CDS

Brandworkz brand management software

CDS provides digital asset management with Brandworkz, cloud brand and digital asset management software enabling clients to ensure that their brand vision and marketing content is consistent in every channel. It is easy to use and provides complete control, brand compliance, content consistency and rapid distribution of brand assets.

Features

• Content management system (CMS) for creating online brand guidelines
• Digital asset management via a centralised repository for digital assets
• Approval based workflows for streamlined marketing production
• Enterprise search provides fast, intuitive search functionality across all content
• Reporting provides real time metrics and intelligence on asset use
• Global 24/7 web-based access
• Granular access controls provide appropriate permissions and access for users
• Meets the highest system and hosting security criteria
• Experienced brand management consultants to implement/support system.
• A simple UI presents compliant templates for print artwork

Benefits

• Ensure consistent/positive representation of your brand at every touchpoint
• Centralise all your content in one access-controlled repository
• Showcase the best work from your global marketing teams online
• Educate all team members about your brand with web-based guidelines
• Reduce time spent searching for, sharing and re-purposing assets
• Reduce time to market with online collaboration
• Eliminate artwork localisation costs with web2print module
• Provide secure, permission-based access to all staff and suppliers
• Fine tune your brand management with reports/analysis
• Produce compliance-based audit trail of approvals and comments.

£500 to £1,500 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@cds.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

991259733925464

Contact

Matt Johnson
0113 399 4000
bidteam@cds.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Any planned maintenance around fixes and upgrades is agreed with the client in advance, and timed to take place during low impact periods (weekends, night time etc.)
• System requirements: Web access via common major browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support response times via Freshdesk ticketing software system. Urgent : respond 4hours, resolution 8hours. High: respond 4 hours, resolution 24hours. Medium: respond 8hours, resolution 5days(no redeployment) 1-3months(redeploying code). Low: respond 24hours, resolution 3 working days (question), 10days(visual/cosmetic defects),2-6months(redeploying code)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Brandworkz provide a consistent level of support for all clients, as dictated by our service level agreement built into all contracts. ; All clients have named administrator access to our helpdesk (email or phone). However, the logging of an incident must always be done by a clients 1st line support by sending an email with enough detail for us to replicate the issue. The response time is calculated as starting from the time this email is received.; Response times are included in the previous section. As a result of our support we contractually agree to offer 99.9% guaranteed availability over the course of any 12 month period measured as HTTP response availability of the log-in page of your web application as measured by us. If this is not achieved, we credit the cost of 1 day of SaaS service costs for every 15 minutes for which the site is unavailable, up to an aggregate maximum of two hours unavailability of the site in any one calendar month provided that you report the unavailability and request the credit in writing to us within two Business Days of the downtime occurring. ; Support costs are built into the SaaS license.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Brandworkz is an extremely user intuitive system to work within and therefore our experience is that minimal training is required whether it be for administrators or front-end users. Typically, 1-2 days training is need for the former dependent upon the modules employed. Included in this training is a section that covers the front-end user interface, which has allowed our customers then to use administrators as an internal training resource.; However, training and help material is provided to all users via the ‘help’ link in every instance of Brandworkz. This takes the user to a video enabled help site, covering advice on all main tasks. ; Further training and help material can be produced and held within the system itself, and can be in the form of documentation, web articles or videos.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Client admins have full access to all data during the lifecycle of the system and can, at any time, conduct a full export of meta and download of assets. ; Furthermore Brandworkz exit management policy includes provision for data extraction as a part of the contract.
• End-of-contract process: The exit management schedule states: 1 Migration ; 1.1 Where the Services provided to Customer are dependent on equipment which is not owned by Customer, Supplier will ensure the necessary migration of all Supplier Software, data and other materials from such equipment to similar equipment owned by Customer or a new service provider. Implementation of the change shall be carried out by Supplier in such a way as to cause the minimum possible disruption to the supply of the Services.; 1.2 Any costs for professional services to complete such a migration will be quoted for by the supplier and agreed between the customer and the supplier in advance.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The DAM element of Brandworkz is based on a fully responsive design so that the display will adjust to the screen size of the device being used i.e. on a mobile device the assets will display as a single column and the menu will concertina.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Our system provides client admin teams with access to the admin service UI allowing for the management of users, assets, reports, site configuration and metadata attributes.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We use browser extensions and onscreen readers.
• API: Yes
• What users can and can't do using the API: Yes: The Brandworkz REST/JSON based, open API is ready to be used on projects where tight integration with third party systems is needed; CMS, Ecommerce, Email marketing etc.; Our open RESTFUL/JSON API system is built as a SOA (Service Oriented Architecture). This means that the functionality of the system is broken out into separate services, for example, a service that deals with assets, another for albums, another for categories, etc.; Each service then is a standalone entity that communicates using the same architecture. ; The benefits of this approach for developers and clients are:; - Speed; - Scalability ; - Stability; - Monitoring; ​- Development Time; ; To find our more about the API you can read the documentation here: https://apidocs.brandworkz.com/
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Brandworkz is a fully functional Brand Management portal. Customisation can fall into two categories: ; 1. Standard configuration inc. site skin, choice of page templates, content architecture, meta-schema, logo finder structure, showcase structure, user groups, permissions, reports, workflow stages. All of these elements can be configured by system admins at Brandworkz or on the client team following appropriate training, using the admin interface provided as standard. ; 2. Bespoke customisation: Clients are able, with our help, to customise elements such as:- page templates, integrations, SSO (Single Sign On), new features (either bespoke or directed development approach), mobile apps. Depending on the nature of the customisation the work would need to be carried out by the Brandworkz product team based on agreed specification s with the client.

