OntoKai
OntoKai supports the data scientist, the system architect, the data builder and ontologist as well as ordinary business users in the entity and relationship extraction, exploration, engineering, modelling, and visualisation of:
Common conceptual data models;
Ontology;
Taxonomy;
Knowledge graphs; and
Other complex semantic models.
Features
- SaaS tool to make existing data structures AI-ready and interoperable
- Visualisation of data assets, flows and relationships, internally and externally
- Ontologies to make data and data structures accessible to generalists
- Illustration of organisational demand (satisfied, frustrated and unmet) for data
- Data condition assessment and tracking of change
- Audit of data ownership, governance and absent accountabilities
- Identification and resolution of data gaps and overlaps across agencies
- EU AI quality and transparency compliance for high-risk systems
- Data pre-processing, normalization and transformation
- Data selection by complex criteria from multiple data sources
Benefits
- Easier data integration between numerous, heterogeneous sources
- Reduced information rework from more accessible data and files
- Value driven data adaption, extension, quality assurance and quality controls
- Reduced friction when exchanging information between contracting parties
- Increased efficiency, risk-reduction from joining datasets and applying AI.
- Insight into knowledge held in separate silos, networks and agencies
- Increased understanding between mutually dependent but unconnected systems
- A common visual language for non-technical and technical data users
- Increasing participation in improving the underlying infrastructure of AI
- Identification of valid, novel, useful and explainable patterns in data
Pricing
£24,628 to £4,981,400 a unit
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
7 9 9 2 3 9 6 1 7 8 5 4 0 5 9
Contact
KAIASM LTD
Steve Johnston
Telephone: 0330 223 1164
Email: info@kaiasm.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
- None
- System requirements
- SVG-capable web browser (any modern browser)
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
UK operational hours (Monday to Friday, 9-5, excluding bank holidays), unless the SoW between the client and supplier specifically includes provisions for out of hours support.
SLA response time within 2 hrs to within 16 hrs depending on trouble. - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Support levels and pricing agreed on a per contract basis.
Ranges from no support required through to extensive consultancy support. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
We provide
- onsite training
- offsite training
- user documentation
- in-application help - Service documentation
- Yes
- Documentation formats
- HTML
- End-of-contract data extraction
- A user may download their data, as a whole or in part, at any point, as JSON or CSV (or OWL, if required).
- End-of-contract process
- Client may opt to continue the service at a different service level, or cancel the service.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Mobile version version of the desktop service cut down as appropriate to the smaller screen size.
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- Web client
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
-
UAT with Voiceover (sight impariments)
UAT without mouse (mobility impariments) - API
- No
- Customisation available
- Yes
- Description of customisation
-
Custom entity and relationship attributes can be defined for particular use cases
Data validation rules can be defined for particular use cases
Test, warn and task rules can be defined for particular use cases
Scaling
- Independence of resources
- Service is typically deployed either within AWS (in which case standard AWS SLAs apply), or within a clients own cloud tenancy.
Analytics
- Service usage metrics
- Yes
- Metrics types
- The web application is instrumented for Google Analytics (this can be removed on request for secure environments)
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Other
- Other data at rest protection approach
-
Physical access controls as per https://aws.amazon.com/compliance/data-center/controls/
Additionally, if the client requests it, all data held on AWS cloud instances may be encrypted. - Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Via a download option within the application.
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- JSON
- OWL (if required)
- Data import formats
-
- CSV
- ODF
- Other
- Other data import formats
-
- JSON
- OWL
- XML
- Excel
- Log files
- Any other data format by request (additional cost)
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
If the service is hosted by Kaiasm, then uptime of covered services is guaranteed to a certain percentage of time within UK office hours, which is 9am-5pm Mon-Fri excluding bank holidays (the services will normally also be available outside these hours). The level of guaranteed uptime ranges from 95% to 99%, depending on the priority level of the service.
