Objective Corporation Limited

Objective RegWorks

End to end regulatory case management and workflow for Digital Government in the areas of Safety, Licensing, Compliance and Enforcement. Objective RegWorks includes Backoffice, Mobile and Customer Portal. Hosted across multiple UK availability zones for high availability and continuity of service.

Features

• Case Management - Evidence, Offence, Audit, Interview, Facts.
• Regulatory Features - Risk, Visual Associations, Legislation and Offence Management
• Operational Dashboards and KPI reporting
• Portal for receiving applications, and correspondence with Regulated Parties
• Business Rules, Digital Form Configuration, Process Automation managed inhouse
• Mobile Offline Capability - Intelligence in the Field
• Integrate your payment platform taking payments for applications, notices etc.
• Pre-configure and load legislation and associated offences
• Full audit capability of user activity, including read/view access
• Create and manage document and email templates

Benefits

• Single system for end to end regulatory process management.
• Integrate business platforms and external systems such as HR, Finance
• Dashboards and KPIs to effectively manage caseloads within legislative deadlines
• Regulatory specific features improving consistency and efficiency of regulatory decisions
• Process automations freeing up experts for complex cases
• Offline capability via RegWorks Mobile
• Powerful automation and simplification of end-to-end processes
• Intuitive and easy to use interface with tooltips and help
• A single source of truth across your organisation
• Access anywhere through modern web browsers

£74,000 a unit a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mat.graves@objective.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

929610051461491

Contact

Mat Graves
+44 (0)118 2072300
mat.graves@objective.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: To be agreed with customers as part of the engagement process
• System requirements: 2 most recent versions of Google Chrome and Microsoft Edge

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard Support and Premium Support are available dependent upon edition. Online Incident creation available 24/7 - Other support channels available Mon-Friday during Business Day Hours 8am-6pm
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard Support Hours are 09:00 to 17:00 Monday to Friday Excluding Public Holidays. Enhanced support is available including 07:00-19:00 and 24/5.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Extensive customer-specific training is provided including Train-the-trainer for end-user training, and system administrator training. A number of supporting documents are also supplied for immediate and ongoing training requirements. Contact us to discuss your specific training requirements further
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Provided as a service, as part of "transition out services" into an accessible, pre-agreed format.
• End-of-contract process: Option to renew the contract, or engage the "offboarding process" in order to return customer data in an agreed format in a timely fashion. Full details on this are found in the Terms and Conditions document

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: A native IOS and Android application is available to enable off-line capability
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Intuitive web-browser interface accessible through modern browsers
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Our application is accessible through modern browser technology, which supports these types of technology. We don't currently test the full range of assistive technology platforms currently available on the market.
• API: Yes
• What users can and can't do using the API: The Objective RegWork product is configured with custom business domain objects and workflows tailored based on customer-specific business requirements. These objects can be interacted with via the RegWorks Restful Public API interface. The Public API is based on a standard structure and conventions however, the specific business domain data types vary based on the RegWorks configuration.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The product is flexible to be adapted to your business processes and legislation. RegWorks allows you to change the solution to stay aligned with your best practices without engaging us for costly upgrade projects, or can be customised by one of our business consultants.

Scaling

• Independence of resources: The Objective cloud platform design allows scaling of performance and automated monitoring of the system performance without intervention required from the customer. This will allow RegWorks to cater for peaks and troughs in transaction volumes including, but not limited to, searches, record creations, record updates, and notifications. This is further backed by operational readiness testing and performance testing metrics which are conducted against every release. Objective conducts monitoring of compute resource utilisation thresholds and increases compute capacity if it is required, well before critical thresholds are met.

Analytics

• Service usage metrics: Yes
• Metrics types: Service metrics are available upon request through the Customer Support Portal
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data exports can be achieved through the Search capability by users with the appropriate permissions to do so
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Varying levels of availability are available ranging from standard to high availability, depending on your requirements. Our standard offering is 99.5% availability.
• Approach to resilience: RegWorks is implemented on the Objective Cloud Services platform which provides standard to high availability for applications and datastores with options to use redundant services in multiple Availability Zones, leveraging the capability of AWS services to provide automated recovery.
• Outage reporting: Objective Cloud Services provide SIEM monitoring "As a Service" and will notify the appropriate customer parties based on the priority and severity agreed in the "Objective Customer Service Plan"

