BearingPoint Ltd

Spend Navigator

Spend Navigator is your trusted hub for procurement data integrity. By consolidating information from diverse systems like ERP and supplier databases, it delivers a unified, accurate view of spending. Make informed decisions, optimise costs, and manage suppliers effectively with confidence, leveraging Spend Navigator as your procurement data powerhouse.

Features

• Ideation, innovation, project and programme management in the Microsoft Cloud
• Insightful investment monitoring, pipeline management, financial forecasting, dashboards
• Unlocks true collaboration in data collection, single source of truth
• Risk, issue, actions, change request management, standard KPIs
• Enhanced financial and resource management, real time measurement
• Enhanced portfolio management, compliance, and governance capabilities
• Highly scalable web applications, powerful workflow capabilities. in-depth reporting
• Better demand and capacity management, SaaS or Enterprise Cloud
• Integration with development lifecycle and visual collaboration tools
• Leading practices in virtual teaming; Microsoft integration

Benefits

• Benefits management and tracking to optimise returns from Cloud investments
• Pragmatic strategy: design for Digital and Cloud, outcome-focussed delivery
• Customer satisfaction, enhanced citizen services and employee experience
• Flexible, adaptive, scalable solutions, delivered at pace without compromising quality
• Better insight and decisionmaking through improved data and intelligence
• Sound and robust options appraisal and business cases, demonstrable ROI
• Stakeholder support, commitment to change, increased likelihood of programme success
• Continuous improvement and sustainability through developing client capability
• Creating social value, improving citizen experience, better outcomes for all
• Efficiency savings, improved cost control and VFM, maximise commercial opportunities

£65,000 to £85,000 an instance a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UKPublicSectorBD@bearingpoint.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

936287896344448

Contact

Gill Walker
07976 812978
UKPublicSectorBD@bearingpoint.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Private cloud
  • Hybrid cloud
• Service constraints: No constraint when you are using Cloud solution, to be discussed for hybrid solutions
• System requirements: Web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 9am to 6pm Monday-Friday
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: An icon (located in bottom-right corner) is available at any time to contact our team.
• Web chat accessibility testing: N/a
• Onsite support: Yes, at extra cost
• Support levels: For any on-site services needed to ensure the proper performance of BearingPoint's obligations, the customer shall reimburse BearingPoint for all reasonable travel, accommodation and subsistence costs in connection, wherever the provision of such services will result in BearingPoint's representatives travelling more than fifty (50) kilometers from their usual work location. Costs shall either be calculated on an actual basis or charged at a set rate to be notified from time to time in advance.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Training can be provided as part of our package. The nature and duration of training will be agreed as part of our negotiation, and will depend on client needs and the complexity of the service to be provided.
• Service documentation: No
• End-of-contract data extraction: Export functionalities is everywhere in the product.
• End-of-contract process: We destroy all users data once it has been confirmed that the client has extracted all necessary data and information.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: N/a
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Everything is doable through the web interface and through the API with no limitation
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Our software is fully customisable depending on your needs. We are happy to assist with customisation.

Scaling

• Independence of resources: The platform is scalable and is not affected by volume of demand.

Analytics

• Service usage metrics: Yes
• Metrics types: We can provide metrics related to API usage and computation activity
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Export functionalities are everywhere in the product. You can also export your data through an API with pre built connectors for SAP and other solutions.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our service will be available as follows: Monday to Friday 8:00 am to 20:00 pm (GMT/GMT+1), Saturday 08:00 am to 12:00 pm (GMT/GMT+1), Sunday and Bank holiday as required. No other exceptions (e.g. year/month end etc.) are allowed. Excluding scheduled Support and Maintenance ; Sundays and Bank Holidays shall be reserved for Support and Maintenance and / or ad-hoc data processing e.g. backing data out. Any such Sunday or Bank Holiday requirements shall be notified and agreed to by BearingPoint in advance. Planned Support and Maintenance Upgrades – With the exception of exceptional circumstances requiring more extensive intervention, there will be a maximum of 8 hours of downtime per quarter for such Support & Maintenance Upgrades. Any Planned Support and Maintenance shall be announced at least five business days prior to the event with the need for urgent intervention. In the case of the need for an urgent intervention, BearingPoint will provide Customer with as much advance notice as reasonably practical.
• Approach to resilience: Available on demand
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Json Web Token (JWT)
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: DMSZ GmbH Deutsche Managementsystem Zertifizierungsgesellschaft mbH, Griesheim, Germany
• ISO/IEC 27001 accreditation date: 1/11/2021
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Cyber Essentials Plus
  • ISO 27005
  • ISO 27002