Scaling

• Independence of resources: All server types are in auto-scaling clusters, which means that if the number of simultaneous users increases, we will automatically launch more servers to deal with the increased demand.; Auto-scaling is included for the following server types:; • Web-servers: ; • Image transcoding servers: ; • Video transcoding servers: ; • Zip servers:

Analytics

• Service usage metrics: Yes
• Metrics types: The Brandworkz reporting module enables reporting on asset usage, including detailed reports on downloads and uploads. Configurable reports included in the system are:; Individual logins; Individual groups; Individual assets; Top 100 viewed assets; Top 100 viewed folders; Top 100 downloaded assets; Top 100 search terms; Top 100 users (based on number of logins); Top 100 users (based on no. of downloads); Top 100 download wizards; Top 100 IP addresses; Uploads for a time period; Downloads for a time period; Logins for a time period; Asset Views for a time period; Folder Views for a time period; Disk space usage
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Brandworkz

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Typically; ; • All assets exported to a folder hierarchy matching the one set up in the web-UI,; • Associated spreadsheets/CSV files for each section with all metadata present for each asset. ; This provides the most flexible and standard ability to import the assets and the associated metadata into another system. ; If required we can explore using sidecar files for associated metadata, though this adds time.; Timescale and effort will vary based on the amount of assets but all assets would be exported within 2 to 5 days of effort. We would typically do this within 30 days.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • Virtually any digital file type can be stored and managed.
  • All major Image types
  • All major document formats
  • All major video types
  • All major audio file types
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • Virtually any digital file type can be stored and managed.
  • All major Image types
  • All major document formats
  • All major video types
  • All major audio file types

