VIATEL TECHNOLOGY UK LTD

Software Design and Implementation Services

We work in partnership with you to design and implement solutions that realise your business needs. We can also onboard current business systems with a view to maintaining and enhancing the functionality to better meet the business needs.

Features

• Bespoke Applications development
• Application Support & Maintenance
• Operational Systems
• Digital Transformation Services

Benefits

• Customer IP ownership - Upon a projects completion
• Bespoke solution best meeting individual organisation software requirements
• Full project visibility and budget control
• Flexible experienced development
• Phased implementation available
• Support solutions available
• Agile Sprints

£800 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gerard.mccann@viatel.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

994127926778361

Contact

Gerard McCann
+447590689465
gerard.mccann@viatel.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Primarily a Microsoft partner developing solutions with .NET and hosted on Azure. Given the bespoke nature of our work constraints may depend on the customer requirements and can be discussed with the customer.
• System requirements: Customer dependent.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The service desk operates between 8am to 5.30pm Monday to Thursday and 8am to 5pm on Friday. Out-of-hours service, up to and including 24x365 support, is available and is customisable to customer needs to match the operating hours of the business. Priority Response Target Resolution Planning Resolution Target 1 15 mins 40 mins 4 working hours 2 15 mins 1 working hour 6 working hours 3 15 mins 4 working hours 8 working hours 4 15 mins 12 working hours 24 working hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Software support will be provided to an existing client only. Software support is recommended to only be used when there is likely to be technical queries on the software system as opposed to significant quantities of questions from end-users. Software support provides first, second- and third-line support to the existing client Helpdesk.; The support service covers phone, email and remote desktop support and bug fixes. Support covers completed work only. Additional features (new modules) will be quoted and agreed upon on a case-by-case basis. Scope and cost of service is subject to customer requirements. We can provide a technical account manager or cloud support engineer or equivalent according to customer requirements.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Our onboarding process includes workshops with the customer to understand their current environment in greater detail and to provide recommendations on what activities, upgrades or adjustments are required in order to support the SLA requirements. Recommendations are provided in the form of a RAG report, identifying the areas requiring focus in the short, medium and long term. During this process we conduct a site visit to facilitate environmental familiarisation. We collect relevant information relating to the existing environment including third party vendors and manage communication with these vendors when required. We will also collect all relevant information regarding software system licenses/certificates and keep lifecycle track of same. The goal is to align the new service with your organisational requirements and operations. The scope includes the management of the processes, the interrogation of the code base, perform deployments and identify systems and functions to transition to us as service provider. The transition plan will schedule and coordinate the resources required to deploy the managed services within the cost, time and quality targets and provide a coherent structure for assessing the service capacity and risk profile before a new service is released. Onboarding will be scoped and price according to customer requirements.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Any data related to our service e.g. knowledge base articles, credentials, asset information etc will be made available to the customer. The software developed is owned by the customer. Offboarding can be scoped and costed according to customer requirements.
• End-of-contract process: We understand the importance of retaining the flexibility to transition smoothly between suppliers and solutions, while ensuring continuity and quality of service. We will facilitate an effective exit arrangement and transition to provide this flexibility. We will work with customers to provide input into a comprehensive exit plan, for example, covering elements such as: • continued provision of the services for the duration of any termination notice and, if necessary, for a transitional period afterwards • transfer of knowledge, codebase and documentation in connection with the services provided • reasonable assistance to customers in connection with a re-tender of all or part of the services • general assistance and co-operation. Off boarding costs would typically be covered by the contract however we can appoint an exit manager to support the transition and can work with customers to scope the level of involvement required and provide an estimated cost for any work that is outside any existing contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: This is customer requirements driven. Our default would be for the development of software that can be made available on desktop or mobile.
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: No
• Customisation available: Yes
• Description of customisation: Viatel custom software development involves the creation of tailored software solutions designed to meet specific customer requirements. Unlike off-the-shelf software, which offers generic functionality and features, custom software is built from the ground up to address unique challenges, automate workflows, and deliver distinct competitive advantages. This bespoke approach allows businesses to optimize processes, enhance productivity, and innovate.; ; The process typically begins with an analysis of the client's requirements, objectives, and constraints. This may involve conducting interviews, workshops, and stakeholder meetings to gather insights into the business processes, user workflows, and technical architecture. ; ; Once the requirements are defined, the design and development phase begins, where the system architecture, user interface, and underlying codebase are created. Agile methodologies are employed to facilitate flexibility, collaboration, and rapid iteration throughout the development process.; ; Throughout the development lifecycle, rigorous testing and quality assurance practices are applied to ensure that the software meets the specified requirements and performs reliably in production environments. It is then deployed to the client's infrastructure or cloud environment, where it undergoes further validation and acceptance testing. Ongoing maintenance and support services are offered to address any issues, implement updates, and provide technical assistance as needed.