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO 27002; ISO 27005; Cyber Essentials
• Information security policies and processes: BearingPoint is ISO 27001 & ISO 27002 certified. Our risk assessment methodology follows the methodology promoted by ISO 27005. In terms of policies, we have documented, we review and update the policies below that cover the following (these policies can be available on demand): Antivirus Policy, External Accounts Policy, Firewall Policy, Information Technology Use Policy and Guidelines, Mobile Device Management Policy, Network Policy, Password Policy, Remote Access Policy, Web Filtering Policy, Wireless Networking Policy, Removable media & backup Policy, Cryptography Policy ,Downtime Policy, Use of external services Policy, Email & instant messaging Policy, IT standards Policy, IT Purchasing Policy, IT support Policy, User account management Policy, Patch Policy, IT Cloud & server Policy, Telephony acceptable use Policy, Data classification & handling Policy, Clean desk & digital media disposal policy.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We are doing everything in DevOps. All DevOps code is commited in Git. All code is reviewed by 2 other people. We are tracking modification through Terraform state and AWS services like Security Monitoring with Amazon Macie.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Continuously based on threat severity
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Security monitoring with Amazon Macie
• Incident management type: Supplier-defined controls
• Incident management approach: Our incident management approach is available to clients on request as part of a contract negotiation.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  BearingPoint is passionately committed to stewardship of the environment and has several internal initiatives in place which deliver against this policy outcome in our business-as-usual activity. BearingPoint has established an international working group to manage carbon emissions. We are a signatory to the UN Global Compact and working toward B Corp Certification. Our “Sustainable By Design” Leadership Committee established a firmwide emissions goal of 50% reduction in emissions by 2025. We established a network of Sustainability Agents who are responsible for generating/implementing new carbon reduction ideas in their countries and we will work with them to ensure adoption of additional measures under G CLoud 14 contracts. We adopt a data-driven approach to monitoring and improving carbon emissions, based on our 'Emissions Calculator' tool, and any new work undertaken under these contracts will be added into this model. In the UK, we have published a Carbon Reduction Plan which clearly sets out our roadmap to achieving our targets in Scope 1-3 emissions; any work undertaken under these contracts will be monitored under those business-as-usual arrangements. For example, we will; • minimise CO2 emissions by minimising business travel, working remotely wherever possible.; • where travel is necessary, use the most sustainable method, logging our journeys in Emissions Calculator.; • ensure any new IT required for the contract is sourced responsibly and sustainably.; • ensure any IT being disposed of is disposed of responsibly and sustainably.; • identify local charities that might benefit from used IT and phones and donate to them securely.; • encourage our contract workforce to avoid commuting wherever possible.; • ensure they have appropriate equipment to facilitate work from home.; • where commuting is necessary, ensure it happens in the most sustainable way, logging journeys in Emissions Calculator.

  Tackling economic inequality

  BearingPoint is passionately committed to tackling economic inequality and has several longstanding initiatives in place which deliver against this policy outcome in our business-as-usual activity. In addition to our many routine Corporate Social Responsibility activities, engagement teams work hard to ensure that the communities in which clients live and work are supported in tackling economic inequality through, for example, offering paid internships, access to training, ensuring diversity and collaboration in our supply chain (for a particular contract or more generally), and through advice and provision of pro-bono consulting support on issues relating to modernising delivery of public services and increasing value for money without negatively affecting front-line local services. ; BearingPoint also has well established procedures for working in true partnership with and maintaining/improving diversity in our supply chain and takes pride in having a fair and responsible approach to working with local partners in delivery of contracts. We use local associates or companies wherever possible, to help keep the benefit of the client's consulting spend in their local area. We maintain a Supply Chain Code of Conduct that mirrors our own internal Standards of Business Ethics, and which we require all our supply chain to sign up to and apply. As part of this contract, while we do not anticipate using a significant supply chain, we undertake to apply these fair and responsible processes to any subcontractors who are involved and to ensure that the principles in the Supply Chain Code of Conduct are upheld.

  Equal opportunity

  BearingPoint is passionately committed to equal opportunities in our contract workforce and has several internal initiatives in place which deliver against this policy outcome in our business as usual activity. We will use G Cloud 14 contracts to deliver ADDITIONAL initiatives and/or ENHANCE our existing initiatives in this area. For example, by:; • provision of training, coaching, and mentoring to members of the contract workforce who are from disadvantaged backgrounds or who have protected characteristics, or otherwise face barriers to employment or progression; • use of paid internships for people from disadvantaged backgrounds or who have protected characteristics, or otherwise face barriers to employment or progression; • subject to the length of the contract, use of apprenticeships to deliver training and qualifications to those facing barriers to employment or progression; • opportunities for the contract workforce to engage with and influence the work of our existing Diversity and Inclusion team; • opportunities to attend lunch and learn sessions relevant to the contract or the skills it requires from its team; • partnering or collaborating opportunities for small companies, and fair and ethical treatment of those in our supply chain; • fundraising or pro-bono work for charities or not-for-profit organisations working in this field; We require all subcontractors to adopt our Supplier Code of Conduct, which includes measures to ensure equality and diversity in the contract workforce. ; We build delivery of Social Value into the routine cadence of our Engagement Management process, ensuring regular communication and transparency of progress.

  Wellbeing

  The wellbeing of our workforce features heavily in our Sustainability strategy. We engage regularly with our staff via People Surveys, in terms of perceived belonging, psychological safety, and levels of engagement. Our results indicate high and stable levels for all these indicators. Other measures implemented include remote social sessions, resilience training, and a monthly Wellbeing newsletter. We continue to offer a wellbeing programme around stress management, nutrition, and ergonomics. We have also implemented a health-oriented leadership training manual to embed physical and mental health in our work and to empower our people to act with care. This includes advice on identifying when people's health might be posing a challenge and how to design a work environment that is not damaging wellbeing. ; As part of our engagements, we identify practical, measurable ways in which we can extend our own initiatives and offer support to help with improving wellbeing. For example:; • Designing ways of working which will minimise potential negative impacts on wellbeing, and which will enable the engagement team to identify and manage any potential health and wellbeing issues at an early stage, minimising risk of longer-term detrimental impacts to the workforce and to delivery of our service. We can make use of regular ‘pulse check’ surveys to facilitate anonymous monitoring of health and wellbeing issues in the team.; • Opportunities for the contract workforce to engage with and influence the work of our existing Diversity and Inclusion team (where our health and wellbeing initiatives are managed).; • Opportunities to be part of our internal initiatives promoting health and wellbeing issues. We encourage the contract workforce to jointly create their own fundraising and awareness-raising activities.; • Opportunities to attend health and wellbeing lunch and learn sessions.; • Opportunities to attend panel discussions on health and wellbeing related matters.

Pricing

• Price: £65,000 to £85,000 an instance a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UKPublicSectorBD@bearingpoint.com. Tell them what format you need. It will help if you say what assistive technology you use.