Catalog360
catalog360 E-Procurement marketplace is a highly featured-SaaS, yet simple to use suite of eProcurement tools that combine to provide a comprehensive procure to pay (P2P) solution. Built using the latest technology, catalog360 delivers an exceptional user experience. Incorporating catalogue management, eRequisitions, approvals, purchase order management, inventory control, and eInvoicing.
Features
- Procure to pay (P2P) solution
- eRequisitions - PEPPOL Compliant
- Approval engine for complete overview of spending
- Purchase order management - PEPPOL Compliant
- eInvoicing - PEPPOL Compliant
- Product information management - create items with unlimited digital assets
- Approval chains and workflows - configurable to automatically generate audits
- Integrated with range of ERP's, CRM's and Finance Systems
- Contracted spend management that is mobile friendly
- Spend control and management for any organisation
Benefits
- Digital asset management tools- manage a range of asset types
- Users can configure email and mobile approval chains
- Invoice processing can be automated- support for cXML,PEPPOL,EDI document handling
- Automatic checking of invoices against PO’s before releasing to Finance
- Standard reports included.Users can customise report templates and export reports
- Content managed data available that is clean mastered data
- One stop shop for all buying needs using single signon
- Carter compliant
- PEPPOL Compliant
- Advanced catalogue searching gives full control on spending
Pricing
£50 to £65 a licence a month
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
8 3 5 7 3 6 3 9 9 7 1 1 3 6 6
Contact
HEALTHTRUST EUROPE LLP
Customer Care Team
Telephone: 08458875000
Email: customercare@htepg.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Sourcing and Finance Systems
- Cloud deployment model
-
- Public cloud
- Private cloud
- Service constraints
- No
- System requirements
- Internet Access
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Priority 1 - within 1 hour
Priority 2 - within 4 hours
Priority 3 - within 1 business day All tickets are responded to within 1 hour of receiving. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
- Our chat provider provides accessibility standards
- Onsite support
- Yes, at extra cost
- Support levels
-
A dedicated support desk is available to call or email in the UK to raise any issues or complaints. During Implementation a dedicated Account Manager is available to hand to ensure quick and easy deployment and training for all super users along with access to user guides.
On-Site support after implementation is charged hourly at a contracted rate - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Our software offers a wide variety of configuration options to support common procurement functions. The Customer is able to use as little or as much of the system as they like due to the modular approach to the system. A customer can use their own Finance systems to punch out to for internal approvals and use catalog360 as the master cataloguing system.
Catalog360 has been developed to enable rapid deployment of the services available on G Cloud, using self-service facilities where possible.
PunchOut Catalogues can be populated with rich product data using a zero touch Data Loader, or send vendor managed catalogues for approval by procurement management
Suppliers can manage their Orders and Invoices and ensure they can confirm an order when received on the portal. - Service documentation
- Yes
- Documentation formats
-
- HTML
- Other
- Other documentation formats
-
- Videos
- Word
- End-of-contract data extraction
- Full access to all data using the online reporting tools built into the system. Additional paid service available to export data into customer formats as required.
- End-of-contract process
-
Head of department is contacted 3 months in advance of contract end or customer can contact us to terminate the contract 3 months in advance.
Catalog360 would work closely with the customer to enable a smooth and secure transition at the end of the contract so the process covers complete data migration.
Read only access can be provided for a small fee after the end of contract if required or customer can extract all data using the built in reports before contract ends.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Mostly used for approvals via a mobile device for easy request and invoice approval on the go
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- We provide an easy to use, intuitive user interface that we train super users on to setup and get the most out of the system.
- Accessibility standards
- None or don’t know
- Description of accessibility
- Using the web browser the user can change accessibility features and our site will understand those and respond
- Accessibility testing
- We have not currently performed testing of assistive technology, but our software platform uses standard web technologies and expressly avoids proprietary formats that would prevent assistive access.
- API
- Yes
- What users can and can't do using the API
- All services are setup for a registered user using our internal API's. There are API's for EDI and CXML inbound services where orders and invoices can be sent directly into the system without manually creating in the UI. We also allow the ability to punchout directly from 3rd party source into our purchasing basket.
- API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Our software offers a wide variety of configuration options to support common procurement functions. The Customer is able to use as little or as much of the system as they like due to the modular approach to the system. Customers can also request specific customisation that we build into the modular structure. Any customisation requests are assessed to usability beyond the requestor, and may be built free of charge if there is a perceived demand
Scaling
- Independence of resources
- Service performance monitoring is used to establish provisioning criteria. Performance monitoring includes metrics at a systems level, as well as application performance such as request time and database query duration. Given the real-time nature of the software, adequate overhead is given a high priority.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
There is real time dashboards available to view requests, orders and invoices within the system.
