INVOTRA LIMITED

Invotra Police Intranet

Invotra Police Intranet currently supplies intranets to 47% of UK Civil Servants. Designed to give employees a voice, Invotra Police Intranet provides the intranet tools people need to self-serve, collaborate and work efficiently. A customisable intranet with people directory, search, analytics, CMS, collaborative apps and integrations that drive productivity/engagement.

Features

• Design: Control Branding, Information Architecture, Layouts, Widgets
• Content Management System (CMS): Intuitive Content Creation With Targeting
• Real-Time Analytics and Metrics: Comprehensive Dashboards on Access, Usage, Engagement
• Social Collaboration: Built-In Social Apps & Commenting, Rating, Likes, Following
• Centralised/Distributed Publishing: Supported with Workflow, Revisions, Role-Based Permissions
• 2000+ Integrations: Office 365, iFrames, Feeds, Websites, Zapier.
• Guidance through Self Service: Manuals, Policies, Resources
• Search: Enterprise Search Configuration and Federated Search (Office 365)
• Mobile Application: For Secure, Instant Access On The Go
• Extranet Portal: Controlled Access To External Third Parties (Partners, Suppliers)

Benefits

• Accessibility: WCAG 2.1 AA Compliant & Built-In Content Accessibility Checker
• Autoscaling Environment: Scales To Your Needs
• Secure Hosting & Access: Backed By Amazon Web Services (AWS)
• Fully Responsive: A Great Experience on Computers, Laptops, Tablets, Mobile
• Rapid Onboarding Available: Get Up and Running in Weeks
• Extensive API Available: Inbound and Outbound Connectors
• ISO27001 & Cyber Essentials Certified and UK Hosted Data
• PanGov Community: Collaborate and Knowledge Share with Invotra's Government Customers
• Service is Everything : Dedicated Account Manager/Guardian of Your Investment
• Huge Cost Savings: Replacing Legacy Systems across UK Public Sector

£1.00 a user a month

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@invotra.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

873586946537181

Contact

Billy Clackers
01483 672592
sales@invotra.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Any perceived constraints will be reviewed and agreed as part of the mutually agreed Service Design.
• System requirements: Modern Personal Computer

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Invotra's tickets are categorised into different priority levels, from P1 - P4, each with the corresponding response and target resolution time. The times listed below are the average response times: Priority 1 Level - 30 minutes, priority 2 Level - 1 hour, priority 3 Level - 4 hours and priority 4 Level - 5 hours. These response targets are applicable for 07:00 - 19.00h Monday - Friday excluding UK bank holidays.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: At Invotra, service is everything. We take great pride in the ways in which we deliver a premium service to our customers. ; ; See our Invotra Cloud Software Service Definition Document for full details of our support levels offered. Our Service Desk availability hours are 07:00-19:00h Monday - Friday excluding UK bank holidays. ; ; P1 incidents can be raised 24/7 365. The SLAs for incidents and support queries are as follows: P1 - 4 hours, P2 - 8 hours, P3 - 24 hours, P4 - 60 hours and support queries - 60 hours. ; ; As part of the incident and support query management we will engage various levels of technical (engineer) and non-technical support as required. There are no costs associated with incident and support query management activities.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Invotra's professional consulting arm, Invuse (FKA Invotra Consulting) provides a comprehensive onboarding service from the very beginning, enabling our customers to deliver a great service to their end users. Invotra Consulting offer onsite training, online training and user documentation. ; ; The program has been designed to ensure your internal teams have all the skills, guidance and structure they need, including: User data management and import, stakeholder engagement, minimum Viable Product (MVP) scoping with communications teams, Single Sign-On setup, product training (onsite and online), portal structure and design, setup and implementation of MVP with communications teams, establishing guidance and best practices around portal usage, live service setup (including integration with your IT model), analytics setup, establishing a rollout plan, project launch and support. Once you're ready to launch, we will conduct a detailed handover to Invotra’s Live Service team for them to support you and your users throughout the period of your contract.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users can extract their data via the APIs at any point in time from the service, free of charge. Alternatively, if requested, Invotra can explore a specific extraction that could be chargeable dependent on requirements.
• End-of-contract process: We include standing down and secure termination of your Invotra service. ; ; Bespoke off-boarding can be requested based on the customers needs. This may include specific data extraction requirements, exit review processes etc. If requested, Invotra can explore a specific extraction that could be chargeable dependent on requirements.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There are no differences between mobile and desktop services. Invotra is fully responsive to support access via multiple devices.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: We have a service interface that is available to customers and can be provided if requested.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Invotra is compliant to WCAG ‘AA’ standards for all organisational users who access the system. However, simply saying that we meet the standards is not enough. We go above and beyond being compliant in order to create a positive user experience for 100% of users. Invotra employees travel the UK to meet with accessible software users, conducting user testing with people of differing types of disabilities and assistive software. The aim of the testing is to identify the different methods in which users would interact with the system and to identify the varying competency with the assistive technology. From this we are able to adapt the user interface to accommodate multiple variations of techniques used depending on the disability and competency with assistive technologies. Invotra understands that a continuous software development life cycle creates an environment where the user interface will change. Therefore user testing is conducted at stages where either there has been major user interface changes or to verify that previous challenges have been remedied.
• API: Yes
• What users can and can't do using the API: With Invotra Cloud Software, customers can use APIs to exchange data relating to people, content, apps, files and taxonomies. More information can be provided upon request.
• API documentation: Yes
• API documentation formats: Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Invotra is built to be flexible. The customer controls everything from their information architecture to their branding, to the configuration of their search, tagging, commenting, and much more. Invotra also offers in-place editing for managers and publishers, who can design and arrange their content by moving and configuring widgets throughout their sections and content types. Distributed publishing also promotes collaborative publishing with larger teams of authors, editors and publishers. In other words, specialists who have the expertise to produce quality content consistently and quickly. See the Invotra Cloud Software Service Definition for more details.

