Objective Corporation Limited

Objective Keystone for Collaborative Authoring, Consultation & Engagement

Objective Keystone provides an integrated collaborative environment to develop policies and strategic plans utilising best practice content; provide a unified workspace, publishing and delivery services; and facilitate the involvement of stakeholders through real-time consultation, collaboration and engagement with local communities. Includes Collaborative Authoring and Stakeholder Engagement. Local Development Plans.


  • Consultation and Engagement Platform with Stakeholder Database
  • Document Creation, Collaboration, Versioning and Multi-Authoring
  • Dynamic Document and Web Publishing
  • Integration through API with CRM and Line of Business Systems
  • Consultaion Portal including mobile support
  • Comprehensive reporting on all event based consultations incluidng surveys/polls
  • Community Library of reusable best practice content for Government Agencies
  • One click publishing including PDF, AAA-HTML and XML
  • Templated design features allowing re-use and high quality publishing
  • Support Local Development Plans, Local Transport Plans and Water WRMP19


  • Manage the way strategic documents are created, co-authored and managed
  • High quality Organisation brand compliant content & Publishing
  • Manage the entire lifecycle for Policy Development and Strategic Plans
  • Manage the legislative process for Local Plans and Water WRMP19
  • Manage consultations, stakeholder submissions and analysis of engagement
  • Single consultee database to allow consultaion and engagement across Government
  • Proven largest Government Gloud for Consultation and Engagement for LAs
  • Multi-channel Engagement with Local Communities, Citizens, Businesses and Stakeholders
  • Integrate Social Media Policy into Statkeholder Engagement


£120 per unit per month

Service documents

G-Cloud 9


Objective Corporation Limited

Scott McIntyre

+44 (0)118 2072300


Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Objective Portfolio of Products including ECM, EDRM and Connect
Cloud deployment model Public cloud
Service constraints All planned downtime/maintenance is restricted to weekends or late at night when demand for the service is expected to be low. Notification is provided in advance to all customers to allow them time to plan any activity around the scheduled downtime
System requirements
  • Stakeholder Engagement roles require JavaScript
  • Modern Browser support - see Service Definition for further details
  • PDF Reader Required

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Between 30 minutes and 1 day depending on the priority
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support No
Support levels Standard Support Hours are 09:00 to 17:00 Monday to Friday Excluding Public Holidays. Enhanced support is available including 07:00-19:00 and 24/5.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Objective offer a range of implementation services, which are defined in the Services Service Definition. The Basic package covers the basics of system set up and ‘super user’ training, while the Advanced Package adds a layer of Consultation Institute (CI) accredited consultancy and assistance to enable best practice alongside the use of the Objective software as well as options for direct assistance to design and deliver consultation events and/or collaborative documents.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction If a customer chooses to terminate their contract a three month notice period is required. At the end of this period:
• users will be deactivated
• the DNS will be deleted
• customer data will be deleted
Customers can export their data from the system using the following tools provided by the system:
• Stakeholder Management
• Run reports for consultees and comments
• