Skip to main content

Help us improve the Digital Marketplace - send your feedback

CACI UK Ltd

MooD 16 and MooD 17 Software as a Service (SaaS)

Online, cloud hosted based access to MooD Business Architect and MooD Active Enterprise components. This is a hosted service that provides a virtual repository, complete with disaster recovery, flexible licencing and scaleable collaboration.

Features

  • Hosted software within Cloud or UK OFFICIAL cloud environment (SaaS)
  • Server administration and software support included
  • Upgrade, bug triage and fix included
  • Backups and recovery processes in place
  • MooD Business Architect and MooD Active Enterprise components
  • Web front-end allowing access from any location with appropriate permissions
  • Scalable infrastructure
  • Email and Telephone support
  • Enterprise and Business Architecture
  • Access from any location with the appropriate permissions granted.

Benefits

  • Fully configured and supported software application
  • Managed infrastructure
  • Access to the latest version of software
  • 99%+ availability and uptime
  • Collaboration with defence partners and teams
  • Sharing of content via HTML to defence partners and teams
  • Access from a wide range of IT devices
  • Improve business-led agility and responsiveness
  • Analyse how operational activity is affecting overall business outcomes
  • Do difficult things quickly for unprecedented ROI

Pricing

£200 to £300 a user a month

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at digital.marketplace@caci.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

9 4 3 8 3 1 8 0 8 0 9 1 3 5 5

Contact

CACI UK Ltd CACI Digital Marketplace Sales Team
Telephone: 0207 602 6000
Email: digital.marketplace@caci.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Services can work in parallel with other services.
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
Requires specific versions of software.
System requirements
  • Microsoft SQL
  • Microsoft Windows

User support

Email or online ticketing support
Email or online ticketing
Support response times
Initial response to email is due within 4 hours on Monday to Friday from 09:00 to 17:00 excluding national holidays. Immediate response to phone and online requests business hours Monday to Friday. Online support portal available 24/7. Dedicated customer account manager available business hours. Enhanced levels of support are also available at extra cost
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Onsite support is available through a Managed Service, pricing is dependent on the number of end users and support levels defined. A Technical Account Manager will be provided as will a customer account manager. Additional services include but are not limited to training, modelling support, model definition, design, configuration and test services.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The user is fully supported through an online support capability, user documentation and onsite training can be provided.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • Microsoft Office
  • Microsoft Visio
End-of-contract data extraction
At contract end CACI deliver a full transition and close down service. All exportable data will be provided on removable media.
End-of-contract process
Administrative rights permit data export following which service is terminated

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Chrome
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
User support accessibility
WCAG 2.1 A
Description of service interface
Web interface
Accessibility standards
WCAG 2.1 A
Accessibility testing
None
API
No
Customisation available
Yes
Description of customisation
Software can be configured to requirements.

Scaling

Independence of resources
Infrastructure scaling and load balancing, usage constraints.

Analytics

Service usage metrics
Yes
Metrics types
Usage statistics and availability
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
No
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Through the user interface of the tooling.
Data export formats
  • CSV
  • Other
Other data export formats
  • XLSX
  • Word
  • PowerPoint
  • PDF
  • ODBC sources
  • ArchiMate
  • XLS
Data import formats
  • CSV
  • Other
Other data import formats
  • Excel
  • MS Project
  • XMI
  • Visio

Data-in-transit protection

Data protection between buyer and supplier networks
Other
Other protection between networks
CACI follows GDPR and all legal/contractual obligations to data protection/information security both as CACI data owners and data processors on behalf of clients. All data processing is conducted in accordance with our Information Handling/Data Protection Policies.
CACI comply with the principles of the HMG guidance “10 Steps to Cyber Security” and has implemented a comprehensive data protection awareness programme.
Information security and data protection training is provided upon induction, and throughout employment.
CACI has implemented the Access control controls (A9) as part of our ISO 27001 Certification. Our ISMS has been certified to ISO27001 since 2006 under certificate #501477.
Data protection within supplier network
Other
Other protection within supplier network
CACI follows GDPR and all legal/contractual obligations to data protection/information security both as CACI data owners and data processors on behalf of clients. All data processing is conducted in accordance with our Information Handling/Data Protection Policies.
CACI comply with principles of the HMG guidance “10 Steps to Cyber Security” and has implemented a comprehensive data protection awareness programme.
Information security and data protection training is provided upon induction, and throughout employment.
CACI has implemented Access control controls (A9) of the ISO27001 standard as part of our 27001 Certification. Our ISMS has been certified to ISO27001 since 2006 under certificate #501477.

