Fluent Technology

Flexigrant®

Flexigrant® is a provided as a cloud-based, software as a service (SaaS), scalable grant management software solution. Catering for 3 to over 100 concurrent users Flexigrant® is a highly configurable grant management system that can be rapidly set up and deployed.

Features

• Build your own online applications, claim and monitoring report forms
• Build/configure grant schemes and workflows the way you work
• Designed to be implemented rapidly by non-technical staff
• Graphical reporting including mapping of all your data
• Manage your external reviewers, review panels and shortlisting
• Integrated document generation (e.g. for awards and panel/board papers)
• Fully customisable. Customise everything from workflow to language and branding
• Comprehensive role-based security controlling access to functions and data
• Designed with data migration and integration in mind
• Annual product roadmap and monthly upgrades

Benefits

• Designed for rapid set up and deployment by non-technical staff
• Minimal training time before you start using
• Online training materials and support
• No limit on the number of schemes/funds you can create
• No limit on the number of reviewers (internal or external)
• Modern interface using the latest technologies for ease of adoption
• Product aligned to grant management best practice
• Product under continuous development and improvement
• Completely scalable if your staff and client numbers increase

£2,300 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gary.mcnally@fluenttechnology.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

899316002882517

Contact

Gary McNally
02890690020
gary.mcnally@fluenttechnology.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Hybrid cloud
• Service constraints: After the system has been configured and handed over Clients are responsible for:; ; - The on-going management of users, roles and permissions and all system codes and parameters,; ; - The on-going management of scheme/fund set up (unless additional implementation services are procured)
• System requirements:
  • Users must have internet access to access Flexigrant®
  • PC or mobile device with modern browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email support and online ticketing support has four priority status's which determine the response time. The response times are as follows:; ; Critical - Initial response within 30 mins | Target resolution within 8 hours thereafter.; ; Significant Impact - Initial response within 2 hours | Target resolution within 12 hours thereafter.; ; Minor Impact - Initial response within 4 hours | Target resolution within 24 hours thereafter.; ; Low Priority - Initial response within 24 hours | Target resolution by agreement.; ; Email support/online ticketing support is provided Monday to Friday 9am to 5pm excluding Northern Ireland public/bank holidays.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We will provide ongoing support:; ; Email support (as standard) to our help-desk to provide first-line technical support for the Software to the Customer.; ; Remote diagnosis and (where reasonably possible) correction of faults by code updates.; ; Flexigrant® have a dedicated support line for critical and significant impact support queries where our Customer Success team provide first-line technical support for the Software to the Customer (included in Flexigrant® package).; ; Fluent Technology shall provide support in respect of the Software as currently forming part of the Software as a Service.; ; Fluent Technology will respond to all support requests as quickly as is reasonably possible and supports the following target response times once a request from the Customer has been recorded:; ; Email support and online ticketing support has four priority status's which determine the response time. The response times are as follows:; ; Critical - Initial response within 30 mins | Target resolution within 8 hours thereafter.; ; Significant Impact - Initial response within 2 hours | Target resolution within 12 hours thereafter.; ; Minor Impact - Initial response within 4 hours | Target resolution within 24 hours thereafter.; ; Low Priority - Initial response within 24 hours | Target resolution by agreement.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Clients are actively involved in the implementation process through various stages. Initially, they complete a 'Discovery Questionnaire' to provide insight into their grant management processes, and attend a discovery workshop to review the questionnaire responses and clarify any additional points. A project initiation meeting follows, where the project brief, plan, and RAID Log are reviewed and approved with key stakeholders.; ; During the configuration phase, clients are responsible for reviewing and providing timely feedback on the work completed. They also participate in testing and sign-off of key functionalities such as application forms, workflow, templates, award, post-award, and payment/claims processes.; ; The onboarding process includes training to ensure teams are ready to work with the software from day one. This MS Teams training is designed to be interactive, enabling clients to grasp and understand the topics covered before moving on to the next one.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: On termination we typically provide an export of all data held or agree to hold the data in a restricted instance of the system for archival access. The costs of these services are typically discussed on contract agreement and finalised before termination. Any data to be transferred to a client would be transferred securely in accordance with our ISO 9001 and ISO 27001 accredited procedures. Please note that Flexigrant® includes a Query & Export tool that allows users to export data in Excel format. The costs of additional data extraction services are typically discussed on contract agreement and finalised before termination (if required).
