift, accuracy, etc. in production.; Governance: Controls around data privacy, ethical AI, risk management, compliance.; Collaboration: Sharing, documenting, and co-developing AI projects across teams.; Compute Management: Provisioning and scaling compute resources for training and inference workloads.
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: Keyboard accessibility and compatibility with common screen reader software; Voice control integration for hands-free chat; Supporting adjustable font sizes, color contrasts, etc. for visual accessibility; Proper labeling and workflows optimized for assistive tech users; Comprehensive accessibility testing with a diverse user group
• API: Yes
• What users can and can't do using the API: The user's can consume the APÌ using REST ; User's can setup using OpenAPI 3
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: What can be customized?; ; For AI model services: Model architectures, training data, hyperparameters; For chatbots/assistants: Persona, knowledge domains, conversational flows; For business software: Interface branding, workflow rules, integrated apps; ; How users customize?; ; Code/низ configuration files; Graphical interfaces to toggle settings; Working with service providers to define custom requirements; ; Who can customize?; ; Software/product engineers and data scientists; IT administrators based on company policies; End users within permissioned boundaries

Scaling

• Independence of resources: Multi-Tenant Architecture; Many services employ a multi-tenant architecture where each customer's data and compute resources are logically isolated and siloed, preventing noisy neighbors.; Dedicated Resource Pools; For higher tiers, providers may offer dedicated resource pools (servers, databases, networks, etc.) allocated solely for a single customer's workloads.; Autoscaling and Load Balancing; Services can automatically scale out additional resources during demand spikes and load balance traffic to maintain performance.

