We give our clients the ability to radically align their proposition with the demand in their market/information space, satisfying users and growing market share in the process.
It drives competition analysis, buying/content strategy, supplier analysis, range/category/information extension, PIM, online product filtering, extended conversion rate optimisation, on-site search and information architecture.
- Remote access
- Browser based
- Visualised insight
- Action lists - and action-forwarding
- Mapping large scale demand data to services and products
- Performance reporting for continuous alignment to demand
- Information architecture creation and transition
- Onsite search capability enhancement (Endeca, Funnelback, Solr etc)
- Easy integrations with client systems e.g. project management, chat, analytics
- Organic search performance management
- Shifting operational focus from supply-led to demand-led
- Prioritisation operational tasks towards greatest value
- Seeing the whole market/information space in one view
- Insight to inform product or information range-extension
- Supporting your clients in finding what you offer
- Aligning internal culture to external demand
- Clear and simple visualisation without losing valuable information
£50000 to £1125000 per unit
- Education pricing available
Search Johnston (t/a Kaiasm)
0330 223 1164
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||
Analytics e.g.: Google Analytics; Adobe Analytics.
On-site search technologies e.g.: Solr; Endeca; Funnelback; ElasticSearch; Algolia; Fredhopper; Attraqt.
Agile project management e.g.: Jira; Trello; Github; Zenhub.
Internal services and products
|Cloud deployment model||Hybrid cloud|
|Email or online ticketing support||Yes, at extra cost|
|Support response times||
Response and resolution times for each priority level during standard UK operational hours (Monday to Friday, 9-5, excluding bank holidays), unless the SoW between the client and supplier specifically includes provisions for out of hours support.
Service not available. Response 1 Hr, Resolution ASAP – Best Effort.
Significant service degradation. Response 2 Hrs, Resolution ASAP – Best Effort.
Limited degradation of service (limited number of users or functions affected, business process can continue). Response 4 Hrs. Resolution 8 Hrs.
Small service degradation (business process can continue, one user affected). Response 8 Hrs. Resolution 8 Hrs
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.0 AA or EN 301 549|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Yes, at an extra cost|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.0 AA or EN 301 549 9: Web|
|Web chat accessibility testing||
We tend to simply integrate with a client's existing favoured chat client - slack, skype, LYNC etc. WCAG is not really applicable to non-web applications such as these, but in terms of practical accessibility to people with disabilities, enabling them to use their own tools is more effective than trying to write another. Thus our web chat is essentially a slack or LYNC channel exposed within the app.
Our Research Director wrote or edited many of the specification support documents for the W3C WCAG and was an Invited Editor to the W3C WAI for many years.
|Onsite support||Onsite support|
We are with our clients for the long game. Our support aims to partner with the client to remove any organisational, operational, technical and even financial obstacles from the path of the project. Implementation support is included within the project cost, with further support levels available (and costed) on a case by case basis.
We provide a technical account manager as part of the service.
|Support available to third parties||Yes|
Onboarding and offboarding
Help-as-you-work via tooltips and keys
SCORM-compliant training modules via moodle or integrated into client's own training system.
|End-of-contract data extraction||
Via download through the user interface.
For the client's convenience, this may be accomplished for a period after the contract ends via a support request.
The service is suspended and the client can download their data.
Support of ingestion into other systems is available at extra cost - for example, if a particular schema is required.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Visualisations are smaller, and the layout changes, but all functionality is in place.|
|Accessibility standards||WCAG 2.0 AA or EN 301 549|
|Accessibility testing||We test with VoiceOver, and JAWS, as well as keyboard-only operation.|
|What users can and can't do using the API||We provide a read API for most aspects of the service. Bulk writes would be done via a support request.|
|API documentation formats||
|API sandbox or test environment||Yes|
|Description of customisation||
Customisation: every view can be customised via filters, reorders and data cuts. Most aspects of the visualisation (labels, number of nodes shown) are also custom options
Bespoking: the tool is often bespoked to the particular needs of large clients.
|Independence of resources||
Each client gets their own instance or set of instances within AWS.
