ENTERPRISE RPA LIMITED

Robotic Process Automation [RPA]

Robotic Process Automation (RPA) uses software robots to emulate what a human can do, processing mundane, high volume, repetitive tasks that frees up humans for more cognitive added value tasks. RPA is applicable to any industry in any department where these characteristics apply.

Features

• Clear and easy benefits case justification
• Extremely high accuracy levels and lower rework
• Productivity gains of up to tenfold improvements can be achieved
• The robot can work for multiple departments
• Can run completely unattended 24/7
• Universal Credit Verification (UCV) Automation for Housing sector
• Can interface via GUI API SQL - very flexible interfaces
• Highly accurate data handling, manipulation and transfer capability
• The same robot can handle multiple processes throughout the day
• Process knowledge is retained in the organisation

Benefits

• Improves the speed and accuracy of data entry
• Reduces error and rework rates
• Data integrity issue focus to fix root causes of errors
• Drives the focus on exception management and eradication
• Frees up staff time for more added value activities
• Enables out of hours working through unattended automations
• Creates additional processing capacity
• Enables businesses to do more with the same resources
• Creates opportunities to enhance and re-engineer processes

£5,500.00 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at steve.bolton@enterpriserpa.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

964593501824869

Contact

Steve Bolton
07850964225
steve.bolton@enterpriserpa.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Our software services act as an extension to existing software applications without the need for complex system integrations.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Standard support is 9am-5pm UK time, Monday to Friday, with out of hours support being agreed separately
• System requirements:
  • Requires a Cloud Studio Developer licence
  • Requires a mimimum of a Cloud attended licence
  • Can run on a local dedicated machine
  • Can run on a Windows Server
  • Requires the appropriate access to inhouse systems
  • Requires the appropriate permissions to inhouse systems
  • Requires a Windows 365 licence for Excel and Outlook
  • Remote access required via RDP or VPN
  • Cloud UiPath Orchestrator is recommended
  • For 24/7 operations a Cloud Unattended licence is required

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: ERPA help desk is available from 9:00am to 5:30pm, weekends and bank holidays excluded. (out of hours support may be requested and agreed in advance). Support requests may be logged 24 hours a day and 7 days a week via support@erpa.raisaticket.com . The response time will start from the start of the next working day. The first response time will be no longer than four hours and often much quicker.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Support is provided via remote access to investigate and resolve issues, that are predominantly environmental changes affecting the software robot. Support is billed in pre-bought tokens, which are an hour each at £150 per token, mininum spend applies, and drawn down in 15 minute increments. The support is usually, but not exclusively, carried out by the software developer who built the solution on a client's behalf.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide user guides on installation. We set up and configure the cloud Orchestrator platform for clients. We provide training and mentoring services for inhouse developers. We encourage shadowing where client users observe, and contribute to, their solution being developed. We use a UiPath application, Task Capture, to create a Process Definition Document for development.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The majority of data is held client side. Actvity logs are held both client side and in the cloud, the data held in the latter is anonymised / restricted to exclude sensitive data for GDPR compliance. If the contract for the services is ended, the cloud Orchestrator organisation is deleted along with any data held therein within 30 days. Any data held on ERPA company servers or devices for the purposes of reporting, testing and development will be returned and removed from company servers & devices.
• End-of-contract process: The contract will comprise annual licence costs, solution development costs for the automation and optional support costs, as agreed, for continued support post go live sign off. The end of contract data extraction & removal actions apply.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Orchestrator element of the service to trigger and schedule jobs is mobile friendly; the development canvas, Studio, is not.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The service interface is either via a cloud based Orchestrator for certain elements controlled by this element, or accessed remotely via an installed Studio Developer licence. User permissions can be controlled, granted and restricted by role and organisation.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: UiPath statement: "We have been actively working towards improving the accessibility in our products. Although there are still many things to work on, I would like to highlight some of the main areas that we focused on:; Contrast issues that fall under the level AA requirements for both text and non-text elements; Keyboard navigation; Screen reader support; Accessibility is now part of our yearly releases and with each new release we aim to improve our products even more."
• API: Yes
• What users can and can't do using the API: We can use web hooks for APIs for example to interface with Orchestrator, populate dashboards with performance updates. There is embedded capability in the UiPath platform to work with APIs.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The platform has the capability for re-usable, bespoke components to be developed and stored in a library for use on other automation projects. Orchestrator assets can be customised. The Orchestrator schedule can be customised for triggering and prioritising jobs.

