Compucorp Ltd

CiviPlus: Cloud hosting CiviCRM (CRM) with integrated Portal

CiviPlus is a highly flexible Software as a Service CRM solution based on the open-source CiviCRM platform designed for Government institutions, Non-profit organisations, membership associations and advocacy organisations. It is a comprehensive platform with all the tools you need, from fundraising to membership management, events, communications, and integrated Self-Service Portal.

Features

• Flexible stakeholder data modelling
• Membership and Fundraising Management
• Comprehensive online forms with online payments
• Case management with workflow automation
• Extensive data reporting and analysis tooling
• Integrated event management with online ticketing and payments
• End to end Application, Grant, Award and Prospect/Sales Management
• Highly flexible Self-Service Portal for Members, Volunteers etc
• Digital campaign management with drag and drop email builder
• Secure cloud hosted - Fully managed UK-based

Benefits

• Get a full 360 degree view of all your stakeholders
• Manage contacts, membership, fundraising and events from one place
• Centralise existing processes to a single flexible solution
• Integrate with online payment processors
• Realtime access to contact data and analytics
• Easy to use platform with hosting managed by Compuco
• Customise the solution yourself to meet your specific requirements
• Improve efficiencies and boost engagement through stakeholder self service
• Unlimited user licences scaling to thousands of users

£950 to £1,300 a unit a day

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Jamie@compuco.io. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

794913403031863

Contact

Jamie Novick
0207 096 3336
Jamie@compuco.io

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Scheduled security updates are normally applied monthly and require a small amount of system downtime (normally around 30 mins). We agree with clients to agree to a suitable maintenance window in order to apply these which can be outside of normal working hours. ; ; CiviPlus requires PHP with a MySQL or equivalent database.
• System requirements: Latest version of all major web browsers

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We provide a 4h response time for high priority issues during standard working hours (9am - 5.30pm) weekdays. Our standard contracts are Monday to Friday, but weekend support is available at an additional cost.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We use the ""Freshdesk"" platform for managing support requests with their integrated chatbot. Their Internal web strategy includes; - accessibility solutions.; - Integrated accessibility in their strategy and design practices.; - They regularly validate and test their website for compliance with WCAG.
• Onsite support: Yes, at extra cost
• Support levels: We provide a range of Helpdesk Support options which are based on the number of required hours per month. Clients can always increase this number of hours if needed or purchase additional use ad-hoc support hours. ; ; All our customers are allocated an Account Manager who has regular check-ins to discuss strategic focus and further products or enhancements.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The Compuco implementation process is focused on helping the CRM to deliver tangible outcomes for our clients. We are able to offer an end to end implementation service including discovery, configuration, training (both on and offsite) as well as supporting with complex data migrations. We will also supply full documentation of all processes that have been designed as part of the onboarding.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: Video
• End-of-contract data extraction: As a user you will always be able to download data via the application export features, but for more technical administrators we can provide a database export for you in any prescribed format.
• End-of-contract process: If at the end of the contract you wish to move to a new system we would work with you and your new supplier to define an exit strategy so that your organisation could continue to operate with minimal disruption over the transition period. There is no “one size fits all” approach as every organisation’s circumstances are different, but by working together we are confident that the handover can be achieved to your satisfaction.; ; We would be happy to work with any supplier to support migration to the new system, and can help with extracting data in a number of formats and providing advice and guidance as to the structure of the original data files. Once the migration has been confirmed we would decommission the old site. We would run through our final exit checklist to ensure all non-required data and access is removed from our systems before notifying the client of the same.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: An optional Android or IOS application is available that provides extensive but not complete access to CiviCRM. Some more complex functionality to create events, manage cases, create mailings is not included.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: CiviPlus has a stable comprehensive API that can be used to access and manage data in CiviPlus. The API is the recommended way for any CiviPlus extension, CMS module, or external program to interact with CiviPlus. The API explorer, a powerful GUI tool for building and executing API calls, is available to users through the CRM’s admin section. It is designed to function predictably with every new release so as to preserve backwards compatibility of the API for several versions of CiviPlus. Full details can be found at: https://docs.civicrm.org/dev/en/latest/api/
• API documentation: Yes
• API documentation formats:
  • HTML
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: CiviPlus is a highly flexible platform that supports high levels of customisations from within the application interface. This includes:; - Custom Fields and Profiles ; - Custom Groups and Tags; - Customisable Templates ; - Workflow Automation; - Membership and Contribution Structures ; - Event Management; - Reports and Dashboards ; - Localisation and Translation ; - Security and Permissions ; - Extensions and Integrations ; - User Interface and Menu Configuration

