Moore Stephens Insight Limited

Vena – Planning, Budgeting and Forecasting Solution Integrated with Excel

Vena is a cloud based solution to all of your needs in relation to financial reporting as well as business planning, budgeting and forecasting. Fully integrated with excel it combines the best of a database driven solution and the great features and user familiarity of standard excel.

Features

• Integrated software for business planning across the whole organisation
• Consolidated reporting in real time
• Workflow for key processes
• Full audit trail of user inputs
• Integration with excel
• Able to connect with multiple data sources (including non-financial)
• Key processes are maintained in house without expensive external expertise
• Dashboard reporting
• Visibility of financial and non-financial performance
• Integrates with ERP solutions

Benefits

• Reduced costs of ownership in medium term
• High levels of user engagement
• Familiar excel user interface means high usability
• Increased visibility over key financial reporting and planning processes
• High levels of control and transparency due to auditbaility
• Significantly reduced lead times for key processes inc monthly closedown
• Helps you gain control over spreadsheet based processes
• Use cases will be applicable across wider business processes
• Low up front investment, shorter time to deliver value.

£125 to £850 a user a year

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@moore-insight.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

887597506365914

Contact

Antonia Martin
020 7952 4690
info@moore-insight.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Not applicable
• System requirements: Not applicable

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Maximum first response wait of 1 business day.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard Support Plan; Every customer has access to our Standard Support Plan for online and telephone support, including:; • 24/7 application monitoring; • Help desk phone and email support from 9:00 AM EST - 8:00 PM EST; • Unlimited case submissions; • Up to 3 Manager or Administrator users to contact Vena support; • Maximum first response time of 1 business day; • Access to the Vena Customer Portal, online videos, FAQs, user guides, and a community help forum in our knowledge base; • A dedicated customer success manager to help recommend products, services, and processes to help you get the most out of Vena; ; Extended Support Plan; For after-hours support and accelerated response times, our; Extended Support Plan combines all the services of our Standard Support Plan with:; • 24/5 Help Desk with on-call telephone support; • Maximum first response time of 2 hours for Severity A issues; • Up to 5 Manager or Administrator users to contact Vena support
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Training is provided as well as a range of consulting services to assist with implementation and data import etc.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Not applicable
• End-of-contract process: Contracts are normally renewed on the contract anniversary. If a customer wishes to terminate the contract then all customer data is permanently deleted.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Same functionality.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: As a multi-tenant SaaS platform, auto-scaling enables Vena to support unlimited concurrent users without performance degradation.

Analytics

• Service usage metrics: Yes
• Metrics types: Service status shared on public URL
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Vena Solutions

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Vena encrypts all client data at rest using AES-256 bit encryption. Passwords are also securely stored in a hashed format (Blowfish) by default.
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Not applicable
• Data export formats: Other
• Other data export formats: Not applicable
• Data import formats: Other
• Other data import formats: Vena connect to any data source supporting multiple data formats

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: Other
• Other protection within supplier network: All data in Vena is encrypted in transit using TLS 1.2 and at rest using AES 256-bit encryption, backed by the AWS Key Management System (KMS).

Availability and resilience

• Guaranteed availability: Severity A – error that results in the Service being substantially non-functional/ inoperative.; Within one (1) hour (during the business day) of being notified of a Severity A defect, Vena shall acknowledge its receipt of such notice to the Subscriber. Vena will use all commercially reasonable continuous efforts during the business day to provide an acceptable workaround or resolution to the Severity A issue;; Severity B – error that results in a decrease in the performance in any functionality of the Service, but does not prevent the Subscriber from continuing to use the Service;; Within one (1) hour (during the business day) of being notified of a Severity B defect, Vena shall acknowledge its receipt, and Vena will use all commercially reasonable continuous efforts during the business day to provide an acceptable workaround or resolution to the Severity B issue;; Severity C – error that results in the Service operating/performing other than as described in the Documentation, which does not have a material adverse effect on the service performance; ; Vena will respond to Severity C problems within two (2) business days after the Subscriber reports a problem. Vena will prioritize the correction of Severity C issues alongside other problems/feature requests.
• Approach to resilience: Available on request
• Outage reporting: A public dashboard can be subscribed to – status.vena.io