Scaling

• Independence of resources: The automation services primarily utilise clients' own infrastructure, essentially as virtual employees, and so is dependent on internal bandwidth and system load / utilisation. We ensure scalability by providing additional software robots as demand scales. We dynamically schedule jobs determined by client priority. Licences and machines can be shared or deployed uniquely by process.

Analytics

• Service usage metrics: Yes
• Metrics types: We measure successful transactions, business exceptions based on client based rules and application system exceptions based on client environment. We provide overall and transaction level processing times. Job statuses are provided through Orchestrator.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: UiPath, Druid, Evolution AI, Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Other
• Other data at rest protection approach: UiPath encrypts customer data in transit and at rest. All customer data stored within UiPath cloud products and services is encrypted in transit over public networks using Transport Layer Security (TLS) 1.2+ to protect it from unauthorized disclosure or modification.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Any data that the client is required to export is done via API or uploaded into secure shared locations. Data is encrypted in transit and at rest.
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • PDF
  • JSON / XML

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: UiPath: 99.9% uptime guarantee, SOC 2 Type 2, ISO 9001, ISO/IEC 27001, and Veracode Verified™
• Approach to resilience: Available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Permission levels are managed and granted in agreement with clients.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Less than 1 month
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Less than 1 month
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • UiPath SOC 2 AICPA
  • UiPath ISO 27001
  • Evolution AI ISO 27001
  • Druid ISO 27001
  • UiPath Veracode Continuous Certification

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ERPA has policies that cover Infomation Security, Data Sharing, Internet Usage, GDPR, Network Access & Passwords, Information Security Incidents and AI Data Security. These are reviewed annually and circulated to all employees to confirm that they have read them. We have NDA's as an integral part of our employment contracts, and new employees are required to review all policies within one week of starting employment. We do not currently use third party contractors, but if we do in future they will be governed and contracted to our standards. The policies are controlled and updated by the Operations Director.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: UiPath statement: "UiPath adopts a cadence of two Enterprise Platform updates every year. The timing of these releases target April and October of each year. The April release of each year will be a Fast Track Support (FTS) and the October release will be a Long Term Support (LTS) release. This allows you to select the model that best supports your business requirements. SOC 2® attestation for additional services and HIPAA attestation provides confidence to adopt Automation Cloud if you’re operating in a regulated environment." ERPA has a Software Delivery Lifecycle structured approach.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Enterprise RPA (“ERPA”) is entrusted with the responsibility to provide professional managed technical services to clients who provide us with confidential information. Inherent in this responsibility is an obligation to provide appropriate protection against theft of data and malware threats, such as viruses and spyware applications. The purpose of ERPA's policy is to establish standards for the base configuration of equipment that is owned and/or operated by ERPA or equipment that accesses ERPA’s internal systems. Effective implementation of this policy will minimize unauthorized access to ERPA proprietary information and technology and protect confidential client information.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: UiPath statement: "In the event of a breach, we use security response plans to minimize data leakage, loss, or corruption. We provide transparency to our customers throughout the incident. Our 24x7 SRE and Security team is always on hand to rapidly identify the issue and engage the necessary development team resources to contain the impact of the incident. Once the team has contained an issue, our security incident management process continues as we identify the root cause and track the necessary changes to ensure we prevent similar issues in the future."
• Incident management type: Supplier-defined controls
• Incident management approach: ERPA policy: ERPA shall ensure that Incidents are detected as soon as possible and properly reported, and that they are: handled by appropriate authorized personnel with ‘skilled’ backup as required; are properly recorded and documented, with all evidence gathered, recorded and maintained in a way that will withstand internal and external scrutiny. Incidents are dealt with in a timely manner and service(s) restored asap. Any weaknesses in procedures or policies are identified and addressed. The risk to ERPA and its clients’ reputation through negative exposure is minimized. All incidents shall be analyzed and reported to the designated officer(s).

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  Our automation solutions free up staff from boring, monotonous, high volume, unproductive work for more cognitive tasks and activities; our email categorisation automation can reroute emails to specialists where otherwise distressing content may be shared with untrained staff who are tasked with reviewing and forwarding emails.

Pricing

• Price: £5,500.00 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at steve.bolton@enterpriserpa.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.