Analytics

• Service usage metrics: Yes
• Metrics types: Uptime/Availability Metrics; Reports on the percentage of time the service was operational over a given period, as well as any downtime incidents.; Performance Metrics; Data on response times, throughput, delays, etc. to measure the service's speed and efficiency.; Usage/Traffic Metrics; Numbers around active users, data transfer, transactions, to understand service consumption.; Error/Issue Metrics; Rates of failures, bottlenecks, faults to identify problem areas.; Cost/Billing Metrics; For metered services, metrics on charges, deployment sizes, resource consumption.; Security Metrics; Reports on threat events, vulnerabilities, encryption levels.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data Export Tools; ; Self-service export utilities or APIs allowing users to download all their data in standard formats like CSV, JSON, etc.; Options to export entire data sets or scoped exports based on date ranges or filters; Scheduling recurring automated data exports; ; For a period after contract termination, users retain read-only access to their data sources to perform manual exports; Ability to query databases, download files, export logs during this window; ; Migration Services; ; Providers offer professional data migration services to handle complex extracts; Secure transfer appliances to physically migrate large datasets; ; systems must enable transferring personal data to other providers
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Availability Metrics; ; Expressed as a percentage of uptime over a given period (monthly, annually); Different services have different availability targets (e.g. 99.9% for basic, 99.99% for business-critical); ; Service Level Agreements; ; Contractual commitments around availability, performance, responsiveness, etc.; Availability SLAs of 99.9% equate to 43 minutes of maximum monthly downtime; ; Credits/Refunds; ; If availability SLAs are missed, customers receive service credits or discounts; Credit amounts calculated based on the magnitude of the availability shortfall; Some providers have refund policies for extended/severe outages
• Approach to resilience: Data Center Resilience; ; Redundant power, cooling, network and security infrastructures; Data replicated across multiple availability zones/regions; Failover capabilities to shift traffic during localized outages; ; Application Resilience; ; Architected for high availability, with no single points of failure; Multi-regional/multi-cloud deployments; Auto-scaling capabilities to dynamically provision more resources; ; Operational Resilience; ; Chaos engineering to proactively test failure scenarios; Incident management and disaster recovery processes; Backup and restore mechanisms for data protection
• Outage reporting: Through all these modes. ; a public dashboard; an API; email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Role-Based Access Control (RBAC); ; Assigning users roles with specific permissions to access certain functions; Example: Admins can modify settings, general users can only view reports; ; Multi-Factor Authentication (MFA); ; Requiring multiple forms of authentication to gain access; Example: Password plus a one-time code sent to a verified device
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: IAS
• ISO/IEC 27001 accreditation date: 06/06/2020
• What the ISO/IEC 27001 doesn’t cover: Offshore delivery centre is only cover, all the other locations are not covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: ISO 27001: An international standard for information security management systems.; ; Data Protection and Privacy Policy: Outlining how we handle and protect user data in compliance with applicable laws and regulations.; Access Control Policy: Defining rules for granting, reviewing, and revoking access to systems and data.; Incident Response Policy: Providing a structured approach to handling and responding to security incidents.; Change Management Policy: Governing changes to systems, applications, and infrastructure to minimize risks.; Encryption Policy: Ensuring sensitive data is encrypted both in transit and at rest.; ; Regular Audits: We conduct audits to assess compliance with our policies and industry standards.; Access Reviews: Periodic reviews of access permissions; Security Awareness Training: All receive training on information security practices; ; Chief Information Security Officer is responsible for overseeing and directing our information security program, reporting directly to the Chief Executive Officer (CEO).; Security Operations Team: This team handles day-to-day security operations, incident response, and vulnerability management.; ; Automated Monitoring: Continuous monitoring systems alert us to potential policy violations or suspicious activities.; Compliance Checks: Regular compliance checks and audits ensure policies are followed, and any non-compliance is addressed promptly.; Incident Reporting: We have a clear process for reporting and escalating security incidents or potential policy violations.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Component Inventory and Tracking; ; Maintaining a centralized asset inventory system (e.g. CMDBs) to track all hardware, software and service components; Versioning and documenting component lifecycles from development to retirement; ; Change Approval Workflows; ; Defined processes like change request forms and change advisory boards to assess, prioritize and approve changes; Change scheduling and communication to impacted teams/customers; ; Testing and Staging Environments; ; Dedicated non-production environments to test and validate changes before production deployment; Automated regression testing suites to check for functional issues; ; Security Impact Analysis; ; Required security reviews and risk assessments for major changes; Penetration testing of new components for vulnerabilities
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Threat Assessment; ; Continuous monitoring of intelligence sources like security advisories, bug bounties, threat feeds; Performing penetration testing and code auditing to identify potential vulnerabilities; Analyzing findings based on risk scoring like CVSS to prioritize remediation; ; Patch Management; ; Dedicated security response teams to investigate, recreate and develop patches; Defined patch release cadences - critical patches pushed immediately, others bundled; Staged rollouts starting with test environments before production deployment; ; Information Sources; ; Vendor/open source Security Advisories and Bulletins; Threat intelligence platforms and security research communities; Internal application monitoring, incident response and bug bounty programs
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Compromise Identification; ; Security monitoring tools detecting anomalies (SIEM, SOAR); Endpoint detection and response (EDR) tools watching for malicious activity; Analysing application/access logs for suspicious patterns; Automated alerting and notification workflows; ; Incident Response; ; Established incident response plans and playbooks; On-call security response teams to triage and investigate incidents; Ability to isolate, quarantine or take affected systems offline; Forensic data collection and evidence preservation; Crisis communication protocols; ; Response Times; ; Severity-based response timelines (e.g. 1 hour for critical, 24 hours for low); Defined metrics and SLAs around incident response times; Automated containment measures for known threat patterns
• Incident management type: Undisclosed
• Incident management approach: Pre-Defined Processes; ; Documented playbooks/runbooks for common incident types (e.g. outages, breaches, etc.); Defined roles and responsibilities for incident response teams; Integration with monitoring tools to automatically trigger incident workflows; ; User Reported Incidents; ; Support hotlines and web-based console to report issues; Chatbots or automated forms to capture incident details; Ability to attach logs, screenshots and other diagnostic data; ; Incident Communications; ; Status pages/portals providing updates on ongoing incidents; Subscription-based incident notification streams via email/SMS; Post-incident reports with root cause analysis and remediation steps

