Complete Contract Management

Complete Contract Management

Complete® is a cloud hosted Contract and Supplier Relationship Management system created with input from practicing contract and commercial managers. A modern and intuitive user interface supports the streamlining of business as usual, with enhanced features that support contract governance, performance management, and quality monitoring.

Features

• Document repository with unlimited storage
• Monitor FOI requests and link to contracts
• Outlook integration with in-app messaging
• Supplier relationship management capability
• Management reports
• Workflow module with reminders and task allocation
• Flexible Permissions with controlled access
• Contract Finance Module
• Contract Performance module
• Cloud based SaaS solution

Benefits

• Easy contract registration and administration
• Integrated Freedom of Information Management
• Integrated contract performance management
• Integrated contract governance and meeting management
• Integrated contract quality improvement management
• Integrated workflow management
• Integrated contract finance and invoice process management
• Manage Non-contracted Activity Providers and Commissioners
• Defined user roles to support secure access
• Scalable from individual organisation to STP level

£9.99 to £79.99 a licence a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dinah.sackey@completecontractmanagement.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

139102488175250

Contact

Dinah Sackey
0330 043 8785
dinah.sackey@completecontractmanagement.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Hybrid cloud
• Service constraints: N/A
• System requirements: Access to the internet

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: We use Zendesk to support client queries and response times during the week are within 24 hours. Clients can also self manage via the Zendesk portal.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Consultation - Our most comprehensive support will assess your needs, build your solution, plan your transition, and train your product champions - Costs are bespoke according to the needs of the organisation.; ; Implementation Support - Using a mixture of remote and onsite support we’ll help you shape the system to suit your needs. Implementation support is free.; ; Training Service - Ongoing refresher training when you need it, delivered face to face or online- Online training is free, accessed with the use of webinars. Face to Face training is costed according to the needs of the organisation.; ; Knowledge base - A library of information that helps explain the use of the system, accessible by registered users. Access to registered users is free.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Users have access to a demo database for a 12 week trial followed up with a consultation on implementation needs.; The basic implementation involves the set up and deployment of the system and the training of a system champion.; Users can then opt to embed the use of their system with the supplied documentation, self-help videos, and access to the community knowledge base or request full implementation support with a system consultant.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Information stored within the system will be extracted into a secure file and shared with the user within 7 business days.
• End-of-contract process: Included in the price of the contract is the extraction of the users data into a secure file transmitted electronically to the users named destination.; Access to the system will then cease once data extraction is complete.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The user interface adapts to mobile use so users can access the software with their handset. The user interface on a mobile can be viewed in landscape or portrait mode.
• Service interface: Yes
• Description of service interface: Internet based user interface with a login landing page
• Accessibility standards: None or don’t know
• Description of accessibility: Interface is primarily text based.; Non-text based is limited to bar charts, and graphs but text alternatives are included with charts and graphs to explain visuals.; There is no audio on the interface.; Colour contrast ratio is 10.86:1 for most of the text, some link text ratio is 4.17:1 and some call to action buttons at 2.61:1 however colour is not used as the only visual means of conveying information, indicating an action, prompting a response, or distinguishing a visual element.
• Accessibility testing: None
• API: No
• Customisation available: Yes
• Description of customisation: Basic - Buyers can request the user interface is rendered to reflect corporate colours and branding.; Enhanced - A feature request process allows end users to suggest feature developments that are shared with the user community. Those that are deemed of strategic importance to end users and the systems functionality are progressed as part of our systems development strategy.

Scaling

• Independence of resources: The system storage configuration allows for scalability on demand.

Analytics

• Service usage metrics: Yes
• Metrics types: User access and user activity within the interface.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2012
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data is uploaded into the system via the systems own user interface. Export of data is then via the user interface, as uploaded by the user.; Data that is entered into the system as part of performance monitoring can be exported as a CSV or XLS file.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XLS
  • PDF
  • Word
  • PowerPoint
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XLS
  • PDF
  • Word
  • PowerPoint
  • JPEG
  • PNG

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: With our hybrid cloud arrangement with have an SLA with a third party hosting provider that offers 99.9% availability.
• Approach to resilience: Available on request
• Outage reporting: Community Dashboard and; Email Alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
• Other user authentication: Users can only access the service once their organisation has purchased the requisite licence(s). A secure portal is then created for the user and access is granted to users by the purchasing organisation. Access is via username and password.
• Access restrictions in management interfaces and support channels: Support staff have access to the community portal and not the client system.; Technical staff have access on permission and access is removed once issues are resolved.; All access is via username and password controlled interfaces.; Technical support systems are not interlinked to the software so access by support staff is manual, and permission based.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Username or password
  • Public key authentication (including by TLS client certificate)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: Yes
• Any other security certifications:
  • Software is hosted in a PCI DSS Level 1 environment
  • Software is hosted in a ISO/ IEC 27001 environment

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: The Managing Partner in the business is the Responsible Officer.; ; We manage our security processes in line with our Information Governance Policy; ; We have a Service Level Agreement and Disaster Recovery Policy with our 3rd party data hosting provider.
• Information security policies and processes: The Managing Partner is the Senior Responsible Officer.; We have an Information Governance Framework that includes the following policies;; Access Control & Password Policy; Asset Management Policy; Remote Access Policy; Clear Desk Policy; Email Usage Archive Policy; Asset Register; Information Security Policy; Data Protection Policy; ; Our Managing Partner is the Senior Responsible Officer

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our CTO oversees configuration and change management.; To maintain a secure code base changes - whether initiated by internal strategy or external requests - are logged and assessed for suitability. If agreed the development team and CTO capture the detail of the required change, timeline for development, impact to the system functionality and any potential security concerns. Changes undergo 3 levels of testing before being introduced into the live environment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our CTO is the Senior Responsible Officer for vulnerability management.; ; Our development team horizon scan for general security concerns, ensure that the code base remains up to date, and that systems in use are up to date and have all necessary / relevant patches.; ; We maintain a security events log where we record all events, incidents and breaches.; ; Our 3rd party hosting provider continuously monitor for potential threats and immediately deploy patches for major threats.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our 3rd party provider conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402. Our SLA with our 3rd party provider provides 24/7/365 support in responding to known incidents that are within their control.; ; Our local systems record all login attempts: originating IP address, time and success/fail against each user account and our system is configured to automatically log users out after periods of inactivity and lock users out after an incorrect password is entered x times.
• Incident management type: Supplier-defined controls
• Incident management approach: There are pre-defined processes for common events like undetected bugs.; Users can raise incident reports via our customer portal using a ticketing system that's assigned to service desk manager.; Incidents that need developer involvement are escalated for resolution.; Updates are provided via the portal and response/resolution targets are detailed in our SLA.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Pricing

• Price: £9.99 to £79.99 a licence a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: 12 Weeks unsupported access to trial the system.; All functionality is included.; Access to the community hub is not included.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dinah.sackey@completecontractmanagement.com. Tell them what format you need. It will help if you say what assistive technology you use.