• End-of-contract process: We do not believe in subjecting clients to complicated or lengthy termination clauses. Typically, we require 3 months’ notice of termination and this is discussed and the notice period agreed on contract agreement. Failure to advise Fluent of termination will result in continuity of the service unless otherwise agreed with Fluent, please refer to our Standard Terms and Conditions for a full description.; ; On termination we typically provide an export of all data held in the system in an agreed format or agree to hold the data in a limited version of the system for future access. The costs of these services are typically discussed on contract agreement and finalised before termination. Any data to be transferred to a client would be transferred by secure media only and would be encrypted in accordance with our ISO9001 and ISO27001.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Flexigrant® has been designed to work with both web browsers and mobile and tablet devices. Due to the nature of some of the grant management processes and workflows supported by Flexi-Grant® we recommend that certain tasks are completed on a larger screen.
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: The service interface refers to Flexigrant, a cloud-based solution accessible over the Internet. It includes user authentication, a comprehensive role-based security model, and interfaces with identity providers like JWT SSO or Azure Active Directory. It's designed with a focus on security, featuring encrypted data transfers and regular independent security testing. The interface allows for system administration by clients, including user and access control, and configuration management. Flexigrant also supports various web browsers and is tailored to client preferences, including language customisation.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: Flexigrant is engineered with the usability and accessibility needs of users of all abilities in mind, striving to meet at least the WCAG 2.0 Priority A standards on every part of the platform. Regularly reviewing its accessibility compliance, the platform aims for WCAG AA compliance in applicant-facing areas while ensuring that non-applicant facing areas meet WCAG A standards, with plans to enhance these areas to higher standards in due course.; Through proactive efforts, including a/n accessibility focused project in 2022, Flexigrant has achieved WCAG 2.0 A standards, with continuous updates aimed at reaching WCAG 2.0 AA across all projects. The platform also adheres to the updated WCAG 2.1 standards, enhancing accessibility for users with diverse hearing, movement, sight, and cognitive abilities.
• API: Yes
• What users can and can't do using the API: Flexigrant provides APIs that enable users to export data and interface with external systems. Authorised users can use APIs to export finance into their chosen Finance System, and there is a commitment to add a CRM API as part of the 2024 Product Development Road Map.; ; In addition, the Award Data API allows for the extraction of award data from Flexigrant for use in other systems, such as a website, internal BI tools, or any other system that might require this information. ; ; These APIs facilitate the integration of Flexigrant with other systems, allowing for a more streamlined workflow and data management process.; ; Any actions outside of the designed purpose of the APIs, such as modifying the core functionality of Flexigrant or accessing data beyond the user's permission levels, would not be supported.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Clients can extensively customise Flexigrant according to their specific needs, thanks to its self-service ethos. Once users receive training, they have the capability to maintain, amend, and build grant schemes without necessarily having to rely on Fluent staff. This includes creating an unlimited number of grant schemes, either from scratch or by copying an existing one.; ; The system offers a comprehensive form builder that allows authorised users to construct various forms, such as application, progress reporting, or claim forms, without the need for specialised skills or support from Fluent. The form builder includes a wide variety of question types and offers validation logic, as well as the ability to show or hide questions based on previous answers.; ; Administrators can control which grant schemes are open for applications and set specific submission deadlines. Each grant scheme can have its own configured workflow, which authorised users can manage using simple online tools.; ; Additionally, Flexigrant provides a range of premium features for further customisation, such as financial and payment management, application settings, reporting options, and more. These features are designed to cater to the unique needs of different organisations and can be discussed and tailored during the discovery phase with Flexigrant.

Scaling

• Independence of resources: The Flexigrant® platform has been designed from the outset to handle scaling and this includes performance monitoring which allows us to adjust the capacity of the infrastructure as usage increases. As more people use the system we are able to increase the resources available to the service to ensure the system performs at satisfactory levels. In addition, we monitor individual clients within the platform to ensure their usage is within agreed and acceptable levels, allowing us to mitigate the effects of one client upon another.