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Tackling economic inequality

  We adopt measures which aim to address systemic barriers, improve opportunities for all employees and contribute to a more equitable and sustainable economy. Some measures adopted by fulcrum are listed below : •Ensuring a fair and transparent performance review process : A performance review is one of the best techniques for identifying improvement areas and taking conscious steps towards better performance. Performance is reviewed for each employee on a six monthly basis. It allows all employees to improve upon the areas which are highlighted during the feedback session. It also gives the employees an opportunity to formally address any concerns or support needs they have which they would like to bring to the managers attention and hence ensure continuous advancement and growth in their career. • Promotion of diversity and inclusion: Fulcrum has always created a workplace culture that values diversity and inclusion. This can be seen through our DE&I programmes like women in Tech and Women leadership development programmes. We create an inclusive environment by providing equal opportunities for career advancement and professional development for underrepresented groups. • Continuous learning and growth is promoted by Fulcrum by offering education and training programmes through their dedicated learning and development team which ensures multiple trainings are conducted every month to meet departments/everyone's training needs. We also have a certification policy in place to support employees. •Flexible working arrangements – Hybrid working arrangements are implemented in Fulcrum and this in turn provides the employees with great work life balance and opportunities to juggle work responsibilities with other commitments such as care giving or further education. • Healthcare and wellness programmes : At Fulcrum all employees are offered private medical coverage to promote employee wellbeing. Our insurance coverage offers a range of wellness programmes such as mental health support services, discounted gym memberships.

  Equal opportunity

  At Fulcrum, we have an equal opportunities policy in place which showcases our dedication to fostering an inclusive and diverse workplace environment where all individuals are treated with dignity and respect. Our commitment to equal opportunities and non-discrimination extends across all facets of employment, from recruitment to termination. Our policy outlines our approach to ensuring fairness and equality for all employees, irrespective of their background, characteristics, or personal attributes. Through the implementation of this policy, we aim to create a workplace culture where diversity is celebrated, and every individual has the opportunity to thrive and succeed based on their abilities and contributions.

  Wellbeing

  FD provide the below measures for physical and mental health: 1. Providing a healthy work environment with strict policies against harassment and discrimination 2. Accept and implement mental health and wellbeing as part of our employee welfare programs 3. Create a conducive work culture 4. Focus on preventive measures at an org level 5. Using technology to track data and work on preventive measures 6. Helping with treatment of issues 7. Empathy is practiced as a part and parcel of leadership behavior measures that we take at an org level are: • Creating awareness by way organizing online workshops/seminars every week on physical, and mental health and wellbeing, on different aspects of health. Along with those preventive measures like stress management, yoga, how to maintain work -life balance with the respective experts in those fields. • Registered with medical practice service providers, Doctors online 24/7. • Stress busting programs/interventions like games/exercises/fun events conducted at least once a week by the HR teams • Sessions on investment, financial asset management, retirement & beyond • Discussions/sessions/mailers by leaders on effects of remote working and how to manage the effects of it • Personal video counselling sessions with trained psychologists for employees and their family members • Trekking, mini-marathons, walkathons, cyclothons, stepathons, sports & games and arranged as a part of fitness week/month at a global level to encourage health and fitness • Gym membership reimbursements to encourage fitness and health • Medical insurances for all employees and care providers who would help them and their families during any ailments, including hospitalization • 2 weeks of paid leave as a policy for serious health ailments if they have no paid PTO’s available • Leave donation policy facilitated for employees with major heath conditions which require extended treatment/hospitalization.

Pricing

• Price: £15,000 to £20,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Access to the AI platform, with limited features.; Enterprise grade services are not included and it is recommended to not use any sensitive data during the access period as the data will be erased at the end of the 2 weeks of trial period.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukrfp@fulcrumww.com. Tell them what format you need. It will help if you say what assistive technology you use.