Identity and authentication

• User authentication needed: Yes
• User authentication: Other
• Other user authentication: Vena employs protection at every layer. When customers authenticate to the Vena cloud (either from a browser, Excel or through the API using the ETL tool) a secure session tracking mechanism works transparently to ensure that only an authorized user is the initiator of any requests.; Vena supports authentication via Security Association Markup Language (SAML) 2.0, which allows for Single Sign-On (SSO) from an enterprise intranet portal, extending our customers’ enterprise authentication standards to Vena; IP whitelisting can be leveraged to ensure users are only able to access the system from approved locations.; Two-factor authentication can also be used.
• Access restrictions in management interfaces and support channels: Vena's Access Control Matrix describes the roles that a Vena employee or agent must have to be permitted to access the scopes. Enforcement of the Access Control Matrix is provided by operations using automation and scheduled tasks to apply corresponding security policies to the Vena Cloud.
• Access restriction testing frequency: Less than once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: The Corporate Security and Data Privacy department is responsible for security related governance and oversight at Vena.; ; AWS is responsible for the physical security of AWS data centers and equipment.
• Information security policies and processes: At Vena, the security and integrity of our customers’ data are critically important. We believe that a strong security program begins with the culture of our company - Customer Trust is one of our CORE values. ; ; All Vena employees are part of our culture of security and we believe that security and risk awareness are essential elements of our security program. All employees are vetted using standard pre-employment checks during the hiring process, and once hired, new members of the team are required to read and sign-off our security and privacy policies. All new employees are required to complete security training during the onboarding process as well to further reinforce their obligations to protect our customers' data. Awareness of securityrelated risks is reinforced throughout the year. Every quarter, all employees participate in simulated phishing attacks to expose them to the types of email campaigns that are actively circulating in the wild. ; • Zero trust security architecture; • AES 256-bit encryption of customer data keys, managed using Amazon s Key Management System (KMS); • SAML 2.0 Single Sign-On and IP whitelisting; • Customer data isolation; • Multi-factor authentication; • Secure data transfers all data is transmitted over TTPS using TLS1.2 encryption

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The change management process requires that existing security control mechanisms are not negatively impacted prior to approval – adherence to existing controls is reviewed through automated build testing and manual peer core reviews.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Vena leverages Amazon Guard Duty (AGD); a continuous security monitoring service that analyzes and processes the following data sources: VPC Flow Logs, AWS CloudTrail management event logs, CloudTrail S3 data event logs and DNS logs. AGD uses threat intelligence feeds, e.g lists of malicious IP addresses and domains, and machine learning to identify unexpected and potentially unauthorized and malicious activity within our AWS environment. ; All Vena cluster nodes are booted, no less than weekly, with the latest up-to-the-minute security releases and OS-level patches applied.; Vena performs annual penetration testing against the platform both from an authenticated and unauthenticated user perspective.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Undisclosed
• Incident management type: Undisclosed
• Incident management approach: Vena's incident management policies are embedded in our Business Continuity Plan (BCP) and Data Breach Notification Policy. Our incident response framework provides responders with guidance for the collection and management of evidence during the incident response process. The focus of the initial investigation is on evidence preservation during the triage process and then performing escalation to the Corporate Security team for deeper investigation and ultimately incident management.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  As a member firm of MOORE Global, MOORE Insight designed and rolled out a wider global programme to gain commitment from the 116 member firms to an overarching purpose and strategic objective of “Social Ambition”. This involves the delivery of objectives under five key themes that align with the 17 UN SDGs. We have dedicated action plans and KPIs with overarching targets and goals to make a positive social impact throughout delivery of our projects and embedded into our ways of working.; This year, we produced our Carbon Zero Plan. ; MOORE Insight is committed to achieving Net Zero from Scope 1, 2 and 3 emissions by 2030. To achieve Net Zero, we have adopted the following carbon reduction targets. We plan to reduce our emissions by 35% (from 13.30 tCO2e to 8.65 tCO2e) by 2025 and 70% (from 13.30 tCO2e to 3.99 tCO2e) by 2030. ; We currently have the following schemes in place that will continue throughout Social Value delivery with clients: ; • Several initiatives as a firm in line with our Social Value delivery plans e.g., a roundtable is planned with one of our local government clients, working with waste minimisation and charitable teams to develop plans to reduce littering ; • We hold environmental management certification scheme: ISO 14001 ; • Cycle to work scheme (launched January 2022) for those commuting to the office ; • Launched an Electric Vehicle Scheme for all staff members; • Use of electronic documentation sharing and signing ; • Utilise remote working practices and when travel is required, use of public transport ; • 2 days per year staff volunteering to local growing schemes ; • Providing new and existing staff members and associates with re-usable coffee cups and water bottles to avoid single-use plastics ; • Using sustainable or recycled cutlery and plates
• Covid-19 recovery:

  Covid-19 recovery

  During the pandemic, we have worked alongside the RISE team in Sheffield to provide graduate employment opportunities for young people - whose careers have been amongst the worst-affected by COVID-19; given their limited experience, and the job losses of older workers, who are now competing for similar positions. Research indicates that 13.3% of 16–24-year-olds are currently unemployed in the UK, which is 8.5% higher than the overall average (ONS, LFS: Unemployment rate: UK: All: Aged 16-24: %: SA, 2021). We have recruited 12 full-time graduates in the last two years, and plan to continue this trend. ; We have adopted an accessible interview and skills scoring matrix in collaboration with the RISE scheme and the Universities to ensure that those with neurological or learning disorders were not left out of the process. ; - On-going Social Value work in response to COVID19 - ; We are in the process of setting up a Business Support Hub with our client Barking and Dagenham Council, where we support on-going efforts of charities and organisations working to help SMEs grow and upskill their staff post-COVID19. We are expecting to launch this programme near Christmas 2022. ; - On-going support of charitable organisations through COVID19 -; As a firm, we have been focused on supporting community initiatives and committing time to voluntary causes throughout COVID pandemic, for example: ; • Peter Morley is Volunteer/Supporter at Citizens Advice Bureau, Southend (4 years) and independent examiner for St John’s Church Stratford, London (for more than 20 years) also for Palace Theatre Club, Southend on Sea (2020-present). ; • MOORE Insight’s Kate Hill voluntarily supports the Myotonic Dystrophy Support Group. As their Marketing/PR consultant, Kate ran a PR campaign to raise awareness of the condition and that charity that supports those involved as fundraising numbers had significantly dropped during the pandemic.
• Tackling economic inequality:

