AWTG LIMITED

iRegen

iRegen delivers smart placemaking to strengthen local identity and promote town and city centres as places where people want to be. Integrated tourism, e-trading and e-booking modules enable local businesses to trade online, from independent retailers to hair salons. iRegen also provides a platform to deploy innovative 5G services/use cases.

Features

• A city and tourism app with content managed using Wordpress
• A Single Market Place where all local retailers can trade
• Each local retailer provided with their own online store
• The Market Place also provides access to leisure/service sector businesses
• A safe and secure e-commerce platform
• A simple dashboard minimises the administrative burden on business owners
• Strict security controls govern access and authorisations within the platform
• 5G Platform: A city app ideal for hosting 5G innovations
• Native Apps: Exploit features of mobile devices and operating systems
• 3rd Party Integration: add features e.g. the availability of parking

Benefits

• Enables local authorities to kick start high street recovery
• e-Place Making: attracts shoppers to town and city centres
• e-Tourism: attracts tourists to cultural and heritage sites
• e-Trading: enables local retailers to trade online
• e-Booking: enables local leisure/service sector businesses to trade online
• Supports the physical and virtual high street to recover economically
• Wayfinding: helps shoppers and tourists to find their way around
• 5G Platform: A city app ideal for hosting 5G innovations
• Native Apps: Exploit features of mobile devices and operating systems
• 3rd Party Integration: add features e.g. the availability of parking

£0.08 to £0.15 a user a month

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ian.vernon@awtg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