We also give uptime guarantees within our SLA for our digital tools (see 'guaranteed availability' below.
|Service usage metrics||Yes|
Demand Alignment ratio
Google Analytics (sessions, visitors, pageviews etc.)
Actions (sent via email or via a project management tool integration)
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||Less than once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||Via the web application.|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||We'll take anything digital.|
|Data protection between buyer and supplier networks||
|Other protection between networks||IP whitelist|
|Data protection within supplier network||
|Other protection within supplier network||IP whitelist|
Availability and resilience
Uptime of covered services is guaranteed to a certain percentage of time within UK office hours, which is 9am-5pm Mon-Fri excluding bank holidays (the services will normally also be available outside these hours). The level of guaranteed uptime depends on the priority level of the service:
Priority level Guaranteed uptime
Uptime is calculated to the nearest minute, based on the number of minutes in the given month within the scope of the SLA. If uptime for any item drops below the relevant threshold, a penalty will be applied in the form of a credit for the client.
The level of penalty will be calculated depending on the number of hours for which the service was unavailable, minus the downtime permitted by the SLA:
Priority level Penalty per hour (Pro-rated to nearest minute)
1 5% of monthly charge for covered service
2 2% of monthly charge for covered service
3 1% of monthly charge for covered service
Uptime penalties in any month are capped at 100% of the total monthly fee of the covered service
Uptime measurements exclude periods of routine maintenance. These must be agreed between the supplier and client in advance.
|Approach to resilience||Available on request.|
|Outage reporting||Configurable email alert.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
- User roles
- IP address whitelisting
Admin interfaces and access
- Private Key
- 2-factor authentication
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||We comply with those aspects of ISO/IEC 27001 we deem applicable to our type and size of company and service. We do not hold sensitive or personally identifiable data, and where non-commercial would normally be appropriate for open realease, so the security hazards are comparatively low.|
|Information security policies and processes||
We have policies processes and reporting based on those parts of ISO27001 appopriate to our size and type of business, together with UK Cyber Essentials. We use an Assets, Threats and Vulnerabilities risk model.
We hold information in electronic media (databases, files in PDF, Word, Excel, and other formats), and on paper either as printed materials or handwritten notes. We hold it on behalf of employees, clients, suppliers and partners, and we provide various elements of it as appropriate and reasonable to shareholders, our country’s government agencies and regulators, the media, and the local community.
Our information systems include systems and data attached to our data or telephone networks, systems managed by us, mobile devices used to connect to our networks or hold our data, data over which we hold the intellectual property rights, data over which we are the data controller or data processor, and communications sent from or to us.
Information security policies (available on request):
- Access Control
- Cryptographic controls
- Disaster recovery
- BYOD and Work from Home
Cyber security policies (available on request):
- Anti malware
- Removable storage
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Available on request.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
We use an assets/threats/vulnerabilities model. Resisters of these are available on request.
Update/Patch policy: Devices, apps and software are patched as soon as possible after an update or patch is released. We may defer to end of working day, but then let it update. Operating systems, programs, phones and apps should all be set to ‘automatically update’ wherever this is an option. Any software or hardware which is no longer supported must be reviewed by IT for safety.
Information about potential threats gleaned from OWASP Threat Agent content, the Intel Threat Agent Library (TAL) and Threat Agent Risk Assessment (TARA).
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
For logging and alerting, we are aiming to meet the GPG-13 baseline control set: PMC1, PMC4, PMC7, PMC9, PMC10, PMC1, PMC12.
Identification also via network intrusion and prevention tools (e.g. snort)
Response alerts senior sysadmin and Head of Research to a compromise, with third party assistance (e.g. via AWS) brought in as necessary.
Response to incidents is ASAP (best efforts) for high priority systems,
1 hour (working hours) for low priority systems.
|Incident management type||Supplier-defined controls|
|Incident management approach||
We have processes for common events (e.g. port probes) and rare events (denial of service attacks).
Users report inicidents via standard support channels.
Incident reports provided via issue management system (github)
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£50000 to £1125000 per unit|
|Discount for educational organisations||Yes|
|Free trial available||No|
|Pricing document||View uploaded document|
|Terms and conditions document||View uploaded document|