  Tackling economic inequality

  Tackling economic inequality is of great importance for us, at MOORE insight; we always try to create new opportunities for both individuals and organisations. We provide mentorship and career advice to those who face a number of barriers. We offer internal employment and training development programmes and also support our local communities. We ensure that the input we provide is being measured to make any adjustments if needed. This is calculated using Social Value’s TOMs calculator, something that is agreed with the clients based on their focused initiatives. ; MOORE Insight has achieved the following and will continue to provide for Social Value delivery:; • Local school and college visits to provide careers talks ; • CV advice, mock interviews, and careers guidance for those in unemployment. ; • Facilitating site visit workshops onsite during project delivery (where possible) for young people to learn more about business; Helping disadvantage people to access both employment and training, is another aspect of our social value contribution. MOORE Insight and our partners are technology-focused organisations, we can change lives through digital upskilling. Going further than making employment accessible for those from disadvantaged backgrounds is our approach. We support local community projects to bridge the digital skills gap for those from disadvantaged backgrounds showing them how to access help and support information online. ; In our experience, residents living in disadvantaged circumstances, i.e., asylum seekers have little or no understanding of technology and the accessibility that it enables.; Our team have partnered with relevant organisations to offer training on:; ; • Microsoft Teams / Remote working ; • Collaborative tools and data management ; • Basic computer skills ; • Basic finance system / bookkeeping / financial management ; • Using mobile applications for Apple and Android ; • Basic data management ; • Basic data security ; • Using websites / social media
• Equal opportunity:

  Equal opportunity

  MOORE Insight are fully committed to encouraging equality, diversity and inclusion for all employees, workers, and job applicants, and to eliminating unlawful and unfair discrimination. ; All our staff and associates have access to our policies on our intranet and at induction and this becomes part of their working life. We are committed to preventing and tackling discrimination head-on against any employee, worker, or job applicant. We a ‘Disability Confident Committed’ employer. We realise and value the benefits of having a diverse team.; MOORE Insight is a company based in the North of England, South Yorkshire, where deprivation rates are high. We recognise our responsibility to reduce inequalities throughout the course of our projects and have the following on-going initiatives:; • We recruit 3-6 graduates annually from the Sheffield City Region using RISE scheme, which is in collaboration with both Universities. This programme also supports those who are at a disadvantage when it comes to accessing interviews for work.; • We hold ‘Great Place to Work’ certification, recognising our commitment to diverse staff recruitment, training, and development.; • We advertise job opportunities, clearly, accurately and with diverse candidates’ requirements at the heart of our process. We work with ED&I specialists to ensure interviews and skills scoring matrices are accessible and appropriate for those with different cultural, physical, or neurodiverse needs. ; • We are partnered with local charity Endeavour, supporting young people in the South Yorkshire region from disadvantaged backgrounds and situations, often coming into the UK from countries with unstable economies. We support the charity with a fundraising annual target and on-going business support activities including digital upskilling. With funds raised, the charity can support the personal and educational development of these young people, enabling them to access work and further education, including English language and soft skills for interviews.
• Wellbeing:

  Wellbeing

  In response to COVID19, we have improved our processes to ensure that employees and associates feel supported as we know this is key to the success of project delivery for our clients. Activities and benefits include:; • Structured remote induction day sessions for on-boarding new employees and associates setting out clear expectations, roles, and responsibilities with visibility of career development opportunities. ; • Welcome team daily morning calls at 9am where the existing and new team members can get to know one another and understand one-another’s roles and interests and Planned tri-annual Team Days.; • Access to line manager, peers, and directors in structured 1-2-1 and group support sessions. ; • The ability to pitch new ideas, opportunities, and suggestions for improvements. ; • Access to information about the organisation, learning support and key contacts.; • We have a Flexible working policy where the focus is on staff wellbeing with managing childcare and other individual needs.; • Launch of the Employee Assistance Programme (EAP) via Health Assured. It is a confidential employee benefit designed to help our employees deal with personal and professional problems that could be affecting home life or work life, health, and general wellbeing.; • In addition to the counselling support and advice, Health Assured also offers a virtual library of wellbeing information for employees. These informative articles and self-help guides provide support on a range of health and advisory issues, as well as instant guidance to aid our employees' physical and mental health.; o MOORE Insight provide online access to this via a portal and the My Healthy Advantage App offering:; - Interactive health assessment providing personal tailor-made dietary tips and fitness plans; - Fitness and lifestyle advice, such as detoxing methods; - Four-week self-help programmes; - Mini health checks; - Financial wellbeing articles

Pricing

• Price: £125 to £850 a user a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@moore-insight.com. Tell them what format you need. It will help if you say what assistive technology you use.