Waltec Solutions Ltd

Noesis Cloud

Our Noesis Cloud range of products are designed to combat common business issues and to bring the efficiencies gained from electronic processes where paper has traditionally been used, reducing administrative overhead and providing streamlined processes and accurate management information. Specifically focussed on Procurement, Facilities and Finance Management processes.

Features

• Flexible content management system
• Operational help desk
• Inventory Management
• Flexible eForms & Workflow
• Asset and staff tracking
• Interactive Voice Response and Communications
• Reporting and analysis
• Dashboards and KPIs
• Flexible portal to link other applications and data
• Collaborative workspaces and file sharing

Benefits

• Bring all information and systems together in a single portal
• Flexible web interface
• Access system and functions from any device
• Easily add and update content to your web presence
• Release time through automation of common business processes
• Easy and fast to maintain
• Standard API to connect to other systems
• Supports adoption GS1 and PEPPOL standards

£20,000 to £40,000 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@waltec.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

916580217386305

Contact

Wendy Walach
07792258705
enquiries@waltec.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements:
  • Modern web browser
  • Internet connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 4 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: Tested with assistive technology. None directly with existing users of assistive technology.
• Onsite support: Yes, at extra cost
• Support levels: Onboarding support for training and loading data as standard.; Standard support and small changes up to 4 hours effort.; Additional support available based on framework rate card.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Initial remote training and scoping workshops with implementation team. Online videos and user documentation is available.; Onsite training and implementation consultancy support available on request.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data extracts can be provided on request as part of off-boarding process. Extracts can be provided as an SQL database backup or a series of flat files.
• End-of-contract process: 1) Licence expires preventing further access to the platform; 2) Data is extracted on request and transferred to client infrastructure; 3) All client data is permanently deleted

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None. Dedicated mobile app available for some services.
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: Yes
• What users can and can't do using the API: There is a full REST api for the majority of functions within the service. Users can make authorised requests to the API to carry out common processes.; Various 3rd party services are also using the existing API.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users are able to customise content, fields, and lists.; Roles are allocated by system administrators.; Additional customisation is available via our development team

Scaling

• Independence of resources: Our resources autoscale at certain usage thresholds providing a seamless experience to users.

Analytics

• Service usage metrics: Yes
• Metrics types: Dashboards are available based on usage metrics.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Most screens and reports have the ability to export to Excel, CSV or PDF
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel
  • PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Any flat file
  • Excel

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Services guaranteed availability of 99.9% excluding planned downtime notified in advance.
• Approach to resilience: All infrastructure is hosted within the Microsoft Azure public cloud with full security and resiliency including real time replication across regions. Detailed information is available on request.
• Outage reporting: Outages of services are notified to engineers automatically and certain auto-recover processes are in place. Clients are notified of outages via email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Role based security
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our security governance practices follow ISO/IEC 27001 principles and guidelines but are not certified.
• Information security policies and processes: Company policies are in place which all employees and contractors agree to upon employment. Contracts with clients cover specific client based requirements which are adhered to by staff working on individual contracts where differences in policy exist.; Information security is overseen by our Operations Director, and all technical staff report to him.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Change requests and product documentation is maintained through our DevOps platform. Any changes to configuration is logged and authorised before being implemented.; Any code or security change is assessed through penetration testing and other security tools.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We subscribe to various security toolsets including penetration testing and security advisories that test our infrastructure and identify potential vulnerabilities on a regular basis.; Once identified, any vulnerabilities are patched as soon as a solution is identified and tested.; Security tools are in place to monitor live threats and incidents should any occur.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We subscribe to various security and vulnerability monitoring and testing services through our cloud infrastructure partners. If a breach is identified, access is quickly quarantined through automated processes and senior technicians are alerted to identify a longer term solution.; Incidents identified should have an initial solution in place within 1 hour and longer term solution in place as soon as one is available.
• Incident management type: Supplier-defined controls
• Incident management approach: Predefined processes and policies exist for the management of incidents both within our application and with our infrastructure partners.; We operate an online support desk for users to report any incidents and feedback is provided interactively through their support ticket.; Additionally, we provide notifications via email to clients when an incident is in progress or is resolved that may have affected them.; Separate incident management procedures are in place between us and our partners.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality

  Fighting climate change

  We deliver services that support the digitisation of processes, focussing on the reduction of clients, our own and our partners climate footprint. We are committed to providing a net zero carbon footprint by 2030.

  Covid-19 recovery

  We actively encourage the employment of staff affected by the COVID-19 pandemic, by creating employment and retraining for those seeking new roles.

  Tackling economic inequality

  We support economic resiliency through the use of selected partners, and similar sized businesses, enabling us to be stronger together.

Pricing

• Price: £20,000 to £40,000 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Limited time free trial is available with full functionality

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@waltec.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.