Acuma Solutions Limited

SharePoint Intranet Development and Enterprise (Data, Content & Document) Management Services

We develop Intranet, Data, Content and Document Management platforms, using out-of-the-box and customised features of SharePoint 2013, SharePoint 2016, SharePoint 2019 and Online/O365 versions. Our Intranet provides centralised communication and collaboration services. All modern and classic SharePoint features are supported in our Intranet solution, along with a responsive Intranet experience.

Features

• SharePoint Intranet delivers simplified communication and collaboration toolset
• Intranet based Document and Content Management platform
• Easy integration of SharePoint libraries into your SharePoint intranet
• SharePoint Intranet supports personalisation and content targeting
• Easy integration with multiple collaboration platforms
• Intranet Knowledge Management
• Intranet Enterprise Social Networking & Digital Workplace using SharePoint
• Incorporate out-of-the-box and customised requires in your SharePoint Intranet
• SharePoint Intranet provides industry standard Application and Data security features
• Advanced Reporting and Real time access

Benefits

• Flexible and secure Intranet access from anywhere, even mobile devices
• Gives users consistent experience from any location/device
• Centrally securely managed and autoupdated, using SharePoint Intranet
• Beautiful user experience and improved user adoption with SharePoint Intranet
• High availability, Business continuity and Disaster Recovery benefits
• Quantifiable improvement in Productivity, Efficiency, TCO & ROI
• Use SharePoint Intranet for a easy and simplified document management
• Agile development leading to quicker deployment of the Intranet Application
• Robust data and workflow governance, incorporated in the Intranet portal
• Customised and standard solutions available in the SharePoint Intranet solution

£95 a person a day

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid_team@acuma.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

948769689014381

Contact

Jonathan Eeley
0161 241 4111
bid_team@acuma.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Microsoft SharePoint to be used
• System requirements: Microsoft SharePoint & Windows

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We have a customer support desk; P1 - 1 hour; P2- 2 hours; P3- 4 hours; P4- 24 hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We use JAWS for web chat testing
• Onsite support: Yes, at extra cost
• Support levels: The service includes a standard level of Service Management with the following features: - Acuma Service Desk – available at standard England & Wales working hours - Incident management including liaison with SCC and agreed escalation routes - Agreed SLAs - Agreed maintenance windows - Agreed change control process - Publication and implementation of service roadmap Standard SLAs are as follows: Priority: Critical - Mission Critical Initial response time: 1 hour. Target resolution time: within 1 working day. Priority: 1 - Urgent issue affecting the whole user community, requires immediate action. Initial response time: 1 hour. Target resolution time: 24 working hours. Priority: 2 – Issue inhibits a user. Initial response time: 4 hours. Target resolution time: 3 working days. Priority: 3 - Issue is not seriously affecting a user, does not require immediate attention. Initial response time: 8 hours. Target resolution time: 5 working days. Priority: 4 - Cosmetic issues and information only queries. Initial response time: 24 hours. Target resolution time: as agreed at time of call. Enhanced Service Management is also available including:- - 24x7 support - Out of hours support - Weekend support - Peak period support (e.g. month end)
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Our consultancy expertise facilitates onboarding of users while the engagement gets initiated. Acuma services range from user training, support and documentation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The Off Boarding process includes full data extraction and removal. All customer –generated data will be returned to the customer according to customer preferences and subject to the requirements of the service Impact Level. Once the extract is verified by the customer all customer data is purged and destroyed and the service instance removed. Off Boarding costs are agreed on a customer-by-customer basis depending on data volumes, preferred media, security constraints etc.
• End-of-contract process: The standard set of procedures for closing the service is summarized below: Back up all customer data (including routines) to portable storage; Securely transfer data to customer; Customer validation of transferred data; Remove service instance (i.e. no trace of customer components); Customer verification of service instance removal.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: It can be developed to work on both the mobile and desktop environments, by using out-of-the-box and customised features.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: The Service utilises Microsoft SharePoint
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: We undertake automotive testing of the UI for testing accessibility standards
• API: Yes
• What users can and can't do using the API: The API is flexible and open, it can accommodate general and common scenarios
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Additional software can be installed. The services can be customised to meet the customer needs.

Scaling

• Independence of resources: This service has strict SLA's that guarantees a service level which is defined at the start of the contract to ensure that all the users are not affected by other users' demand.