Availability and resilience

Guaranteed availability
This is different per contract/solution/infrastructure. Information available on request against a specific configuration, subject to Private Cloud hosting SLA's as specified by customer.
Approach to resilience
Designed with fail-over between two data centres.
Outage reporting
Email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Full security permission model, details available on request.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Certified by the British Standards Institute (BSI) for ISO 27001.
ISO/IEC 27001 accreditation date
Original Registration Date: 11th April 2006 – last re-certification February 2022
What the ISO/IEC 27001 doesn’t cover
Our ISO 27001 certification covers all CACI services, offices, and data centres.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
  • CACI holds Data Seal.
  • Registered with the ICO - Network and Information Systems Directive
  • ISO 9001 - this includes additional elements regarding security

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
CACI provides systems integration, software applications and consultancy services to customers from across the public and private sectors. We manage sensitive data on behalf of our customers ensuring that the confidentiality, integrity and availability of information is maintained always.

CACI is dedicated to protecting all customer data and systems using industry best practise for security. We have implemented an Information Security Management System (ISMS) containing policies, procedures and robust technical controls to systematically manage sensitive data, systems and processes in accordance with ISO 27001:2013.

Our customers demand the highest levels of data security, and our ISMS is subject to regular rigorous internal & external audits by our customers. CACI has been certified by the British standards Institute to ISO 27001 since 2006, cert # IS501477, covering all CACI offices and data centers, demonstrating our commitment to information security. We also hold Data Seal, cert # DS 27001/1-2014 and Cyber Essentials certification, cert # CES-CSR-10006.

All our systems are installed on highly available hardware in CACI owned data centres, backed up nightly on offsite encrypted media, patched regularly, while being protected by high-end firewall systems, intrusion detection and antivirus systems. Complete network penetration tests are performed annually by independent third parties.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Documented change management systems form part of ISMS. Major/significant changes are peer reviewed and approved by the Change Advisory Board which delivers support to Change Management team who approve, assess, prioritise.

All changes are subject to our Change Control Policy. Where there is the possibility of an impact to user activity, stakeholders are notified for feedback.

Changes are then forwarded to Change Managers for CAB approval, who append plans when appropriate.

Robust systems acceptance testing processes have been established for all new information systems, upgrades, and new versions, conducted by a dedicated Quality Assurance team, ensuring no security impact.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
CACI has a comprehensive vulnerability management program that includes conducting weekly vulnerability scans on critical systems and applications.

New patches are promptly risk assessed and prioritised based on the severity of the vulnerability and the threat intelligence available.

Where an Emergency patch poses an imminent threat to the network it is installed without undue delay.

All other Windows patches are installed within 14 days of receipt.

Our system administrators subscribe to alerts and publications to ensure new are emerging threats are countered promptly and effectively and that new Technologies and security best practices are assessed and adopted where appropriate.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Available on request
Incident management type
Supplier-defined controls
Incident management approach
All employees are required to report any real, perceived, or potential security incidents that may affect the confidentiality, integrity, or availability of data.

All Security Incidents are recorded in-line with our Security Incident Policy and Response Procedure, for each incident a root cause analysis is conducted, a corrective action undertaken, and a preventative action will be implemented to prevent or reduce the probability of the incident reoccurring in the future.

CACI’s cyber security management programme includes cyber incident response plans, advanced technical controls, operation resilience and business continuity management to minimise the impact of a cyber-security attack or incident.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
Yes
Connected networks
Other
Other public sector networks
MODNET if required

Social Value

Social Value

Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

As a supplier primarily of professional IT services, CACI’s environmental impact is minimal. However, we are constantly looking at how we can operate more efficiently in our fight towards climate change. We are working towards a Net Zero Carbon business model through our delivery to our customers as promoting this to our supply chain.
This commitment is demonstrated by our achievement of ISO14001 accreditation, which we have held for nine years. To attain this standard, we ensure our Environment Management System (EMS) met the following requirements:
-Awareness of environmental impact through procedures and controls
-Acceptance of responsibility through environmental management systems
-Reducing harmful impacts via environmental policies
-Displaying community responsibility via staff training and awareness

We are fully committed to working towards a circular economy approach and where practically possible CACI select the most sustainable means to operate its facilities We remain aware of any and all opportunities to share, lease, reuse, repair, refurbish and recycle existing materials and products. That includes using recycled paper, enforcing double sided printing, and using Energy Star devices. Our recycling policy includes energy/water consumption, waste materials and paper use.
CACI has an agreed Carbon Reduction Plan (CRP) which is in implementation and is published on our website. This includes a set of carbon reduction targets up until 2040, with a baseline period set from July 2020 to June 2021