Analytics

• Service usage metrics: Yes
• Metrics types: We actively monitor the numbers of users accessing the system as well as gathering detailed statistics on the volume of applications (via an administrator dashboard.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Data at rest is stored encrypted with key storage managed through Azure Key Vault.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Flexigrant® includes an easy to use yet powerful data export tool that allows authorised users to build queries based on the data held in the system and output the information in an Excel format. Data exports can also be carried out on audit logs, payment files and PDF generation of applications, board papers and score sheets can be done.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PDF
  • Docx
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Flexigrant® is hosted in Azure and includes 99.95% infrastructure availability guarantees. We will use commercially reasonable endeavours to ensure that the Flexigrant® SaaS Service is available to the customers 99.5% of the time during normal office hours in any one calendar month.
• Approach to resilience: Reliability is one of our key tenets and our cloud platform has been designed to meet the needs of companies whose solution requires high availability network, infrastructure and uptime guarantees ensuring mission critical applications are always up and running. Our cloud environment features include: hardware redundancy and geographic failover across multiple sites in the event of a disaster; fully managed Infrastructure as a Service (IaaS) by Microsoft Azure; Zero-Downtime Network (fully resilient routers, switches and cabling); Access to 24x7x365 dedicated support team; Fully resilient DNS infrastructure; Fully resilient and redundant network infrastructure; Tier-1 network utilising multiple bandwidth providers; Managed Operating System patching, including priority support through our Microsoft Gold Partner.
• Outage reporting: The service reports outages by escalating the suspected incident to the Issue Response team and moving the conversation to a dedicated channel. Engineers are given 15-30 minutes to investigate the cause and severity of the incident. In the meantime, all phone and email inquiries are promptly answered with a standard message informing customers that the team is aware of the situation and is actively investigating. Once an incident is confirmed as major, updates are communicated through various channels, including a community post update, Mailchimp email, ticket updates, and direct account calls. The communications plan includes templates for initial issue notifications, updates during the issue, and notifications after resolution, both when the system performance has been restored and when detailed insights into the cause are available.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to management interfaces is restricted in two ways. Full tenant administration access is restricted to Fluent only by username/password and IP address. For client system management access this is restricted by the Flexi-Grant® role based security model which requires client users to authenticate and access functions by role.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: SGS UK Ltd
• ISO/IEC 27001 accreditation date: Our most recent accreditation runs from 20/04/2018
• What the ISO/IEC 27001 doesn’t cover: Our ISO certification covers the development of Flexi-Grant and the implementation of Flexi-Grant to public and private clients.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Flexigrant® has been developed to ensure compliance with information security standards. Fluent Technology Ltd, the authors of Flexigrant®, are accredited to the ISO9001, ISO27001 and Cyber Essentials Plus standards.; ; Our security policies are audited internally as part of our annual audit schedule and independently verified by our external auditors, NQA.; ; The organisation follows information security policies and processes that align with ISO 27001 standards, including an Information Security Management System (ISMS). This encompasses incident reporting, risk assessment, regular audits, and a commitment to continual improvement. The organisation also maintains Cyber Essentials Plus accreditation, which is a UK government-backed scheme that helps protect against a wide range of the most common cyber attacks. Additionally, there are documented incident management plans in place, and the organisation has been independently assessed to meet the ISO 27001 information security standards. Cybersecurity policies include a data breach response plan as part of the ISO 27001 framework, ensuring that any loss, corruption, or degradation of data is managed according to a defined procedure.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All changes applied to our service are managed through a strict change control procedure. All changes are tested on a development environment that mirrors the live production environment before being deployed live.; ; As part of the planning of any change we assess the impact on security of the change and design appropriate test scenarios as part of any new developments. No change is deployed unless all testing, including security texting, has been completed successfully.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our vulnerability management process involves regular scanning of our infrastructure using cloud-based scanning systems, such as Azure Defender for Cloud. Any vulnerabilities identified are assessed and remediated according to their severity. Critically identified vulnerabilities are addressed immediately. We also conduct independent penetration testing every year to ensure the security of our systems. Additionally, our servers are patched with critical security updates as they are released, and full patch management procedures are employed.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We proactively monitor our systems through a variety of measures. This includes uptime monitoring at one-minute intervals, port monitoring to detect service interruptions, and immediate notifications to engineers with automated processes to restart critical services. We also employ Infrastructure as a Service (IaaS) monitoring and Application Performance Monitoring (APM) to identify potential issues early on. In addition, built-in admin alerts in our software notify users about specific administrative tasks related to data maintenance. Our monitoring processes are designed to ensure prompt detection and response to any security events.
• Incident management type: Supplier-defined controls
• Incident management approach: Our incident management process is aligned with ISO 27001 standards and involves an Incident Response Team (IRT) that coordinates the response to security incidents, conducts investigations, implements remediation measures, and communicates with stakeholders. Incidents are detected through monitoring tools, employee reports, and automated systems. Upon detection, the IRT works to contain the incident, eradicate the root cause, and recover normal operations. A post-incident review is conducted to analyse the response and identify improvements. Regular training ensures employees are aware of reporting procedures, and the process is reviewed annually with periodic testing through simulated exercises.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Wellbeing