793071772063443

Contact

Ian
02035155151
ian.vernon@awtg.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Some down time is required for scheduled maintenance and upgrades.
• System requirements:
  • Users require an appropriate end user device and internet connection.
  • Web Apps require Edge15, Chrome69, Safari11, Firefox62, or later.
  • Native Mobile Apps require Android7, iOS12, or later.
  • Solutions designed for screen resolutions of mobiles, tablets, laptops, PCs.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The AWTG service desk is available 24/7 and monitored by AWTG employees during working hours (Mon to Friday 7.30 to 17.30). P1 Calls: Target Response Time 30 mins, Target Resolution Time 4 Working Hours; P2 Calls: Target Response Time 60 mins, Target Resolution Time 8 Working Hours; P3 Calls: Target Response Time 4 Hours, Target Resolution Time 3 Working Days; P4 Calls: Target Response Time 24 Hours, Target Resolution Time 5 Working Hours. Customers are able to escalate a matter that has previously been reported to the Service Desk.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: AWTG will allocate a named support manager for each client. AWTG provides the same level of support for all clients. Users can log incidents with the AWTG service desk. This is available 24/7 and monitored by AWTG employees during working hours. The Service Desk is resourced by technical experts and is supported by a sophisticated AI assistant. All support calls, issues and fixes are documented and clients are provided with regular reports of performance. All support calls are prioritised 1 to 4 based on their Impact and Urgency. P1 Calls: Target Response Time 30 mins, Target Resolution Time 4 Working Hours; P2 Calls: Target Response Time 60 mins, Target Resolution Time 8 Working Hours; P3 Calls: Target Response Time 4 Hours, Target Resolution Time 3 Working Days; P4 Calls: Target Response Time 24 Hours, Target Resolution Time 5 Working Hours. Target Resolution Time: The elapsed time from the call being logged with AWTG to a complete fault resolution or to an agreed workaround being put in place until the fault is fully resolved. Target Response Time: The elapsed time from the call being logged with AWTG to an AWTG employee contacting the client to commence work on fault resolution.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: All of our GCloud 13 solutions are configured to the specific needs of each customer. AWTG follows the Prince2 Agile and Scrum methodologies and we adopt a User Centered Design approach. We follow our standard five stage onboarding and configuration approach which is described in detail in our Service Definition Document. This 5-stage process consists of Define, Design, Develop, Demonstrate and Deploy; and it is applied in proportion to the needs of each customer. AWTG will provide clients with end user and system administrator training prior to the launch of the solution. The training can be at the clients own premises or it can be provided online. AWTG will provide clients with training materials and user documentation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Prior to the end of the contract, AWTG will agree an offboarding plan with the customer. This includes details of the data that the customer wishes to extract, the format in which the customer wishes to receive the data, and how and where the data should be transmitted in a secure manner. After contract termination all live customer data will be deleted and all customer backups will be destroyed. Customers can be assured that AWTG will provide extracted data in a timely manner and in a common file format that can be easily ingested by an alternative solution. Extracted data will be transmitted to the customer in a secure manner and there will be no additional cost for this.
• End-of-contract process: Prior to the end of the contract, AWTG will agree an offboarding plan with the customer. Customers can be assured that AWTG will provide extracted data in a timely manner and in a common file format that can be easily ingested by an alternative solution. Extracted data will be transmitted to the customer in a secure manner and there will be no additional cost for this. AWTG can provide customers with additional services during off boarding if required. For example, we can retain backups until the customer has fully transitioned to a new platform. There is an additional charge for such additional services. Should the client choose to continue to operate the AWTG solution at the end of a contract period, then AWTG will agree new contractual terms, and we will not charge the customer any offboarding fees. Onboarding fees will only be charged where the customer requires additional services from AWTG such as changes to the configuration and implementation.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: AWTG provides Responsive Web Applications and Integrated Native Mobile Apps for Android and iOS. Mobile Apps take full advantage of the functionality of smart phones to provide features/content in the same way as other leading Web and Mobile Apps while maintaining familiarity and similarity with the Web application. Content for the Website and Native Mobile Apps is managed in the same cloud based Wordpress CMS. The Website is updated in near real time following any change in the CMS. Apps can be configured to ‘recommend’ or ‘force’ updates. The Apps will work when users have limited/no mobile network coverage.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: System Admin access is via a web browser. Administrator accounts are created and issued by AWTG using 2FA. Other users must register to create an account. This requires a valid email address and a strong password. Users validate accounts by responding to an email sent to the address provided within a given timeframe. User class determines the users role and privileges within the solution. User classes range from basic (least privileges) to administrator (most privileges). Access controls are tested at least once a year.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: AWTG’s websites feature the UserWay Accessibility Widget to comply with WCAG 2.1 AA requirements. UserWay is a pioneer in innovative website accessibility technologies. UserWay is led by a world class team with decades of experience with complex accessibility protocols, delivery of large scale systems and ground breaking innovation. Userway employs some of the world's leading engineers, entrepreneurs, and visionaries who are defining the future of digital accessibility for us all.
• API: Yes
• What users can and can't do using the API: The APIs enable customers to import and export data in to and out of the application, in order to enable the application to provide the functionality and information required by the customer. The APIs are configured during the onboarding process. Each customer will have different requirements from the APIs.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: The majority of the features listed can be customised to meet the requirements of each individual customer. Configuration and requirements are defined, designed, developed, demonstrated and deployed during the onboarding process.

Scaling

• Independence of resources: The architecture features smart load-balancing and data replication to ensure users are unaffected by the demand others place on the platform. The WordPress engine uses PHP which is an interpreted language with very short request-response cycles. AWTG uses PHP-FastCGI Process Manager to manage PHP processes and balance loads across single or multiple machines. In addition, AWTG use Nginx Proxy Manager for horizontal scaling of FPM instances using Docker container replication or Kubernetes orchestrator in the Google Cloud Platform. The Database server provides data replication out of the box. Customer data is shared across multiple shards when nearing its threshold.

Analytics

• Service usage metrics: Yes
• Metrics types: AWTG provides customers with a range of service usage metrics covering Web and Mobile Applications. This information is provided through a mix of real-time dashboards and regular reports.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data can be exported where this supports the business processes and workflows provided by the solution, as an automated export as part of the site functionality, or as backups/exports as part of support services.
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: Other
• Other protection within supplier network: Within Google Cloud Platform, VM to VM routing, including routing to a VM like managed service such as Cloud SQL, takes place on Google's own network backbone, using RFC1918 private IP addresses. In some circumstances, this may require routing traffic outside of the physical boundaries controlled by or on behalf of Google, although as all services for an installation exist within the same Google Cloud Region and Google Cloud Regions map to specific data centres, the likelihood of this happening is extremely low.