Scaling

• Independence of resources: Our hosting infrastructure ensures that customer instances are logically separated to prevent users from accessing resources not alloted to them. Compuco AWS-powered hosting ensures that customers are segregated via security management processes/controls at the network and hypervisor level.

Analytics

• Service usage metrics: Yes
• Metrics types: User last login date/time. ; Further metrics are possible and available on request. ; Full integration with google analytics available on request.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: As a user with appropriate permissions, data can be exported in a number of ways but primarily using the built in CSV exporter or via a number of reporting options.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Compuco's AWS-hosted systems guarantee 99.99% availability of the service except for any scheduled maintenance downtime as may be agreed with the customer. Higher levels of availability with high availability infrastructures are available at request. Failure to meet agreed levels of availability will result in service credits awarded to the customer.
• Approach to resilience: AWS currently provides SLAs for several services. Due to the rapidly evolving nature of AWS’s product offerings, SLAs are best reviewed directly on their website via the links below: ; • Amazon EC2 SLA: http://aws.amazon.com/ec2-sla/ ; • Amazon S3 SLA: http://aws.amazon.com/s3-sla ; • Amazon CloudFront SLA: http://aws.amazon.com/cloudfront/sla/; • Amazon Route 53 SLA: http://aws.amazon.com/route53/sla/ ; • Amazon RDS SLA: http://aws.amazon.com/rds-sla/ ; • AWS Shield Advanced SLA: https://aws.amazon.com/shield/sla/ ; ; Our well-architected solutions on AWS leverage AWS Service SLA’s and unique AWS capabilities such as multiple Availability Zones, which ease the burden of achieving specific SLA requirements.
• Outage reporting: Compuco’s incident reporting system ensures that outages (service failure, web site unavailable, etc) are reported directly to responsible parties via e-mails, so that necessary actions can be taken. An API is available on request.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: 2-factor authentication; Public key authentication (including by TLS client certificate); Identity federation with existing provider (for example Google Apps); Dedicated link (for example VPN); Username or password
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: AWS
• ISO/IEC 27001 accreditation date: 22 November 2023
• What the ISO/IEC 27001 doesn’t cover: Compuco does not hold the certification directly, however, our hosting provider AWS has certification for compliance with ISO/IEC 27001:2013, 27017:2015, 27018:2019, and ISO/IEC 9001:2015.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Stripe / Coalfire
• PCI DSS accreditation date: Valid through date: March 31 2025
• What the PCI DSS doesn’t cover: Compuco does not hold the certification directly, however, Stripe , our preferred online payment partners, have current Payment Card Industry Data Security Standard (PCI DSS) certification. ; ; • PCI DSS v3.2 Level 1 Service Provider ; ; We can also integrate with other online payment providers as required who can provide this certification for e-commerce functionality.; ; We can also integrate with other online payment providers as required who can provide this certification for e-commerce functionality.
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials Certification ; Additionally we operate an ISO 9001 aligned quality manual and ISO 27001 aligned information security policy. Our quality manual underpins our approach to software development, testing and release processes. Our information security policy underpins our approach to data management, staff training, development processes and internal data management.
• Information security policies and processes: Compucorp implement formal, documented policies and procedures that provide guidance for operations and information security within the organisation.; ; Compucorp is committed to a robust implementation of Information Security Management. It aims to ensure the appropriate confidentiality, integrity and availability of its data by maintaining policies in a centralised and accessible location.; ; A copy of our policies are available on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes to the service are managed as described by our quality manual. ; ; All code changes are subject to multiple stages of review, before being committed to a fully auditable version control system. Automated and manual tests are then run before the changes are applied to any live environment.; ; Automated and manual tests are then run before the changes are applied to any live environment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: At the application level Compuco monitors and contributes to CiviCRM's Security team. CiviCRM and therefore Compuco use a risk level system based on the NIST Common Misuse Scoring System (NISTIR 7864). Each vulnerability is scored using this system and a number is assigned between 0 and 25. Security release "windows" are the first and third Wednesday every month, PDT timezone. A release window does not necessarily mean that a release will actually be made however. The hosting platform (operating system, software, and applications) receives automated security patching for all software directly from the OS maintainers.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our comprehensive web server monitoring solution will alert us to unusual system activity, unauthorized intrusion attempts, usage abuse, and network/application bandwidth usage. Near real-time alerts flag incidents and our infrastructure team will take immediate action at the infrastructure or application level to correct any issues identified.
• Incident management type: Supplier-defined controls
• Incident management approach: Users report incidents via online ticket, email or telephone to our support team who will then investigate, categorise and escalate these to our Information Security Management Team as required. Urgent issues are given clear priority and are treated as soon as possible. We retrospective all information security incidents in order to identify solutions to ensure they are mitigated in future.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Compuco's sustainability policy aims to minimise environmental impact and promote societal contribution. It addresses emissions sources like electricity usage, corporate expenses, and employee commuting.; ; Principles:; ; - Compliance: Meet or exceed relevant laws and regulations.; - Integration: Incorporate sustainability into all decisions.; - Awareness: Ensure staff are informed and committed.; - Technology: Use advanced tech to reduce environmental impact.; ; Practical Steps:; ; - Travel and Meetings: Prioritize sustainable transport and teleconferencing.; - Equipment and Resources: Optimize data usage, conserve energy, and minimize waste.; - Externalities: Encourage staff volunteering and offset carbon emissions.; ; Our product itself can also support organisations in the global fight against climate change. CiviPlus can be used to engage with local stakeholders around environmental issues engaging with communities and advocating for environmental protection and improvement initiatives. You can centralise community outreach efforts and track engagement activities, mobilise support for environmental causes, organise volunteer events, and collaborate with community stakeholders on sustainability projects. Using CiviPlus in this way can help raise awareness, build partnerships, and drive collective action towards addressing climate change at the grassroots level.