Tackling economic inequality

CACI is dedicated to creating employment opportunities, working with local suppliers and hiring local people. We adjust our recruitment and training processes to focus on attributes rather than qualifications, which could exclude those from a disadvantaged background or deprived areas. Inclusivity and accessibility are encouraged via unconscious bias education and positive and inclusive designs, accessible capabilities, and inclusivity in gathering requirements for digital services. For example, we work closely with the National Autistic Society and Autism at Work to create an inclusive recruitment process, actively supporting neurodiverse candidates to flourish.
CACI works with a number of outreach organisations to develop and attract individuals from minority groups into the cyber security sector, including CyberFirst. A number of our employees volunteer as Ambassadors to this NCSC led government outreach programme. This is a reflection of our belief in the programme’s mission, to develop a sustainable and diverse talent pipeline into the cyber security industry. The majority of the programme’s focus is on students in UK schools, to improve issues with massive student dropout from IT education.

CACI has pledged to promote equality of opportunity within our supply chain, and work with a diverse range, including specialist Small and Medium Enterprise (SME)s. Our network is diverse and wide ranging in terms of skill set, age of business, make up of employees, geographical location, and therefore varying business cultures and diversity of individuals.
We are focussed on creating opportunities from the following groups who experience barriers to employment :
-Long term unemployed
-Armed forces veterans
-Mothers returning to work
-Care leavers

Equal opportunity

CACI’s Equal Opportunities policy formalises our approach to not discriminate against any employee on the basis of sex or sexual orientation, marital or civil partner status, gender reassignment, race, religion or belief, colour, nationality, ethnic or national origin, disability or age, pregnancy or maternity or other characteristics defined in anti-discrimination legislation (Protected Characteristics), or trade union membership or the fact that they are a part-time worker or a fixed-term employee. Our employees and applicants for employment with CACI are not disadvantaged by any policies or conditions of service which cannot be justified as necessary for operational purposes.
CACI is dedicated to ensuring our work environment, operational delivery and recruitment processes accommodate people with disabilities. Adjustments are made to ensure that those with disabilities are included and supported in our workplaces.
Our Workplace Adjustment Passport (WAP) enables employees to declare a disability, workplace adjustments are driven at company level.
CACI has signed up to the Disability Confident Scheme, formalising our commitment to play a lead role in changing attitudes for the better. We aim to successfully employ and retain disabled people and/or those with health conditions. When designing internal training or selecting an external partner, staff are consulted to capture any specialist needs to tailor sessions, including location, means of delivery and materials. This ensures all staff can develop in a comfortable and accessible environment .
CACI also works closely with the National Autistic Society to create an inclusive recruitment process, partnering with their Autism at Work programme; actively supporting neurodiverse candidates to flourish.
CACI have funded the creation of a number of staff networks, where employees with protected characteristics have time and resources to share ideas and support in a safe private environment. CACI have also offered specific training and talks from speakers related to these characteristics.

Wellbeing

CACI has a range of comprehensive support initiatives that have been implemented to aid the health and wellbeing of our workforce (including contractors). Below is a comprehensive list, with specific reference to the six standards of Mental Health at Work commitment.
Promotion of an Open Culture around Mental Health:
-Team of 18 Mental Health First Aiders
-Conduct regular drop-in sessions for all staff, delivered by a Mental Health First Aider Team, focus on a particular element of Mental Health

Prioritising Mental Health in the Workplace by developing and delivering a systematic programme of activity:
-Regular check-ins for staff and our contractor workforce
-Annual Staff Satisfaction Survey, which includes a section on Health & Wellbeing
-Free 24/7 professional counselling
-Private healthcare and health and wellbeing plan (extendable to family members/dependents)
-Employee Assistance Programme
-Discounted gym memberships
-Physiotherapy
-Medical services
-Mental Health First Aider programme
-Stress assessments

Proactively ensure work design and organisational culture to drive positive mental health outcomes
-Comprehensive property and facilities management, ensuring modern, comfortable and state of the art technology for all employees
-Distributed Working Programme, allowing employees and contractors to structure their working week in a way that suits their preference and personal commitments whilst delivering against their work accountabilities
-Open and honest communications at all levels throughout the organisation

Increased organisational confidence and capability:
-Dedicated area of our company intranet for mental health and wellbeing, including various supporting resources and colleagues
-Line Managers and Career Coaches trained in aspects of mental health

Provide mental health tools and support:
-Formal Mental Health First Aid Programme including a team of MHFAs
Increase transparency and accountability through internal and external reporting:
-Publish the results of our annual staff satisfaction survey to all staff. Includes Mental Health and Wellbeing, actions taken and areas for improvement

Pricing

Price
£200 to £300 a user a month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Up to three month trial MBA licence, hosted and supported.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at digital.marketplace@caci.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.