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We guarantee 99.9% availability over the course of any 12 month period measured as HTTP response availability of the log-in page of your web application as measured by us. ; Notes.; 1: Guaranteed Availability excludes scheduled downtime including:; - required restarts after installation of critical software updates or software installations which will so far as possible be performed outside Business Hours and; - scheduled hardware/software updates to the network (which is usually performed between 1 and 5 am in the morning UK time).; 2: Guaranteed availability excludes unavailability occurring due to technical faults arising on networks outside the control of our hosting provider.; SERVICE CREDITS; If Guaranteed Availability is not achieved, we will credit you the cost of 1 day of your SaaS service costs for every 15 minutes for which the site is unavailable below the level of Guaranteed Availability up to an aggregate maximum of two hours unavailability of the site in any one calendar month provided that you report the unavailability and request the credit in writing to us within two Business Days of the downtime occurring. In the event that you are entitled to multiple credits arising from the same event, such credits shall not be cumulative.
• Approach to resilience: Our hosting partner is Amazon Web Services who operate some of the most secure, state-of-the-art facilities in the world:; - UK and other clients are hosted in Amazon Ireland (across multiple data centers) Backup and Disaster Recovery is at Amazon Frankfurt, Germany; - 24 hour video recording/surveillance.; - Bio-metric entry.; - Dry-pipe fire suppression.; - 20 mins battery power for entire building in case of power brownouts; - Diesel generators for power in case of power blackouts; Hosting Security Overview: ; - All client data encrypted at rest (AES-128); - Encryption of data in transit (HTTPS/TLS – 2048bit); - Firewalls (incl. NAT); - Network monitoring and intrusion prevention (DDOS, MITM, IP spoofing, Port Scanning, Packet Sniffing); - Minimal attack-surface ; - Hosting provider has following accreditations: ISO 27001, PCI DDS Level 1, SOC 1/SSAE 16/ISAE 3402 (SAS70), SOC 2, SOC3 FISMA, DIACAP, FedRAMP, DOD CSM levels 1-5, ITAR, FIPS 140-2, MTCS Level 3, HIPAA, CSA, MPAA; - Dev, QA and Production environments completely segregated ; - Only necessary ports open ; - Trend Micro anti-malware installed; - Hardened OS
• Outage reporting: Our internal monitoring includes tools such as: ; Uptime Robot, AOI Science and AWS Alerting. These provide us emails and sms alerts as to outage or performance issues, along with our own dashboard monitoring. ; Outages are communicated to clients via email with full details as to cause and resolution activity.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Granular user permissions are easily created and managed in Brandworkz by your administrators; setting up appropriate groups, with associated permissions, that multiple users can be added to. The actual configuration of permissions is done through simple clicks against folders that you want to allow or restrict access to.; Your administrators, by virtue of their user profile in the system, will have access to a specific management interface where they alone will be be able to manage elements including: ; -Users; -Groups; -Workflows; -Site Skin (Branding); -Page Templates; -Download wizards; -Hot folders; -Messaging; -Archiving; -Import; -Reports
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA
• ISO/IEC 27001 accreditation date: 13/7/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Our hosting provider is accredited to PCI DDS Level 1, SOC 1/SSAE 16/ISAE 3402 (SAS70), SOC 2, SOC 3, FISMA, FedRAMP, DOD CSM Level 1-5, ITAR, FIPS 140-2, MTCS Level 3, HIPAA, CSA, MPAA
• Information security policies and processes: The hosting provider is accredited to PCI DDS Level 1, SOC 1/SSAE 16/ISAE 3402 (SAS70), SOC 2, SOC3 FISMA, DIACAP, FedRAMP, DOD CSM levels 1-5, ITAR, FIPS 140-2, MTCS Level 3, HIPAA, CSA, MPAA

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Internal change processes to general software: ; • Write business case, ; • Approve business case; • Write technical spec and if relevant design wireframes and visuals ; • Optionally invite interested clients to review if major change/improvement ; • Approve spec; • Enter change as ticket(s) in Jira – including assign to upcoming release ; • Code the changes incl. peer review; • Commit code changes to GIT; • Submit Jira tickets to testing and QA ; • Functional, integration and scalability testing ; • Change will become part of general release and outlined in release notes
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: * Regular scheduled scans with Qualysguard Vulnerability Management (DAST/WAS and VM); * Prioritisation as per Qualysguard severity ranking; * Critical are scheduled for implementation/hotfix immediately; * Hotfix regression tested, deployed and a rescan done to confirm fix; * The timescale for implementing severities less than critical are evaluated on a case-by-case basis and are typically released as part of our software release schedule
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: * QualysGuard penetration and DAST testing.; * Pro-active monitoring of entire environment via AWS Inspector (pro-active monitoring of services/processes, abnormal activity on servers, etc. Scheduled security assessments running automatically, with pro-active alerting).; * Log shipping to protected log store for log files (AWS CloudTrail + shipping of own log files to offsite ElasticSearch index)
• Incident management type: Supplier-defined controls
• Incident management approach: Yes Brandworkz have a well defined and documented approach to cover system and security incidents. Relevant staff are trained in these processes and they are detailed, reviewed and made available to staff in these specific policies: ; 1.Security Breach procedure; 2. Business Continuity Policy; 3. Information Security Policy; Our security breach procedure in particular includes steps for identifying, resolving and reporting on incidents. ; We are happy to supply the full documentation on request.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  CDS is certified to the internationally recognised standard BS EN ISO 14001: 2004 – Environmental Management. The standard underpins our commitment to look after the environment, prevent negative environmental impacts, manage waste and reduce our carbon footprint. CDS is Planet Mark accredited, helping us to transform society, the environment and economy by measuring our carbon and social data. Our Carbon Reduction Plan sets corporate continual improvement goals, strategies and annual targets and CDS has pledged to halve our carbon emissions by 2030 and be carbon-neutral by 2050. The Bailie Group (of which CDS is part), is applying for ISO 50001 Energy Management System certification in 2022, which will focus our efforts on continually improving energy performance. Example initiatives and activities designed to fight climate change include: • Mandatory environmental awareness training for all new staff. Thereafter, all staff are required to complete annual refresher training • Introducing site-wide recycling facilities and waste streaming • Regular staff awareness bulletins on the company’s intranet on environment and sustainability best practices, to encourage behavioural change among staff • Replacing bottled water and disposable cups with personal water bottles and reusable insulated coffee cups, to replace single use plastics • Refurbishing our Leeds office to make it more environmentally friendly including changing the entire building to LED lighting with PIR sensors on the lights and replacing gas boilers with air source heating • Providing season ticket loans for public transport to reduce single car use • Investing in collaboration tools and video conferencing to eliminate unnecessary travel • Adding additional questions into our procurement compliance checklist, to encourage all of our potential suppliers to adopt sustainable practices.
• Covid-19 recovery:

