Cisilion Limited

Liberty RPA - Robotic Process Automation

Liberty RPA is Netcall's AI-powered robotic process automation. It uses software robots to mimic the actions of people performing mundane and cumbersome repetitive tasks that frees-up people and enables them to be more productive.

Features

• AI-powered - computer vision, OCR and other AI techniques.
• AI-powered - computer vision, OCR and other AI techniques.
• Cloud-hosted management console (Liberty Controller).
• 300+ pre-defined activities to build your RPA flows.
• Performance and SLA reporting.
• Detailed logs and audit trails.
• Secure credential management.
• Liberty RPA Trace for identifying processes suitable for automation.
• Integrates with Liberty Create for a complete Intelligent Automation solution.
• Designed for citizen developers and IT professionals.

Benefits

• Automate on-screen processes for speed and accuracy.
• Frees up staff to perform more useful tasks.
• Use AI to improve performance and robustness of process flows.
• Integrate systems through direct access, API and computer vision.
• Improve employees experience with a digital assistant.
• Easy to build using drag and drop bot flow designer
• Increase productivity and reduce operating costs.
• RPA Trace - Record process steps to help automation.
• Rapid deployment and instant scalability to meet changing demands.
• Fast, repeatable, error-free process and task automation.

£55,000 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at drichardson@cisilion.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

874596536670497

Contact

Debbie Richardson
01372 201145
drichardson@cisilion.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Netcall Liberty Cloud offers a complete suite of customer engagement software, Liberty Converse can be used as standalone or as an add-on to following Netcall applications: Liberty Create low-code platform including Citizen and Tenant Hub Accelerators; Patient Hub; Liberty Connect multimedia conversational messaging gateway, and virtual Chat Assistant; Liberty RPA
• Cloud deployment model: Public cloud
• Service constraints: The service is subject to planned maintenance which will be notified in advance.
• System requirements: Internet Connectivity

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: "Target response times are subject to the contracted level of Netcall SolutionCare:; Standard - Target 90 minutes initial response ; Comprehensive - Target 90 minutes initial response"
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: "We will provide a Standard level of support which will be included within the cost. This includes access to the Support Online Portal, and contact by telephone or email to the remote support teams during contracted hours.; ; Standard Support hours are 9am-5.30pm (UK), Monday to Friday (excluding UK bank holidays).; ; A technical account manager will be provided.; ; Comprehensive Support (365 days 24 hours) can be added as a percentage uplift of the minimum monthly licence."
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: "Netcall will provide project management, engineering, and training support for the initial configuration of the Liberty Converse. ; ; In addition onsite or online training will be provided to enable the customer to self-manage the service. User Training includes access to extensive e-Learning content via the Netcall Online Community. ; ; Documentation regarding implementation and configuration of Liberty Converse will also be provided. This includes Online Help which is provided within the Liberty User Interface and Netcall Online Community."
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: " Liberty RPA does not store any customer data, it remains on the users systems. Liberty RPA job flow reporting can be exported in a text file format."
• End-of-contract process: At the end of the contract Netcall will cease the service which will prevent the bots from running. All data stored including backups will be securely deleted using industry standard best practise methods.

Using the service

• Web browser interface: Yes
• Supported browsers: Microsoft Edge
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Liberty RPA provides a browser based service interface. This interface has been design to be intuitive and simple to use, whilst enabling full access to the user and administrative features provided by the RPA application. User access to the service interface is secure.
• Accessibility standards: None or don’t know
• Description of accessibility: As a browser based interface, 3rd party tools deployed on the user's desktop or browser can be used to support user accessibility.
• Accessibility testing: Testing for specific 3rd party assistive technology is carried by users and based on the individual needs of their staff.
• API: No
• Customisation available: Yes
• Description of customisation: Liberty RPA bot flows can be fully customised by users with RPA build training and authorised access. Administrative tasks such as bot scheduling and priorities can also be configured.

Scaling

• Independence of resources: Deployments of Liberty RPA are provided on dedicated infrastructure for Users based upon the licencing subscription obtained.

