ICONI Software Ltd

Customer Engagement & Progression CEP Software

ICONI’s Customer Engagement & Progression (CEP) platform is designed to help organisations that support individuals. It enables organisations to case manage their support programmes and achieve optimal outcomes, ensure compliance and accelerate performance. CEP can be used for Employability, Health & Wellbeing, Skills & Learning, Rehabilitation and Economic Development.

Features

  • Customer/Individual Engagement Tracking: with full support journey with progression stages
  • Referral Management: external referrals/enquiries and internal referrals
  • Diary/Calendar Management: with meetings, correspondence and SMS/Email reminders
  • Event & Course Management: single and multi-session with attendance tracking
  • Integrated, Customer & External Assessments: sector-specific assessments with distance travelled
  • Action Planning: support interventions/sessions catalogue with action plan generation
  • Outcome Management: hard/soft progression outcome recording, goals and approval process
  • Supply Chain & Organisation Management: profiles, sites/locations, expenses and contacts
  • Reporting: real-time activity, user defined custom export and Business-Intelligence Interface
  • Sector Specific: Vacancy/Employer Relationship/Specialist Support, Portal, optional PbR Financials

Benefits

  • Sector specific, designed by experts and streamlined for operational delivery
  • Visualisation of individual support journey and progression optimising positive outcomes
  • Multi-programme configurable, for similar projects or different sector-based programmes
  • Supply-Chain ready to manage delivery partners, sub-contractors and specialist providers
  • Intervention Catalogue capturing your support services, resources and delivery knowledge
  • Comprehensive and extensive range of reusable features to fast-track on-boarding
  • Accessible Customer Portal, bridging the digital divide and enabling self-service
  • Continual evolving and improving platform that delivers return on investment
  • Easy to use user interface reducing training/on-boarding overheads across programmes
  • Designed in a secure, ISO27001 accredited environment, hosted within Azure

Pricing

£65 per user

Service documents

G-Cloud 11

164940688428115

ICONI Software Ltd

Liam Jordan

028 90319300

l.jordan@iconi.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints There are no constraints to the CEP solution as it is optimised for the number users, however full training for users is advised before use of the system.
System requirements
  • CEP is accessed via a standard browser
  • There are no other system requirements

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Initial response times during normal business hours are as follows:

- Critical Faults: 4 hours
- Serious Faults: 6 hours
- Minor Faults: 8 hours
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels There is a single support level for the CEP service, which is covered in the costs. Users can access support via phone, email or via the built-in help within the service. Support is provided during normal business weekdays and from 09:00 to 17:00 and incidents can be raised 24x7x365.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The ICONI Help-desk would issue the authorised user with a username and password via email. Users must change their password on login to access the service. Users can then start to use the service, assuming they have received the appropriate operational and system training. Training will be agreed as part of the high-level analysis of the project. ICONI can offer on-site training, user-guides or WebEx training.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction When the contract ends, an authorised user would request the data from the CEP service via the Helpdesk. The Helpdesk would then arrange to extract the data to a SQL backup, which will be fully encrypted and securely transferred to the authorised user.
End-of-contract process At the end of the contract, all user access will be removed and the access to the system will be terminated. Additional off-boarding costs apply where further services are required and this would be agreed as part of the End-of-Contract process. For example, this could include data extraction and transfer with backup services being shut down.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The ICONI advisor based solution is desktop only, however, the Customer Portal provides a responsive web design experience that fully supports access by Customers through Mobile, Tablet and Desktop devices.
Service interface Yes
Description of service interface The service interface is accessed via a standard Internet browser.
Accessibility standards None or don’t know
Description of accessibility The Customer Portal is accessible to W3C Web Content Accessibility Guidelines (WCAG) 2.0 up to conformance level AA.
Accessibility testing The Customer Portal interface has been successfully tested with Keyboard-only, Voice Activation, Screen Reader and Low Vision assistive technology.
API Yes
What users can and can't do using the API We expose key APIs in the form of a secure web service which can be configured within CEP solution to transfer data (pull or push). This approach ensures data integrity and security. These APIs enable data (e.g. Enquiries) to be captured on external systems (such as a website) and transferred to the CEP solution.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation CEP contains a wide range of features and these can be enabled and customised for users. To customise, users would contact our Helpdesk and request the changes which would then be analysed, configured and enabled as part of the service.