Scaling

• Independence of resources: The application has been designed with an auto-scaling architecture which means the platform will automatically scale to support increased traffic.

Analytics

• Service usage metrics: Yes
• Metrics types: Invotra provides a full analytics service directly within the product enabling organisations to roll-out evidence-based improvements to their intranet. Stakeholders and content authors can track statistics and KPIs, helping to justify their digital strategy, and demonstrate that key metrics are being achieved.; ; Here are some popular examples:; Views of articles, channels or specific areas of the application; Average length of time on application; Most searched terms ; Sentiment analysis on comments; Page overlay to see which parts of the pages users click most; User transitions for capturing journeys; Most commented/liked posts; Popular message/post types; Skills people in the team/location have
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Invotra supports APIs as well as in product exporters for data extraction.
• Data export formats:
  • CSV
  • Other
• Other data export formats: JSON
• Data import formats:
  • CSV
  • Other
• Other data import formats: JSON

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: Other
• Other protection within supplier network: AWS VPC

Availability and resilience

• Guaranteed availability: 99% uptime is guaranteed by Invotra. In the event of a failure to meet the specified service levels, a service credit can be applied for by the customer. The details of the service credits available are in Invotra's Terms and Conditions.
• Approach to resilience: Both high and low level designs are published on GOV.invotra, a private portal offered to all of Invotra's UK Government customers.
• Outage reporting: Email alerts are also sent to affected customers during any outages recorded.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: All processes and policies are detailed within an internal system which is available for review on request. The system fully supports all policies and processes required for ISO 27001.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus, ISOQAR
• ISO/IEC 27001 accreditation date: 15 March 2019
• What the ISO/IEC 27001 doesn’t cover: We do not have any exclusions for our ISO 27001:2013 certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We currently hold the ISO/IEC 270012013 certification and have no exclusions. All policies and processes are stored within our internal system which can be made available for review upon request. The system fully supports all policies and processes set out by the International Standards organisation and is outlined in the requirements for ISO 270012013. To ensure that all staff follow the information security policies and processes, we conduct annual Security Awareness Training, followed up by an Information Security questionnaire. In addition to this, if there are any updates on these policies or processes, it is communicated to all staff via our intranet and a signed list of all policies that have been read are kept on each staff member's HR file.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Invotra’s change process is published on our private UK Government customer portal, GOV.invotra. Our changes are managed through our change management process. Invotra tracks all system changes including but not limited to: product enhancement releases, service component version upgrades and security patching, Invotra also has supplementary security incident and business continuity processes in place which are available upon request.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Technical resources are subscribed to security feeds/mailing lists to be notified of security improvements. The security patches are expedited or applied as part of a development cycle depending on severity (assessed according to an internal scoring system). For OS vulnerabilities we defer to the OS vendor's assessment. OS patches are deployed monthly. We also get information about any potential threats from OS vendors, application vendors, package repositories and our internal QA.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: All application requests are monitored using AWS WAF (Web Application Firewall) which applies a set of rules to a HTTP conversation. These rules cover common attacks such as Cross-site Scripting (XSS) and SQL Injection. All processes and policies related to response and timings are detailed within an internal system which is available for review on request. The system fully supports all policies and processes required for ISO 27001.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident management processes for customers are published on our UK Government customer portal GOV.invotra. We have predefined processes for reporting, tracking and closing incidents. Customers have access to our dedicated Invotra HelpDesk Portal where they can raise new incidents and review incident statuses both current and historic. Incident reporting is available upon request.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Covid-19 recovery:

  Covid-19 recovery

  As a cloud based company we are able to work fully remotely. We have an open, transparent and vibrant culture and were keen to maintain this during the pandemic. Being remote meant not only did we miss collaborating face to face, as a business we were unable to visually see how someone was physically and mentally. Therefore we worked continuously to ensure our culture and wellbeing: ; ; Creating a Covid-19 hub for signposting and information; Encouraging staff to have their cameras on ensuring face to face interactions.; An instant messaging group for all staff to engage and share non work related content; Hosting virtual quizzes and coffee mornings; Walking Wednesdays; Hosting a virtual Christmas Party; Increasing 121 communications, with daily virtual standups and having a continuous open door policy; Introducing Rate My Team sessions for managers to discuss individuals enabling us to identify and resolve issues as soon as they occur and provide the relevant wellbeing support or resource to work towards a long term solution and future prevention. ; ; The office was made Covid safe as part of our return to work programme, with many touch points removed, sanitising stations, signposting and social distancing. We split the company into two teams, rotating fortnightly, to create a more comfortable workplace. We were also very mindful of those who were shielding or had anxieties around Covid-19 by continuing to enable remote working.; ; We designed and built an intranet for NHS Test and Trace and the Department for Health & Social Care using Invotra’s service for 15,000+ users and 10 merging agencies, in response to the demand for a powerful internal communications tool.; ; We delivered a Covid-19 Guidance Hub to DWP within 5 days in March 2020 to provide 100,000+ intranet users access to critical information required at the time.
• Equal opportunity:

  Equal opportunity

  Invotra is fully committed to encouraging equality and diversity and eliminating discrimination. We are a meritocratic organisation. We value talent irrespective of its origin. We focus on individuals and how we can adapt & support them to develop, aiming to be truly representative of all sections of society and for each employee to feel respected, be wholly merit driven and able to give their best. ; We are a member of the Disability Confident Scheme. We also offer work experience to SEN students at local schools.; ; In 2019, we opened ‘enABLE lab’, to align and educate ourselves and any other interested party on the importance of accessibility. The environment provides the opportunity for people to use software and equipment which replicates the experience of an accessible software user.; ; In 2011, we invested in the Apprenticeship programme to be more attractive to raw talent and to build specific technology and product skills. It allows us to develop a diverse, sustainable organisation, with all employees constantly learning and evolving. It is a core business strategy and its success is seen by all as a competitive advantage to us. 38% of employees are either current or qualified apprentices. The programme has created excellent career opportunities and natural succession planning. Our first 2 apprentices are now directors. ; ; We work to ensure there are no gender pay gaps. As an equal opportunities employer, gender representation is evenly split across our business. ; ; We are committed to ensuring there is no modern slavery or human trafficking in our supply chains or any part of our business. Our Anti-Slavery Policy reflects our commitment to acting ethically and with integrity in all business relationships and our commitment to implementing and enforcing effective systems and controls ensuring slavery and human trafficking is not taking place any where within our supply chains.
• Wellbeing:

  Wellbeing

  The Health and Wellbeing of our employees is very important to us. We have Mental Health First aiders available for confidential support as well as an Employee Assistance Programme, Our EAP is available 24/7, 365 days a year to provide support to our people, whatever challenges they face together with online resources, guides and wellbeing content.; ; We host Mental Health Awareness month, regularly provide blogs and signposting and have “Walking Wednesdays” where people are encouraged to go for a lunchtime walk. We encourage people to have their cameras on to promote engagement. We love to bring people together with breakfast clubs, lunch and learns, virtual coffee mornings, table-tennis tournaments and 5 a side football.; We continuously work with our employees to ensure a good work/life balance is achieved.; ; We encourage openness, collaboration and engagement at all times and all levels. We have weekly company wide meetings, where we all come together and discuss our goals, achievements and future projects. In addition to providing health and wellbeing support, we have monthly Rate My Team sessions with team leads to discuss individuals as well as any team requirements. This enables us to identify and resolve any issues as soon as they occur as well as provide the relevant wellbeing support or resource to work towards a long term solution and future prevention. ; ; We use open source technology in everything we do and are recognised as one of the most active members of the Open Source Community within Government.; ; We share everything with our customers and design all our services with open standards to ensure that we’re helping others to resolve challenges that have already been overcome elsewhere. We share our experiences, data between services and departments and contribute back to open source projects and standards.

Pricing

• Price: £1.00 a user a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free trials are available upon request, please contact Invotra for information
• Link to free trial: https://invotra.com/talk-to-us/

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@invotra.com. Tell them what format you need. It will help if you say what assistive technology you use.