Availability and resilience

• Guaranteed availability: AWTG’s standard SLA is 24/7/365 site availability with an annual availability of 99.9%. This excludes planned downtime for pre arranged maintenance activities and downtime as a result of factors outside of our control. AWTG operates a service credit regime to compensate customers should we fail to meet our guaranteed level of availability (99.9% excluding planned downtime and downtime as a result of factors outside of our control). Service credits are calculated annually. Customers are refunded a percentage of their annual costs for every 1% shortfall in availability below 99.9%.
• Approach to resilience: AWTG Platforms are hosted in two physically separate UK locations. The infrastructure is configured into an active-passive high availability cluster to ensure application availability. Zone 1 is the primary location and actively processes traffic. Zone 2 is a backup that replicates Zone 1, that monitors the health of the primary and takes over if Zone 1 fails. Load Balancing distributes client requests or network load efficiently across multiple servers in each zone, ensuring high availability and reliability by sending requests only to servers that are online in that zone. Load balancing is provided in both zones. AWTG platforms are designed to scale horizontally to handle growth in traffic or usage.
• Outage reporting: AWTG platforms are hosted in the Google Cloud Platform. AWTG utilises Google Cloud Monitoring tools and its own additional artificial intelligence enabled monitoring and health state alerting tools to manage the performance of the Application including its ongoing availability. In the event of an outage, AWTG automatically alerts customers by email and automatically alerts AWTG DevOps employees by email and text message. Outages are managed as Priority 1 incidents. Here the target is to respond to the customer within 30 mins and to resolve the issue or put in place an agreed workaround to restore service within four working hours of the incident being logged. If this is not possible, due to the nature of the fault, then AWTG will make all reasonable efforts to escalate the issue and provide any additional technical resources as may be required to achieve a full restoration of the service.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: To access AWTG applications, user must first register to create an account. User registration requires a valid email address and a strong password. Users must validate their accounts by responding to an email sent to the address provided. If a user fails to respond to the validation email promptly, the account is deleted. Each user is allocated to a class which determines their role and privileges within the solution. Users have the minimum required rights to access only the facilities they have rights to. Only AWTG can create administrator accounts which are validated using 2FA.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: CQS (Certified Quality Systems) Limited
• ISO/IEC 27001 accreditation date: 28/05/2021
• What the ISO/IEC 27001 doesn’t cover: The scope of the certification applies to the approved Information Security Management Systems relating to the following activities: The Provision of Engineering Consultancy, Design Optimisation and Network Performance Verification Services.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: AWTG complies with ISO27001, CSA CCM 3.0 and Cyber Security Essentials. AWTG has established an ISO27001 certified Information Security Management System (ISMS) and governance framework. The security governance framework coordinates and directs the management of the solutions and services that we provide and the information that is contained within them. The governance framework ensures that procedures, employees, physical and technical controls continue to work through the lifetime of the solutions and services that we provide to our customers. The framework is regularly updated to respond to changes in the solutions and services that we provide, technological developments and the appearance of new threats. The framework specifies named officers responsible for legislative compliance including data protection and GDPR.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: AWTG maintains an accurate picture of assets along with their configurations and dependencies. Our ISMS conforms to CSA CCM 3.0. AWTG identifies and manages changes which could affect the security of the service and we detect and prevent unauthorised changes. We use the following Google configuration management tools Security Command Centre, Resource Manager and Cloud Deployment Manager. In addition, AWTG is able to validate the full hosting stack using Shielded VMs, which enable live measurement, monitoring, and alerting for any changes. Google provides robust logging services which provide information such as "who did what, where, and when."
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: AWTG has management process in place to identify, triage and mitigate vulnerabilities. Our ISMS conforms to CSA CCM 3.0 In addition, Google’s vulnerability management team track and follow-up vulnerabilities. Once a vulnerability requiring remediation has been identified, it is logged, prioritized, and assigned an owner responsible for ensuring it is remediated. Google administrates a vulnerability management process that actively scans for security threats using a combination of commercially available and purpose-built tools, intensive automated and manual penetration efforts, quality assurance processes, software security reviews and external audits.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: AWTG’s ISMS conforms to CSA CCM 3.0. Google Cloud Platform services monitor for attack, misuse and malfunction in order to detect successful and unsuccessful attacks and quickly respond to potential compromises of customer environments and data. AWTG uses the following Security products: Cloud Identity and Access Management, Cloud Security Scanner, Event Threat Detection, Cloud Security Command Centre and Security Health Analytics, and, Shielded VMs that enable live measurement, monitoring, and alerting for any changes of the full stack.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: AWTG’s ISMS conforms to CSA CCM 3.0. We have carefully pre-planned incident management processes in place so that when incidents do occur, the correct decisions are made minimising the impact on users of security, reliability and environmental issues. Google has a rigorous incident management process for security events that may affect the confidentiality, integrity, or availability of systems or data. This process specifies courses of action, procedures for notification, escalation, mitigation, and documentation. It is structured around NIST guidance on handling incidents (NIST SP 800–61). Google will notify AWTG of data incidents promptly and without undue delay.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  AWTG is committed to sustainable business practices and operations in order to minimize and where possible negate its impacts on the environment.; ; At time of writing, AWTG is seeking certification for ISO 14001 for environmental management.; ; AWTG takes all reasonable steps to minimise its impact on the environment. For example: recycling of equipment at end of life safely and securely; ethical sourcing of equipment; minimising our carbon footprint; taking green travel options; using low energy electronic devices; using equipment that automatically switches off when not in use.; ; AWTG has a silver certificate award from Ecovadis for our sustainability as a business and we continually strive to improve all areas of our operations to reduce the environmental impact.; ; AWTG is Certified for ISO9001, ISO27001, Cyber Security Essentials. This information security and quality management certification and compliance includes environmental policies/processes/standards. ; ; AWTG demonstrates its commitment to environmental transparency by disclosing its environmental impact through CDP, a global non-profit that runs the world’s leading environmental disclosure platform.; ; In its disclosure, AWTG shares its environmental impact and continuous action towards achieving positive environmental impact on all AWTG products and projects. AWTG has disclosed its environment impact in order to raise awareness across the industry about how to ensure a sustainable future. AWTG aims to lead the way towards contributing to a sustainable and bright future for generations to come.
• Covid-19 recovery:

  Covid-19 recovery

  AWTG helps individuals, communities, towns, cities and regions to recover from the Covid-19 pandemic and the socio-economic impact of the lockdowns in many ways.; ; We provide free of charge outdoor public access wi-fi networks that enable digitally excluded people to access online information and services that help them recover. ; ; We provide wi-fi networks for local authorities, the social housing sector, and NHS organisations.; ; We also help these sectors tackle digital exclusion. Our service include: digital inclusion strategy development; communication campaigns that encourage people to get online; free of charge public access wi-fi networks; and a web/mobile app designed to help commissioning organisations and 3rd sector groups to provide digital inclusion support in their communities (iYouth).; ; AWTG has a suite of software products designed to help the public sector exploit the social and economic benefits of mobile connectivity for post covid recovery.; ; Our iYouth Web and Mobile App helps 3rd sector groups to operate grass roots activities such as youth clubs, sports clubs and digital inclusion schemes. iYouth enables enrolment and registration, safeguarding, information sharing, events management, group communication, messaging and alerts, e-payments and administration. It supports commissioners and enables social cohesion.; ; The iRegen Platform delivers smart placemaking to strengthen local identity and promote town and city centres as places where people should be. Integrated e-trading and e-bookings modules enable the smallest local business to trade online, from independent retailers to hair salons. iRegen provides a platform to deploy innovative 5G services.; ; The iBecome apprenticeship and careers portal is a modern, vibrant and engaging web and mobile app tailored to the needs of a town, city or region. Local young people can search and apply for apprenticeships; enrol on training schemes/events; and, access advice and guidance about education, skills, training and employment.
• Tackling economic inequality:

  Tackling economic inequality

  As an organisation, AWTG is committed to working with local suppliers wherever this is feasible within the scope of the services that we’re delivering. ; ; When we work with local authorities on a major project, we commit to provide a new job position for an unemployed individual within the local area.; ; We also commit to provide students aged 16+ with work experience placements spread across the duration of our local contracts. ; ; AWTG has a suite of software products designed to help the public sector exploit the social and economic benefits of mobile connectivity.; ; iRegen has been designed to help high streets recover from the compound impact of the financial crises, economic down turn and COVID-19 lockdowns. It is designed to attract people to the physical high street and the bricks and mortar businesses that are located there. It is also designed to support local businesses when shoppers are not in the high street by providing online access to sophisticated e-commerce functions. Integrated e-trading and e-bookings modules enable the smallest local business to trade online, from independent retailers to hair salons. iRegen also provides a platform for towns, cities and regions to deploy innovative 5G services to further attract people to shop locally such as Augmented Reality and Wayfinding.; ; The iBecome apprenticeship and careers portal is a modern, vibrant and engaging web and mobile app tailored to the needs of a town, city or region. Local young people can search and apply for apprenticeships; enrol on training schemes/events; and, access advice and guidance about education, skills, training and employment.; ; iBecome can encourage young people to apply for vacancies in industries with skills shortages or in high growth sectors; to provide access to training that address skills gaps; and it can remove barriers preventing applications for certain industries.
• Equal opportunity:

  Equal opportunity

  AWTG is committed to being an equal opportunities employer, and operates an equal opportunities policy for all employees, members of staff and job applicants in respect of recruitment, terms and conditions of employment and opportunities for training and promotion, regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race (including colour, ethnic or national origin and nationality), religion or belief, gender, sexual orientation, or any other criteria not specifically related to potential, skills and abilities.; ; We have a legal duty to provide employees with a safe place of work. This includes a duty to provide a workplace which is free from harassment, including harassment by third parties. Harassment may in certain circumstances, also amount to unlawful discrimination.; ; Any breach of our equal opportunities policy and any act of discrimination or harassment will be viewed very seriously and will constitute a disciplinary offence in respect of which an offending employee may be summarily dismissed on the grounds of gross misconduct.; ; AWTG is committed to ensuring that no discrimination, harassment, victimisation or bullying at work, whatever the motivation, is overlooked or condoned.; ; The policy applies to all directors, Managers and employees of AWTG together with applicants, consultants, workers, agency workers, and contractors, trainees, homeworkers, casual staff and volunteers working for us and other individuals such as external suppliers, not directly employed by AWTG but with whom we have dealings during the course of our business.; ; Our policies apply equally to the treatment of our visitors, clients, customers and suppliers by our staff and the treatment of our staff by these third parties.
• Wellbeing:

  Wellbeing

  AWTG does not have a specific wellbeing policy. However, we support the health and wellbeing, including physical and mental health, of our employees through a combination of other HR policies and processes. Contributory policies include: health and safety; sickness and absence; alcohol, drugs and substance misuse; maternity, paternity and parental leave; flexible working; and, special leave.; ; AWTG has a suite of software products designed to help the public sector exploit the social and economic benefits of mobile connectivity.; ; Our iYouth Web and Mobile App helps 3rd sector groups to operate grass roots activities such as youth clubs, health and wellbeing, exercise and digital inclusion schemes. iYouth enables enrolment and registration, safeguarding, information sharing, events management, group communication, messaging and alerts, e-payments and administration. It supports commissioners and enables social cohesion.

Pricing

• Price: £0.08 to £0.15 a user a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ian.vernon@awtg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.