Analytics

• Service usage metrics: Yes
• Metrics types: Numerous metrics can be provided on request such as: ; Memory, CPU, Disk Usage, Server up-time, user activity, etc.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can export their data by variety of methods depending on the data type. E.g. OneDrive, Google Drive, External USB, Back-up etc.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XML
  • TXT
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • TXT

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: 99.9% availability
• Approach to resilience: The service is replicated between 2 data centers to ensure resiliency. The solutions are also designed and based on industry and Microsoft recommendations.
• Outage reporting: A customer will be notified for any outages and planned outages by Email/SMS.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: User access is controlled by enabling role-based access where only authorized individuals can access the solution account.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 1/11/2019
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: Yes
• Who accredited the ISO 28000:2007: BSI
• ISO 28000:2007 accreditation date: 1/11/2019
• What the ISO 28000:2007 doesn’t cover: N/A
• CSA STAR certification: Yes
• CSA STAR accreditation date: 30/06/2019
• CSA STAR certification level: Level 3: CSA STAR Certification
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials Plus

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We take cues from ISO/IEC 27001:2005 specification. We follow disaster recovery, business continuity, incident response, password management, patch management, access control and firewall management processes.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Our configuration and change management approach embraces version control for all software components, processes and documentation. Assessment of changes are made against design documentation and threat intelligence, and potential security impacts are identified.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We leverage internally defined processes to monitor potential threats proactively through various sources, including external repositories. Patches can be deployed within an hour. We get the information about potential threats from Microsoft and our anti-virus software provider.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We leverage robust techniques, technologies and tools for identifying threats and rolling out relevant measures depending on the complexity, nature and severity as a specific case may demand.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our incident management processes adhere to industry standard best practice to capture as well as manage events. Users can make use of channels including email and phone for reporting incidents.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)

Social Value

• Fighting climate change:

  Fighting climate change

  Acuma fully supports fighting climate change and as a responsible supplier has implemented a carbon reduction policy and Statement demonstrating our commitment to fighting climate change. This is available on request.
• Covid-19 recovery:

  Covid-19 recovery

  Acuma has remained busy during the C-19 Pandemic providing consistent services to our customers and has fully supported suppliers and staff in line with all government policy and following all government recommendations and guidelines. We have a C-19 recovery plan in place which can be shared on request and are slowly returning to the office with very limited on-site customer meetings. We work with all our customers following their guidelines, the governments’, and also our own business protocol.
• Tackling economic inequality:

  Tackling economic inequality

  We take economic inequality very seriously and have implemented a number of policies to address inequality. We are an accredited Living Wage Employer and have a number of policies in place to support equality. These include, Modern Slavery Policy, Equality and Diversity, Labour Standards Policy and Ethical Trading Policy. Our board is represented fairly by all genders and we operate with a diverse workforce with employees speaking over 60 languages located globally across India, USA , UK , Malaysia, and Singapore.
• Equal opportunity:

  Equal opportunity

  The Company applies a policy of non-discrimination on grounds of religion, ethnic origin, sex, age, marital status or disability. The only criteria for selection and for any particular position within the Company is a candidate's ability to do the job required. The Company recognises that disabled individuals can and do make a valuable and significant contribution to the business activities of the Company. Where disabled people have the attitude and abilities necessary for the job, sympathetic and positive consideration is given to their applications. Encouragement will be given in the education, training, career development and promotion of all employees, according to the opportunities available, organisational requirements and individual attitudes and abilities.
• Wellbeing:

  Wellbeing

  Acuma is committed to providing a healthy working environment and improving the quality of working lives for all our employees. Our wellbeing strategy aims to support Acuma's mission and core values of freedom of thought and expression, freedom from discrimination and the recognition that Acuma's staff are its greatest asset. Through the integration of wellbeing in all work activities and practices, a positive environment can be created that is compatible with promoting staff engagement, performance and achievement. Working in partnership with all areas of Acuma and the wider company with a common interest in promoting a culture of wellbeing is key to the success of this strategy. The wellbeing strategy’s ultimate goal is to improve the health, safety and wellbeing of Acuma's staff and to prevent work associated ill health, for the overall benefit of staff and the organisation. This encompasses the physical, mental and social health of employees and recognises that employees’ values, personal development and work within Acuma contribute to their overall wellbeing at work. Acuma has a large workforce and is geographically, culturally and linguistically diverse. The wellbeing strategy aims to reflect this diversity and to provide direction on related issues and challenges in order to support the development of effective solutions and outcomes. This strategy aims to bring together all initiatives already in place within Acuma for supporting and maximising the health and wellbeing of staff. Through the coordination of current wellbeing activities and the identification of further opportunities, an action plan has been established that consolidates existing work and achieves additional progress. This action plan has been developed using CIPD’s five recognised domains of wellbeing, namely: health, work, values/principles, collective/social and personal growth.

Pricing

• Price: £95 a person a day
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: All services are offered for free for limited period.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid_team@acuma.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.