  Covid-19 recovery

  Compuco recognised the challenges brought about Covid-19 and understands the likelihood of continued uncertainties in the near future. However, with over half of its team already accustomed to remote work, Compuco was well-equipped to support organisations during the main outbreak. It seamlessly transitioned to a fully distributed model, leveraging its experience to assist clients in their own remote work transitions. Compuco conducted client sessions, feedback, and training remotely using high-quality tools, resulting in increased efficiency and client engagement. ; ; In a post-COVID era, Compuco will continue to operate primarily in a distributed manner, capitalising on the efficiency and flexibility it offers. Remote client interactions and collaboration will remain prominent, with a continued emphasis on utilising the best available tools for effective communication and project management. The company has incorporated lessons learned during the pandemic to further optimise its operations and support clients in navigating potential future disruptions. ; ; You can also Implement CiviPlus as a tool to help charitable and membership organisations understand and address the specific needs of those most affected by COVID-19 by collecting and analysing information about individuals and communities. This can enable provision of targeted support services such as food assistance, financial aid, mental health resources, and access to educational and vocational training programs.; ; The automation native to CiviPlus can streamline communication among organisations and businesses, enabling them to access resources, coordinate relief efforts, and adapt to new ways of working that have been enforced by the pandemic. The Compuco Self-Service Portal will allow individuals and communities to remotely join together on a shared platform to apply for grants and Covid-related help, view and register for online events, access latest news and much more.