Scaling

• Independence of resources: In terms of the human resources element, engagements include a service continuity and risk management element. A team of resources is identified along and they prioritise any issue according to severity and according to your defined SLA. Cross functional training is core to ensure cover is available at all times to support service continuity.

Analytics

• Service usage metrics: Yes
• Metrics types: We can provided regular reports according to customer requirements.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: This is customer system and requirement dependent based on the system being supported. The data and code base is owned by the customer and Viatel will assist in ensuring that data is exported in a secure and efficient manner. Viatel are ISO27001 certified.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: Data type dependent
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats: Data type dependent

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Availability is customer requirement and hosting service dependent. We can provide hosting services and this is a more streamlined process. We manage the code base according to the agreement in place.
• Approach to resilience: Availability is customer requirement and hosting service dependent. We can provide hosting services and this is a more streamlined process. We manage the code base according to the agreement in place.
• Outage reporting: Availability is customer requirement and hosting service dependent. We can provide hosting services and this is a more streamlined process. We manage the code base according to the agreement in place. If there is a monitoring agreement in place we will provide alerts via email or as outlined in your agreement.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: In line with ISO 27001 we have an access controls policy to protect customer data. Role based access control and periodic access audits help secure sensitive customer information e.g. credentials which are managed by dedicated applications. Any increase in user access rights are all managed by the change advisory board. Role Based Access Controls are in place for all employees, only employees operating in a service capacity have access to managed systems. Auditing is also in place to identify access requests.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NSAI
• ISO/IEC 27001 accreditation date: 7th August 2017
• What the ISO/IEC 27001 doesn’t cover: Applicable to the following areas: Physical and cloud-based IT Systems & Networks utilised for internal business operations and delivering services to customers Business activity related to delivering IT services and IT support, including provisioning, maintaining & supporting IT infrastructure, digital applications and IT consultation services Business activity related to delivering software development services Staff and assets that support this business activity both in offices and working remotely.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Azure Security Engineer
  • Azure Security Administrator
  • Fortinet Network Security
  • Fortinet Cybersecurity
  • Sonicwall Network Security

