Levett Consultancy Ltd

Parago Asset Management

Levett Consultancy provides out Parago,a powerful IT and Software Asset Management system controlled through an intuitive visual interface. Designed to be easy to use, yet providing the flexibility and features demanded by high-end systems.


  • Asset, IT & Inventory
  • Dashboards & Reports
  • e-sign Document Manager
  • Asset Discovery
  • Contract Management
  • Centralise contract management for cost savings


  • Push dashboard templates to all accounts in your schools
  • Fully customisable dashboards using simple rules and conditions
  • Easily export your dashboard to Excel and CSV files
  • Restrict user permissions by categories to allow or deny access
  • Monitor the use of IT equipment and software
  • Link contracts to specific assets (e.g. boiler)
  • Manage and oversee multiple sites
  • Sub groups for regions/hubs within MATs and districts
  • MAT/District central office account
  • Securely manage user access and permissions


£500 per unit

  • Education pricing available

Service documents


G-Cloud 11

Service ID

1 7 3 5 9 6 6 4 9 7 8 2 7 4 4


Levett Consultancy Ltd

Joanne Levett

01279 799256


Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to TBC
Cloud deployment model Public cloud
Service constraints None
System requirements A modern web browser is required

User support

User support
Email or online ticketing support No
Phone support No
Web chat support No
Onsite support No
Support levels Parago provides a single level of support for Parago Asset Management in line with other enterprise service providers, the terms of support can be found here: https://www.paragosoftware.com/terms-and-conditions/. Additional Levett Consultancy reseller support is available at an additional cost.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started On boarding services are covered within the Parago software license provided by Levett Consultancy. If required, at an additional cost, Levett Consultancy provides a fully comprehensive asset management service that includes consultancy, deployment, training, and support.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Customers have this 90 day period to extract their data from the account using our reporting engine to export from whatever module they would like.

After the contract has expired, users have 1 month to request their data.
End-of-contract process 90 Days before the end of a contract, customers are informed that the account will expire by our accounts team.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service A dedicated Parago mobile app is available both for iOS and Android which provides a bespoke user experience tailored to the operating system to each operating system.
Service interface Yes
Description of service interface Parago Asset Management Software is accessed using a modern web browser from any device. Parago Asset Management Software is also available on Android from the Google Play store and iOS devices from the Apple App store.

The Parago dashboard gives you a visual representation of your organisation's asset data extracted from the integrated reporting system across Premises & Compliance, IT & Inventory, Contract Management and helpdesk modules.
Accessibility standards None or don’t know
Description of accessibility TBC
Accessibility testing TBC
What users can and can't do using the API Parago provides a rest api to the asset management area to push and pull information into the system.
API documentation No
API sandbox or test environment No
Customisation available No


Independence of resources TBC


Service usage metrics No


Supplier type Reseller providing extra features and support
Organisation whose services are being resold Parago

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach With all reports, you can view them in your browser, export to excel/csv/plain text, or you can simply print. There is also a data importer for bringing in new data or merging with existing data, and this supports a wide field of formats: .xlsx, .xml, .xls, .ods, Gnumeric and .csv
Data export formats
  • CSV
  • Other
Other data export formats Xlsx
Data import formats
  • CSV
  • Other
Other data import formats Xlsx

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability There is no guarantee for a level of availability, however, we have a 99.95% uptime. The only downtime we have is for system updates for an average of 20 minutes on a monthly basis. These updates are carried out outside of working hours.
Approach to resilience Tbc
Outage reporting Parago gives at least 8 hours’ notice for outages for updates and to schedule these updates out of working hours. In an emergency, we still try to give at least a few hours’ notice and schedule to limit the impact on users but those in time zones away from Europe/London may be affected.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Depending on administrator preference, users can be signed in via a federated identity service, including Active Directory, LDAP as their identity provider. Administrative access privileges are granted separately to individual users or groups.
Access restriction testing frequency At least once a year
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 EY CertifyPoint
ISO/IEC 27001 accreditation date 18/11/2010
What the ISO/IEC 27001 doesn’t cover Na
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • ISO 9001
  • ISO 27017
  • ISO 27018

Security governance

Security governance
Named board-level person responsible for service security No
Security governance certified No
Security governance approach TBC
Information security policies and processes TBC

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Parago currently uses SVN to track change management in the system. All changes are assessed by the development team beforehand for security impact.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Vulnerabilities are assessed on an ad-hoc basis. Patches can also be pushed ad hoc. They are usually deployed after business hours. Information regarding potential threat comes from ad-hoc research by the development team.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Compromises are identified and responded to on an ad-hoc basis. Due to the level of security, we are yet to encounter a compromise and we are yet to need to respond to an incident.
Incident management type Supplier-defined controls
Incident management approach We deal with incidents on an ad-hoc basis. Users can report incidents to customersupport@parago.co.uk where the support team will escalate all cases to level 3 for immediate assessment. We do not provide incident reports to external sources.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £500 per unit
Discount for educational organisations Yes
Free trial available No

Service documents

Return to top ↑