Analytics

• Service usage metrics: Yes
• Metrics types: "Liberty RPA provides a range of system real time and historical reports including:; ; Real Time Dashboards - Real time graphical display of key metrics including job scheduling, CPU/memory/disk usage. Dashboards are configurable and shared with users, by name or role. ; ; Supervisor Reports - Historical reports covering all metrics of Liberty RPA. Reports including bot performance and job execution are displayed graphically and tailored by a range of filters including date and time. Tailored reports can be saved for instant retrieval.; ; Historic reports can be manually downloaded in a csv file format. Alternatively an API is available to get Report data."
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: "Liberty RPA process flows (.rpa files) are XML based, jobs information is CSV based, both can be exported easily.; ; If required, reporting data can extracted using the Liberty Converse Reporting API. This REST API gets report data in XML or JSON format from the Interactions Report, Agent Audit Report, or from a Supervisor Saved Report. ; ; Full documentation of Converse API will be provided as part of the deployment project."
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: LLiberty RPA as part of Create has an agreed Service Availability of 99.5%. Service credits can be discussed as part of your contract.
• Approach to resilience: Information regarding the resilience of the data centre is available upon request
• Outage reporting: Netcall’s Cloud systems and services are proactively monitored for availability and system health by the event management process. System events and alerts of threshold breaches are detected by Netcall’s system management tools and these alert our Customer Support team of state changes, including service outages in any of Netcall Cloud service offerings. Customer Support are responsible for informing service affecting outages to customers and these are tailored to match the business needs of the customer. The form of the communication can be either email or telephone to the customer’s service desk or preferred service contacts. The alert to the customer contains information on which service has failed, the likely effect it will have on customers IT service along with reference information for follow up. Netcall Customer Support then maintain regular updates to affected customers on the expected service restore time until de-escalation.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Create has a range of security controls to ensure the security requirements will be met. These include built in Role management, Security Policy, Login Control, Object permissions and Interface permissions.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA
• ISO/IEC 27001 accreditation date: 08/02/2021
• What the ISO/IEC 27001 doesn’t cover: Netcall's ISO 27001 is certified around the protection of the Confidentiality Integrity and Availability (CIA) of data assets for all platforms, products, services and suppliers relating to the processing of data. The governance also extends to the premises where the assets are hosted. The Statement of Applicability is a comprehensive scope that takes almost a week of onsite auditing by an external auditor working closely with the critical teams from Operations (including Info Sec) the business and other stakeholders such as the client , data centre managers etc. The Netcall process owners also include the facilities, legal and finance teams. Therefore ISO27001 will only exclude policies, controls and components that are not explicitly defined within the scope of the Statement of Applicability published for Netcall. The priority will always be to protect the CIA of the client data as per the Netcall solution and product design proposed to and contractually accepted by the client. So the actual likelihood of any risks remaining unmanaged/missed through the comprehensive scope of controls in the SOA is low.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: "NHS DSP Toolkit "

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All Information Security Policies and processes are documented and audited into the ISO27001:2013 Info Sec Statement of Applicability. It lists the Netcall controls, policies and work instructions documented and recorded for the standard. These were reviewed as part of the external Audit in January 2022 and deemed compliant. The SOA in PDF form can be shared on request. All process owners are internally and externally audited for compliance with the policies set out in the SOA and listed below. • Quality Policy. • Security Guiding Principles. • Information Security Policy. • Clear Desk Policy. • Keyholder Policy. • Access Control Policy. • Information Classification Policy. • Data Protection Policy. • Network Access Control Policy. • Information Exchange Policy. • Password Policy. • Cryptographic Policy. • External Parties Access Control Policy. All the policies are reviewed throughout the year and recorded in the Audit Calendar.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Netcall's Change Management processes are audited under the ISO27001:2013 and ISO9001:2015 Info Sec standards. The statement of applicability for the standards can be shared. No change will be permitted unless it has been approved by the relevant authority at Netcall against the relevant tracker ticket.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Netcall's compliance involves running external and internal vulnerability scans as part of our vulnerability management system to support the vulnerability management and internal patching process. Escalations are through our tracker system as part of the Risk Assessment/Vulnerability Management Process. These scans form evidence used to our InfoSec accreditations. The scanning vulnerabilities are prioritised within the reports, fed into the tracked Risk Assessment and resolution Process, reviewed by Netcall’s operations and relevant process/risk owner for resolution. Where necessary threat control and corrections/prevention tickets are raised and linked to the original vulnerability to audit the fix and risk.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Netcall manages and controls compromises to the Confidentiality Integrity and Availability of Information Assets through its Incident Management System, Control and ownership is centralised yet overseen with stakeholders. The process is ISO 27001:2013 compliant linking risks to treatments and SLAs. Compromises are monitored, tracked, recorded in a number of ways: being raised by customer/production support calls, via the account managers, after changes, risk reviews, actual security incidents, picked up via IDS/IPS systems or event identification. The owner is the Information Security Manager working with the respective Process Owners and impacted stakeholders to resolve any compromises and apply preventative actions.
• Incident management type: Supplier-defined controls
• Incident management approach: Netcall uses native and licensed software to manage risks and is ISO 27001:2013 compliant for Incident Management. It is tracker based linking risks, assessments into corrective and preventative processes. Compromises are recorded after changes, risk reviews, security incidents, event identification or in worst case scenarios invoking the Business Continuity Plan. The owner is the Information Security Manager working with the respective Process Owners and impacted stakeholders to identify, contain and resolve an incident using Tracker to prioritise, tailor and make the risk progress visible to stakeholders.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We continually strive to reduce our carbon impact year on year, initiating additional projects and activities that will further reduce our impact locally and globally, and contribute towards global UN carbon offsetting initiatives. Our commitment to the environment extends to our customers, our communities, our employees, our suppliers and other countries in which we operate. Our Carbon Reduction Plan is based upon the following principles: 1. Comply with, and exceed where practicable, all applicable legislation, regulations and codes of practice; 2. Integrate environmental and sustainability considerations into all our business decisions; 3. Endeavor to reduce our environmental impact year on year; 4. Ensure that all employees are fully aware of our Environmental and Sustainability Policy; 5. Ensure all employees are committed to implementing and improving our policy; 6. Ensure clients and suppliers are aware of our Environmental and Sustainability Policy, and encourage them to adopt sound sustainable management practices; 7. To review, annually report, and to continually strive to improve our environmental and sustainability performance. 2. Commitment • Cisilion are committed to reducing our impact on the environment and to achieving our goal of becoming net zero by 2050. • We will partner with Ecologi, a Carbon Avoidance organization. • We will plant 7,500 trees throughout Financial Year 2024 (“FY24”).