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We have an ISO 27001 certified information security management system (ISMS) which helps to protect information through a centrally managed framework. The system is supported by the board of management and senior management. ISO 27001 sets out a recommended list of 114 controls that include policies on information security. These outline our commitment that all activities are intended to be consistent with the requirements. In line with ISO 27001 we have an access controls policy to protect customer data. Role based access control and periodic access audits help secure sensitive customer information e.g. credentials which are managed by dedicated applications. Any increase in user access rights is managed by the change advisory board. All employees are appropriately trained on our Information Security policies and kept up to date on any additions or changes to the policies. Training is mandatory prior to receiving access to information or services. After initial training during induction, employees have recurring annual refresher training on current threats, as well as material changes to policy. This training is conducted by annual refresher seminars or continual reminders (such as posters, e-mail or intranet newsletters, etc.) Senior Management are responsible for on-going policy education and training policy.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: In line with ISO27001 we have a Change Advisory Board in place to support change authorisation, assessment and prioritisation. The CAB allows changes to be assessed from both a technical and a business viewpoint. Conflicts of schedule between future changes can be identified. The CAB is comprised of the Director of IT Services, the Head of Support Operations and the Support Services Manager.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: PEN Testing is completed on externally facing Viatel IP's every 2 years with the last test completed November 2022. Vulnerability scanning is performed by an independent third party (Henocon). Regular vulnerability scanning is completed every month. Any vulnerabilities identified are managed and tracked according to severity until they are closed out. A formal review is carried out every 6 months.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our Proactive Maintenance service covers the scheduled review of patching and firmware revisions on all hardware and hypervisor platform software under contract. It is typically performed by remote engineer services outside of normal business hours. The service aims to identify areas of concern (risks and recommendations) regarding infrastructure health (security patching/settings, firmware(s), warranties, End of Support/Life dates, etc.) and version compliance. The primary output of the review is to determine follow-up remediation actions and schedule required maintenance windows with the customer where required to ensure the environment is fully up-to-date, secure, and compliant with industry best practices and standards.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have an incident management process in place to ensure incidents are reported and managed in line with our ISO27001 certification. Incidents are directed to the Director of IT Services. Incidents are classified as follows: P1 High - Incident poses an immediate threat to all information processing systems which could result in criminal charges for example a network wide virus outbreak. P2 Medium - Incident poses a threat to a number of information systems P3 Low - Incident poses no immediate threat to information processing systems How the customer is informed will depend on the severity of the issue

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our goal is to achieve Net Zero emissions by 2050 or before. We completed a Carbon Reduction Plan in accordance with PPN 06/21 and associated guidance and reporting standard for Carbon Reduction Plans. Emissions have been reported and recorded in accordance with the published reporting standard for Carbon Reduction Plans and the GHG Reporting Protocol corporate standard and uses the appropriate Government emission conversion factors for greenhouse gas company reporting. . Scope 1 and Scope 2 emissions have been reported in accordance with SECR requirements, and the required subset of Scope 3 emissions have been reported in accordance with the published reporting standard for Carbon Reduction Plans and the Corporate Value Chain (Scope 3) Standard3 Carbon Reduction Projects The following environmental management measures and projects have been completed or implemented since the 2020/21 baseline. Service Offering Restructure: - Roll Out of our Proactive Monitoring Service. Reduces the requirement for onsite preventative maintenance tasks and therefore minimising carbon emissions. Fleet Improvements: - Reduce the number of company vehicles - Operational Improvements: Plan Routes and schedule customer onsite appointments carefully in order to minimise unnecessary carbon emissions - Improve driver behaviour: Informing drivers of the impact of idle engines on carbon emissions and rewarding fuel efficiency. Estate and Premise Improvements: - Installation of LED Lighting in offices - Open floor plan to allow light to flow freely and reduce the number of bulbs required. - Encourage all employees to keep things digital where possible - We provide Office plants as a means to improve office air quality and improve the office environment. Company Policy: - Roll out of our first Carbon Reduction Plan - Implementation of effective but flexible working policies that encourage remote working and reduce carbon emission from unnecessary travel.

  Covid-19 recovery

  When Covid-19 began, we had already set up all staff to work remotely which enabled staff to remain at work. All staff have laptops and VPN licences for connectivity. We are a cloud led business which is fundamental to our operational strategy. Our staff are still set up to work remotely. We facilitated remote and flexible working during and after the pandemic allowing employees to balance work and the change in family care systems that was required. Social distancing was implemented where employees chose or were required to come into the office for a specific purpose. We have an employee assistance programme available which includes expert wellness advice, a library of wellbeing content and webinars, counselling and financial and legal information services. Our policy has always been to attract and enable more employees to become involved in the IT sector. e support a programme with the National Coding Institute to increase participation of women in the software industry. The programme gives unemployed and unskilled females the opportunity to obtain a qualification in Software Programming. Graduates from this programme are given the opportunity to join Viatel for work experience and mentoring with a view to leading to full time employment. We have supported non-EU born employees by sponsoring work permits to allow them and their families move to Ireland and work legally. We have also supported several employees to return to and work from their home countries during the pandemic, allowing them to be with their families during difficult times.