Uptime is calculated to the nearest minute, based on the number of minutes in the given month within the scope of the SLA. If uptime for any item drops below the relevant threshold, a penalty will be applied in the form of a credit for the client. The following month’s fee payable for the named service will be reduced on a sliding scale, or additional time will be added to the end of the contract, at the client's discretion.
Penalties range from 1% to 5% of the covered service per hour of downtime, depending on the priority of service. Uptime penalties in any month are capped at 100% of the total monthly fee of the covered service. Uptime measurements exclude periods of routine maintenance. These must be agreed between the supplier and client in advance. - Approach to resilience
- Information on resilience is available on request.
- Outage reporting
- Email alerts.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
-
As per user authentication plus, optionally:
- IP Whitelist/Firewall
- VPN
- Role based permission control - Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- Cyber Essentials
- Information security policies and processes
-
Information security policies are available on request and include
- Firewalls
- Secure configuration
- User access control
- Malware protections
- Patch management
General infosec policies include
- Use and misuse
- Working Remotely
- Bring Your Own Device (BYOD) & Working from Home
- Information classification
- Backups
- Access control, including administrator access policy
- Password policy
- Cryptographic controls
- Social media & Personal Devices
- Whitelisted Apps
Policy compliance ensured via Cyber Essentials certification, as well as internal controls (managed on an ongoing basis, including weekly patch scanning, and an annual compliance audit).
As we are a small company, reporting structure would be directly from IT or ops engineer to a member of senior managment.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Status, location and configuration of service components (both hardware and software) are tracked throughout their lifetime.
Changes to the service are assessed for potential security impact. Then managed and tracked through to completion.
We are currently updating our configuration and change management procedures to align with the ITIL framework (currently ITIL V3, moving to ITIL V4). Priority is being given to the change management process itself, but improvements are also being made across the configuration and asset management spaces too. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Cybersec risk/threat assessment performed annually as per Cyber Essentials.
Patching timescales as per Cyber Essentials:
- If evidence suggests a vulnerability is being actively exploited in the wild, mitigation to be put in place immediately.
- ‘Critical’ patches deployed within hours
- ‘Important’ patches deployed within 2 weeks of a patch becoming available
- ‘Other’ patches deployed within 8 weeks of a patch becoming available
Information on potential threats sourced from
- Desktop Central patch scanning
- NCSC Early Warning service
- Mailing lists (various) - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
The system supports extensive event auditing.
Further details on protective monitoring approach available on request. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Pre-planned incident management processes in place.
Detailed incident management approach available on request.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
The OntoKai service generates new ways of valuing using visual weighting by frequency of expressed human need, carbon embodiment, whole life cost and social value. - Covid-19 recovery
-
Covid-19 recovery
OntoKai allows users who are not knowledge professionals to engage in the creation of complex knowledge structures that form the foundation of the new economy. Its ontology production and consultancy support services are designed to be delivered in such a way that fits around family commitments. This creates employment, re-training and other return to work opportunities in this high-growth sector for those left unemployed by COVID-19. - Tackling economic inequality
-
Tackling economic inequality
Marginalised/under-privileged areas are disproportionately affected by low-quality/poorly maintained infrastructure.
OntoKai provides government with a cost-efficient, effective tool to build smart, interoperable, people-focused infrastructure, allowing for levelling-up and beyond.
OntoKai can help infrastructure companies move past simple efficiency or profit optimisation, and to begin creating equitable infrastructures to sustain high-quality conditions for human flourishing. - Equal opportunity
-
Equal opportunity
The OntoKai UI is also designed to be highly accessible (W3C AA and some AAA guidelines and UX testing with assistive software for users with vision and mobility impairments) - this helps towards reducing the disability employment gap. - Wellbeing
-
Wellbeing
The OntoKai interface is designed to increase joy in its users.
For OntoKai production or consultancy support staff, a health and wellbeing focus is a core company value and a company differentiator.
Pricing
- Price
- £24,628 to £4,981,400 a unit
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- There is a version of the service, OntoKai Free, that allows users to view and explore a single ontology made available by an existing client. It removes write, edit, merge and download capabilities.