  Covid-19 recovery

  Through our work with local authorities, transport and national infrastructure clients, we have supported many communications campaigns designed to support recovery from the impacts of Covid-19 in local communities. This includes: • Transport for London: working as TfL’s print and communications partner, CDS has supported the campaign to encourage people safely back onto public transport, producing outdoor media, train/bus stickers, signage and leaflets • London Borough of Lambeth: as Lambeth’s print partner, we have supported the borough council with its response to Covid-19, and delivering communications campaigns reaching citizens and businesses. Most recently, this has focussed on supporting recovery and economic regeneration • CDS supported Make it York (an organisation supporting York-based businesses to achieve economic prosperity) to deliver a campaign encouraging shoppers safely back into the city. Other initiaitives and activities include: • Offering opportunities for work experience, such as unpaid student placements • Providing apprenticeships • Improving workplace conditions including effective social distancing, increased cleaning and flexible, hybrid working • Creating employment opportunities for people made unemployed by Covid-19.
• Tackling economic inequality:

  Tackling economic inequality

  CDS provides a range of initiatives designed to create new businesses, new jobs and new skills within our local community. These include: • Apprenticeships and work experience, particularly for people who face barriers to employment. In the past two years, we have provided nine apprenticeship positions at our Leeds head office, of which four have become full-time employees. This year, we plan to offer around 20 new apprenticeship roles across the company. • Local employment: as a national company, CDS operates from six offices, each run as an autonomous business unit, managed by local teams. This regional structure has resulted in CDS becoming a community-focussed organisation, owing to local recruitment. • Engagement with local SMEs to encourage spend in the community. • Volunteering: many CDS staff give up their free time to volunteer as part of our charity initiatives.
• Equal opportunity:

  Equal opportunity

  CDS’ fully hybrid working model enables participation by people from across the country, including people experiencing limited mobility, neurodivergence and/or clinical vulnerability. Our Leeds head office is also highly accessible, with ground-floor access, a disabled toilet, a lift to the first and second floors and step-free access to all meeting spaces and refreshment areas. CDS operates an inclusive and accessible recruitment practice; we actively encourage applications from suitably qualified and eligible candidates regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, and sexual orientation. Our recruitment process is fair, equal, and non-discriminatory and works on the premise that the best person for the role will be offered the job. As part of our people strategy, we will be using the Disability Confident standard to inform how we can provide opportunities for disabled people to join the organisation in the future. Other initiatives and activities include: - STEM Programme: designed to break down barriers that might prevent young people from pursuing a career in technology - Structured staff appraisal process to identify individual skill gaps, and a training programme and assigned budget for delivering Personal Development Plans.
• Wellbeing:

  Wellbeing

  We support the health and wellbeing of our staff through a range of initiatives including: - Employee Assistance Programme -Trained Mental Health First Aiders - Flexible working hours to balance work and home activities - Personal healthcare plan - Staff social committee who organise regular events e.g., quizzes, film nights, meals out - Charity work in support of our chosen charity partner - Organised sponsored physical activities including the Yorkshire Three Peaks and ‘Tour de CDS’ - Cycle to Work Scheme, bike storage and shower facilities to encourage exercise - Free yoga classes and back massages - Quarterly staff engagement survey - Monthly ‘360’ reviews and professional development plans for all staff - Inclusive and accessible recruitment practices - Employee intranet providing regular content on wellbeing topics, including mental health and promoting awareness days such as Time to Talk.

Pricing

• Price: £500 to £1,500 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@cds.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.