  Tackling economic inequality

  Compuco's approach to tackling Economic Inequality covers a range of practical steps:; ; - We prioritising fair hiring practices and diversity within our workforce.; - We are a Certified Living Wage Employer.; - Where appropriate, we will establishing skill development programs for underrepresented groups.; - We engage with local communities through outreach and partnerships, for example our landlord's Educational Charity.; - We offering up to 2 days of volunteering per year to each of our employees whci can be spend providing services to organisations addressing inequality.; - We support diversity in suppliers and vendors.; ; CiviPlus itself can directly support measures to reduce economic inequality. By storing and analysing demographic information and socioeconomic data within CiviPlus you can identify vulnerable populations and target support services more effectively. CiviPlus can also optimise communication and engagement with community members, empowering them to voice their needs and concerns. Through CiviPlus-enabled outreach efforts, organisations can solicit feedback, gather input, and involve community stakeholders in decision-making processes related to economic development initiatives. ; ; Where an organisation is involved in resource allocation and grant management, CiviPlus can streamline the management of resources and funding allocated to address economic inequality. By tracking grants, donations, and other financial resources within CiviPlus organisations can ensure transparency and accountability in resource allocation processes. This includes monitoring the impact of funding on targeted communities, evaluating program effectiveness, and making data-driven decisions to optimise resource utilisation for maximum social impact.; ; Finally, CiviPlus provides tools for monitoring and evaluating the impact of initiatives aimed at tackling economic inequality. The iterative process of monitoring and evaluation enables organisations to learn from their experiences, identify best practices, and continuously improve their approaches to addressing economic inequality.

  Equal opportunity

  Compuco is dedicated to fostering an inclusive work environment free from discrimination based on various grounds. This commitment extends to its services, ensuring equal access for all clients and customers. The company upholds respect and dignity for all employees and clients. Personal data handling aligns with Compuco's Data Protection Policy.; ; We ensure fair treatment in recruitment, promotion, training, and other aspects of employment based on merit and qualifications.; ; Within CiviPlus itself there are a range of features to support organisations in promoting inclusivity and addressing workforce inequality. It enables tracking and analysis of data on disabled representation, allowing targeted recruitment strategies and training programs to enhance employability. Moreover, CiviPlus can be used to focus on engagement with stakeholders to advocate for disability inclusion. Additionally, it can help in identifying and addressing employment, skills, and pay disparities, promoting fairness through interventions like diversity training and mentoring. Finally, it can assist in identifying and mitigating risks of modern slavery in the supply chain, ensuring ethical practices and compliance.

  Wellbeing

  Compuco prioritises the physical and mental health of its team members through several initiatives:; ; - Encourages taking control of health with a Wellness Day annually for preventive care.; - Provides an extra day off on employees' birthdays.; - Offers two paid volunteering days per year for supporting charitable causes.; - Grants bereavement or compassionate leave in cases of serious illness or death in the immediate family.; - Provides a personal development allowance for learning and growth.; - Offers access to a Private Health Insurance Scheme for UK employees.; - Grants two Friday afternoons off between June and August to encourage relaxation.; - Supports flexible work arrangements for better work-life balance.; - Organises various social events, both in-person and online, to foster team bonding and well-being.; ; From a product perspective, by centralising data in a single place Civiplus can be used to manage health and wellbeing initiatives within the workforce. It can facilitate access to resources like employee assistance programs and mental health support services. By tracking participation and engagement, organisations can evaluate effectiveness and tailor future efforts.; ; CiviPlus can also be used to empower organisations to engage and inspire stakeholders on the importance of prioritising health and wellbeing. Through targeted communication efforts, it can raise awareness and share success stories to encourage proactive support.

Pricing

• Price: £950 to £1,300 a unit a day
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Compuco can provide a full demonstration version of the system to clients to use for an agreed period of time (up to 1 month).
• Link to free trial: https://demo.civiplus.net/

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Jamie@compuco.io. Tell them what format you need. It will help if you say what assistive technology you use.