Identity and authentication

• User authentication needed: Yes
• User authentication: Identity federation with existing provider (for example Google Apps)
• Access restrictions in management interfaces and support channels: Agencies will be able to define deep and secure access controls via the RegWorks Role-Based Access Control (RBAC) capabilities. The RegWorks security framework implements fine-grained Role-Based Access Control to all system actions and information. This applies to domain records (activities and entities), workflow actions, resources, alerts, search, audits and administration.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: Jul 18
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Please refer to the Terms and Conditions and Security Policy documents.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All changes to production environments are tracked in an internal ticketing system. Are changes need to be classified and approved by the change advisory board located in UK. All change requests are reviewed from the perspective of impact on the operation of the product and the ISO 27001 certification.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: AWS WAF protects the solution from common web exploits like SQL injection or cross-site scripting and provides rate based IP allow listing.; ; Objective release processes along with the Customer Service Plan ensure clear processes are defined to introduce change from development through to production environments.; ; RegWorks is developed using OWASP Secure Coding Practices and peer code reviews are required for all merging of code. Source code is actively scanned for security issues and the OWASP Dependency Check Software Composition Analysis tool is utilised to detect publicly disclosed vulnerabilities contained within dependencies.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Active vulnerability scanning of host operating systems can be implemented and integrate with Objective or Agency managed SIEM services.Objective SaaS services leverage AWS GuardDuty Intelligent threat detection. IP traffic going to and from network interfaces in each VPC is monitored using AWS VPC Flow Logs to detect unexpected network behaviour.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: The incident management approach is outlined the Customer Service Plan

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)
  • Other
• Other public sector networks: All connections can be configured via a project

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  Objective’s mission is to create software that makes a difference. Using Objective software, thousands of; public sector organisations are shifting to being completely digital. Where our customers can work from; anywhere; with access to information, governance guaranteed, and security assured. Innovation is our; lifeblood. We invest significantly in the ongoing development of our products to deliver outstanding solutions; to the public sector and regulated industries. The result – stronger national and community outcomes, and; accountability that builds trust in government. Through the delivery of these projects, our services greatly reduce the number of physical documents (which end up as paper waste), whilst greatly improving the efficiency of our regulatory processes – in turn allowing them to provide greater services to the public with the same or reduced amount of taxpayer funding. Our solutions also reduce the need for regulators to travel quite so much, for example, interviews and inspections are now being performed remotely via video link integrated with our platform, further reducing the regulator’s carbon footprint and increasing the number of compliance visits that can be conducted. Official documents and letters are also digitised as part of our solution, being passed to regulated entities directly via our RegWorks Customer Portal – further reducing paper waste, whilst speeding up the application/communication process.; Objective Corporation UK Limited (Objective UK) is committed to achieving Net Zero emissions by 2050. A copy of our Carbon Reduction Plan can be viewed on our website.

  Equal opportunity

  We recognise the value that different backgrounds, experiences and perspectives can bring to the business, and we oppose all forms of unlawful and unfair discrimination or victimisation. ; ; Objective’s Commitment:; ; • To create an environment in which individual differences and the contributions of all our people are recognised and valued. ; • Selection for employment, promotion, training, or any other benefit will be based on aptitude and ability.; • Every employee is entitled to a working environment that promotes dignity and respect.; • Training, development, and progression is available to all employees.; • To promote equality and diversity in the workplace.; • To regularly review all our employment practices and procedures to ensure fairness.; ; Diversity and Inclusion:; ; We continuously strive to create a workplace that’s dynamic, diverse, and full of talent. A testament to this commitment was being certified as a Great Place to Work in 2023. ; ; We focus on purpose in everything we do, and offer our people continuous professional development, financial stability, flexibility, and an inclusive environment.; ; Diversity, Equity and Inclusion (DEI): Our workforce reflects a diverse range of backgrounds, ensuring an inclusive and equitable environment. We are dedicated to fostering a culture that celebrates differences and promotes equal opportunities for all. DEI at Objective is not just a tick-box exercise, it’s a business imperative. We launched our 2023 DEI strategy to support further growth and creativity. Beyond this, we celebrate the diversity of our people through regular events during the year. ; ; Women Rising Programme: Launched in 2023, this is a holistic leadership and professional development programme. Open to all women, whether they are a manager or an individual contributor, it is designed to empower women and provide participants with the tools, knowledge, and inspiration so they can excel.

Pricing

• Price: £74,000 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mat.graves@objective.com. Tell them what format you need. It will help if you say what assistive technology you use.