Scaling

Scaling
Independence of resources Each CEP solution is dedicated to the buyer and is designed to be optimised for the number of users that can concurrently access it.

Analytics

Analytics
Service usage metrics Yes
Metrics types CEP metrics are provided on request via the Help-desk (based on ITIL best practice) and includes: number of current registered users, the number of tickets (and types) in the time frame, support trends and breakdown of all tickets.
Reporting types Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Authorised users can export data via CEP lists and or the built-in data export reports which outputs the data in a structured CSV file format.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability CEP availability is 99% and can be increased under SLA options. In the event that CEP experiences downtime during the contract for a period longer than five consecutive business days and where such downtime is wholly attributable to the supplier, the supplier shall pay to the customer a service credit of 1% of the equivalent annual charges.
Approach to resilience CEP has been designed under ISO27001 for security, high availability and resilience. The service is continually monitored by our Helpdesk and contingency plans are in place in case of failure. CEP is hosted on the Microsoft Azure cloud platform which has a range of resilience options.
Outage reporting Email alerts are sent to key users as part of the Helpdesk support and problems managed under ITIL standards and best practice.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Access in management interfaces and support channels is restricted via the user’s pre-defined role, which can then be adjusted via the functions they are authorised to access. The user roles and access authorisation is confirmed with the Helpdesk before access to CEP solution is enabled.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 SGS United Kingdom Ltd
ISO/IEC 27001 accreditation date 22/08/2018
What the ISO/IEC 27001 doesn’t cover In the ISO27001:2013 Statement of Applicability the following are not covered: A.13.1.3, A.14.1.2, A.14.1.3, A.14.2.7
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes ICONI Software is involved in the design, implementation and support of a range of software systems and as such, it is the policy of ICONI to provide the highest possible quality of services to all our clients in accordance with the requirements of our ISO9001, ISO27001 accreditations and ITIL best practice. Our site and CEP solutions are fully secure and we are committed to ensuring that information security is given the highest possible degree of importance. Information is central to our business and it is our aim to ensure that the confidentiality, integrity and availability of this information is protected at all times. External audits are carried out twice yearly alongside periodic internal auditing and continual reviews for potential non-conformance.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Ongoing system configuration and changes to a CEP solution will be managed by the Helpdesk under a defined change control process. Changes can be requested via the Helpdesk and their impact is analysed, estimated and agreed before implementation. All changes are tracked within our development environment. Changes may impact existing functional components or new components may be added. In both cases, changes are fully tested for potential security impact following our ISO27001 accredited policies and procedures.
Vulnerability management type Supplier-defined controls
Vulnerability management approach CEP is hosted on Microsoft Azure which has options for vulnerability assessments. Our development team regularly accesses the CEP framework for vulnerabilities and any threats detected are prioritised with our Help-desk. Depending on the threat level, patches to the CEP service can be deployed on the same day of detection. Information on potential threats comes from the Azure Security Centre.
Protective monitoring type Supplier-defined controls
Protective monitoring approach ICONI's CEP solution has in-built reporting for potential compromises, which is linked the Helpdesk. A priority incident is automatically generated and notified to the Helpdesk team for investigation, analysis and resolution. Potential compromises are acted upon immediately and escalated to the relevant team for resolution e.g. the update may require a patch and deployment which can happen on the same day.
Incident management type Supplier-defined controls
Incident management approach CEP incident management process follows ITIL best practice, which is integrated into the Help-desk and is also linked directly to the CEP solution so that users can submit support tickets directly. Users can also contact the Helpdesk for support via telephone or email. Once the incident has been reported, the user receives a unique ticket number reference. Incident reports are generated from the Help-desk system and provided to the users on a periodic basis via email.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £65 per user
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