  Covid-19 recovery

  Cisilion External Statement Cisilion are closely monitoring the developments both at home, and around the globe with respect to the COVID-19 outbreak. In addition to our commitments to supporting our customers, Cisilion views as one of its highest priorities the health and wellbeing of its employees. Because of this, we have a clear business continuity plan and sickness procedure which the Company will continue to adopt in the pandemic situation, following the World Health Organisation (WHO) pandemic level definitions for triggering our response. In accordance with government guidelines issued on the 23 of March, and previously as the situation developed, we have initiated a program where our employees are able to continue to work from home in isolation. The measures that we have taken are designed to ensure that there is the minimum of disruption to services to our customers as well as minimising the risk to our staff at this difficult time. We ask our customers to understand that despite this, there is an increase in demand on parts of our services. We are prioritising the support of our customers with services which are vital to the efforts to contain the pandemic. This may mean that there could be some minor delays in responding to issues and project work, although we are working to keep this to a minimum. Due to the current situation with enforced social distancing, project and engineering work requiring site visits, is having to be risk assessed on a case by case basis. Our own infrastructure which is used to support our clients continues to operate as normal. As a flexible organisation, all internal systems are accessible to our employees from remote locations. We have facilities in place already to ensure all employees have the equipment needed, to work from alternative locations seamlessly.

  Tackling economic inequality

  Learning and development plays a huge part in Cisilion’s culture. This includes our induction and awareness training, as well as creating platforms for unlearning and unconscious bias. Cisilion conduct all learning and development via LearnAmp, our online Learning Management System. As part of our induction process, we include Diversity and Inclusion Training, along with enhanced Grievance procedure outlines and Anti-Harassment training. Employees are then required to complete refresher training every 6 months. Diversity and inclusion play a key role in Cisilion’s core business objectives and values. Cisilion recognise that as a Company, more can be done to improve our diversity and inclusion practices and this will continue to be a working directive through the organisation, to support underrepresented groups. The recruitment teamwork within our People function at Cisilion and therefore liaise continuously to ensure proactive recruitment identifies a diverse set of candidates and supports those throughout the interview processes. While we understand that not all individuals feel comfortable in disclosing their identity, we continue to monitor and track our performance against self-created targets for LGBTQIA+, gender and ethnicity within the recruitment processes and within our workforce, where at all possible. Cisilion engage with current employees from underrepresented groups, who feel comfortable in doing so, to address any other areas of suggested improvement, and to include their voice in future initiatives.

  Equal opportunity

  Invest in our economy to provide equal opportunities for employment, innovation and growth. Each month, a mixture of the HR, People and Recruitment team members alongside the Cisilion management team, will provide a mixture of 2 hour workshops and 1 hour long one to one sessions. The workshops will be run by our Recruitment team, covering topics such as interview best practice, CV formatting and job hunting tools available. Individuals will also be able to register for one to one advice with a member of our management team as a coaching session and more personal advice related to the unemployed persons experience so far. Cisilion have been running apprenticeship and graduate schemes for the past 5 years and partner with 3 specialist recruitment and training providers who are experts in finding work for and training unemployed young people. Cisilion are a Microsoft and Cisco gold partner, who are keen supporters of assisting young people into work. Cisilion often engage with Cisco and Microsoft for support with apprenticeship programmes and are familiar with other employment initiatives that we will be able to share with the unemployed people during the workshop sessions. Cisilion are also aware of and understand the current Quick Start government scheme of which we will be able to provide details and guidance to unemployed individuals

  Wellbeing

  Cisilion operate a robust health and wellbeing programme, partnering with Vitality Health and Medicash. On an annual basis, all 160 employees on our scheme conduct an Online Health Review, giving employees an understanding of specific areas of health that they need to improve upon, i.e. cholesterol, blood pressure, alcohol intake, physical activity levels and blood glucose level. If employees do not know the figures for these key areas, they can take a free health assessment to provide them with this data. Vitality Health offer their Member Zone to all members, giving access to videos, tips and our monthly Vitality calendar covering a range of topics from women’s health to mental health and nutrition

Pricing

• Price: £55,000 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Netcall offers trial versions of the Create software either as blank instances with builder support or with accelerator content already included. We term this service 'Try Create' and it provides e-learning for prototyping and proof of concept services. Please ask us for more information.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at drichardson@cisilion.com. Tell them what format you need. It will help if you say what assistive technology you use.