All metrics can be downloaded in various formats so that the data can be manipulated or connected to PowerBI. - Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- A data loading and extracting tool is available to all customers which is user intuitive.
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- Xls
- Xlsx
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- Xlsx
- Xls
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- Our aim is 99.9% availability
- Approach to resilience
- Our equipment that holds our software is housed in data centres with n+1 levels of resilience.
- Outage reporting
- Public Dashboard and email alerts
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Username or password
- Access restrictions in management interfaces and support channels
- Restricted access with 2-factor authentication across secure channels using TLS/VPN encryption.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
-
Cyber Essentials Plus
Regular Audits to ISO27001 Standards - Information security policies and processes
-
The Company follows best practice information security policies and processes for the industry. It is the established policy of catalog360 to operate within the requirements of a documented Information Security Policy statement as a means to comply with all statutory, regulatory and contractual requirements, and, to protect the interests, property and information of the company, and of its clients and employees, against threats or loss.
In pursuance of this policy its stated requirements have been implemented together with the specified requirements of the company’s associated information security and computer system access management.
The purpose of this Information Security Policy statement is to describe how security is implemented, to give guidance to our employees whose actions can affect the confidentiality and integrity of the business, its product and services, and, to illustrate the overall commitment to security issues within our company.
The Information Security Policy is maintained by audit and review in order to provide effective assurance that all aspects of company, employee and customer specified security requirements are being implemented.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Servers are set to automatically install critical security patches nightly and scheduled patches based on release cycle. Any changes to services are vetted for security impact at the planning and implementation stages. Catalog360 follows an Agile approach to all system changes which go through a rigorous cycle of development, QA testing, UAT testing and Release.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Security managers monitor and evaluate security bulletins for application components. If possible the component is updated, and if an updated is not immediately available, a patch or mitigation is applied within 72-hours. Daily vulnerability scans completed and reviewed.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Preventative monitoring is used to identify potential compromises. When discovered, compromises are responded to within 24-hours.
- Incident management type
- Supplier-defined controls
- Incident management approach
- We maintain a security point of contact. Any security related matters are forwarded to the security POC. Cases are raised where they are contained, classified and resolved. Incident reports are emailed to affected customers.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
- Health and Social Care Network (HSCN)
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
The Catalog360 platform is a digital cloud service to support supply chain and e-procurement processes, reducing organisations carbon footprint through digitalisation of paper processes. The organisation is working towards net zero through reducing and offsetting carbon emissions.. E-procurement with catalog360 not only means that the users are changing away from paper based procurement but we offer an integrated approach to procurement and technology. By building the requirement for enriched content and electronic trading directly in to the contractual relationship between customers and suppliers a five way match is possible all in one portal.Covid-19 recovery
The Catalog360 platform has been used in public and private hospitals to assist in their Covid recovery efforts through supporting the supply chain processes for requisitioning, ordering and invoicing.
Users can get access to over 300,000 items that are vendor supplied, validated and cleansed. All of our Healthcare suppliers’ products are also clinically led and checked for quality, safety, service and price, so you can be confident that you are always getting the best value products. Catalog360 has a complete 5 way match like no other bringing Management, Procurement and Finance teams together along with the supplier community. In the pursuit to Covid-19 recovery and the new ways of working a one stop portal for all your staff means everyone can see exactly what has been ordered, when, where and how.Tackling economic inequality
Catalog360's licensing model allows SMEs access to an enterprise grade platform through an accessible pricing model, encouraging entrepreneurs and new businesses to enter the market to support the public sector, who may not traditionally be able to without an enterprise grade platform for e-procurement and supply chain management.
Catalog360's product incorporates features that were built specifically to enable public purchasing agents to provide opportunity to always buy products that are of quality, safe, excellent service and at the right price. In addition to straight forward economic contracting, the system also supports a Sourcing module that can prioritise any number of socio economic goals or programs.Equal opportunity
Catalog360 is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.Wellbeing
Mental health, good working conditions, flexible accommodation, and financial participation in company wide success are all central to Catalog360's employer-employee relationship. Reacting to the changing workplace, catalog360 has been ahead of the curve with a flexible work-from-home enabled workplace for more than three years.
Pricing
- Price
- £50 to £65 a licence a month
- Discount for educational organisations
- Yes
- Free trial available
- No