  Tackling economic inequality

  We support a programme with the National Coding Institute to increase participation of women in the software industry. The programme gives unemployed and unskilled females the opportunity to obtain a qualification in Software Programming. Graduates from this programme are given the opportunity to join Viatel for work experience and mentoring with a view to leading to full time employment. We also offer paid Internships to IT students from local universities whereby they benefit from on the job learning and mentoring by our more senior employees. After graduating they can progress to our Graduate Programme with a learning and development programme for them to progress within the organisation. Traditionally the IT industry in Ireland is male dominated with an average of 22% female participation. We have increased female participation from 21% to 25% in past year and have a target to reach 35% by 2025. We aim to reach this by continued participation in programmes listed about and also reaching out to schools promoting IT as a career for young girls. In 2022, we welcomed the opportunity to publish our gender pay gap analysis for the first time, reporting a gap of 4.3%. That was an excellent result – we compared well the national average of 11.3% and exceptionally well when compared to our peers and competitors. Our mean pay gap in 2023 has fallen from 4.3% to just 0.2%. We more eager than ever to keep building on this momentum and strive towards even more female representation at Viatel. We have supported non-EU born employees by sponsoring work permits to allow them and their families move to Ireland and work legally. We have also supported several employees to return to and work from their home countries during the pandemic, allowing them to be with their families during difficult times.

  Equal opportunity

  We support a programme with the National Coding Institute to increase participation of women in the software industry. The programme gives unemployed and unskilled females the opportunity to obtain a qualification in Software Programming. Graduates from this programme are given the opportunity to join Viatel for work experience and mentoring with a view to leading to full time employment. We also offer paid Internships to IT students from local universities whereby they benefit from on the job learning and mentoring by our more senior employees. After graduating they can progress to our Graduate Programme with a learning and development programme for them to progress within the organisation. Traditionally the IT industry in Ireland is male dominated with an average of 22% female participation. We have increased female participation from 21% to 25% in past year and have a target to reach 35% by 2025. We aim to reach this by continued participation in programmes listed about and also reaching out to schools promoting IT as a career for young girls. In 2022, we welcomed the opportunity to publish our gender pay gap analysis for the first time, reporting a gap of 4.3%. That was an excellent result – we compared well the national average of 11.3% and exceptionally well when compared to our peers and competitors. Our mean pay gap in 2023 has fallen from 4.3% to just 0.2%. We more eager than ever to keep building on this momentum and strive towards even more female representation at Viatel. We have supported non-EU born employees by sponsoring work permits to allow them and their families move to Ireland and work legally. We have also supported several employees to return to and work from their home countries during the pandemic, allowing them to be with their families during difficult times.

  Wellbeing

  Viatel are compliant with all applicable employment regulations. We offer a range of employee benefits including flexible and remote working options, additional paid leave over the summer, employee pension scheme, access to health insurance and income protection and death in service benefit. Viatel employees can also avail of an Employee Assistance Programme provided by a third party provider to support them to thrive at home and at work. The programme has the following features. Wellbeing content - a library of health and wellbeing content, a monthly newsletter and information on events on webinars via dedicated online portal. Counselling: Access to 24/7 counselling by phone and/or face to face appointments. Parenting Coach: Access to trained professionals over the phone for support and information on everyday parenting challenges. Career Coach: Guidance on your career path and discussion of work related issues. Manager Helpline: Access to a senior clinician for guidance and support on managing collegues and building a productive work culture. Financial and Legal Information: Access to a team of qualified financial and legal representatives for guidance on money or legal matters. Cognitive Behavioural Therapy (CBT) : Living Life to the Full CBT online self support programme. Critical Incident Management: Access to a rapid response service delivered by trained critical incident teams.

Pricing

• Price: £800 a unit a day
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gerard.mccann@viatel.com. Tell them what format you need. It will help if you say what assistive technology you use.