  Fighting climate change

  To achieve net zero emissions by 2050, Fluent Technology Limited commits to implementing a comprehensive sustainability strategy with aim of having a Carbon Reduction Plan published in 2024. This will involve:; ; 1. Reducing Energy Consumption: Implementing energy-efficient practices across our virtual operations, including optimising server usage, asking suppliers about utilising renewable energy sources , and encouraging energy-conscious behaviour among employees.; ; 2. Remote Work Policies: Continuing to adopt home working arrangements to minimise the need for commuting and office space, thereby reducing our carbon footprint associated with travel and building energy use.; ; 3. Green Procurement: Prioritising suppliers and partners with strong environmental commitments and sourcing eco-friendly products and services whenever feasible.; ; 4. Employee Engagement: Educating and empowering our employees to adopt sustainable practices in both their professional and personal lives, fostering a culture of environmental stewardship. Encouraging staff to engage with environmental improvement CSR activities. ; ; 6. Continuous Improvement: Regularly monitoring and evaluating our progress towards net zero emissions, and adjusting our strategies and goals accordingly to ensure we stay on track to meet our 2050 target.; ; By implementing these measures, we aim to not only mitigate our environmental impact but also contribute positively to the global effort to combat climate change. We recognise that as a small company, every action counts, and we are committed to playing our part in building a more sustainable future for generations to come.

  Wellbeing

  The PicStory Belfast project contributes significantly to wellbeing by fostering social connection, self-expression, and a sense of belonging within the community. Through its focus on street portrait photography and storytelling, the project provides a platform for individuals to share their personal narratives and experiences, thereby promoting emotional catharsis and empowerment.; ; At the heart of the PicStory Belfast project is the voluntary participation of a member of the Fluent staff, who dedicates time every fortnight to take portraits in central Belfast's cultural hub, 2 Royal Avenue. This act of volunteering not only demonstrates the commitment of the Fluent team to the community but also serves as a catalyst for engagement and participation among community members.; ; The presence of PicStory Belfast in 2 Royal Avenue provides a central and accessible location for individuals to come together and participate in the project. The cultural hub serves as a welcoming and inclusive space where people from all walks of life can gather, share stories, and connect with one another. By bringing the project directly to the community, PicStory Belfast removes barriers to participation and ensures that everyone has the opportunity to take part in the transformative experience of being photographed and sharing their story.; ; Through the act of being photographed and sharing their story, participants experience a range of positive outcomes that contribute to their overall wellbeing. The process of self-expression and self-discovery promotes increased self-awareness and confidence, while the validation of one's experiences fosters feelings of worthiness and empowerment. The social connections formed during PicStory sessions reduce feelings of loneliness and isolation, creating a sense of belonging and connection within the community.

Pricing

• Price: £2,300 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free trial's of Flexigrant® give users access to all five key parts of the system: the back office 'Admin', the 'Manage Grants' section (central dashboard), the 'Manage Contacts' section (built in CRM), the 'Application Portal' where applicants go to apply and the 'Reviewer Portal' where reviewers go to review applications.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gary.mcnally@fluenttechnology.com. Tell them what format you need. It will help if you say what assistive technology you use.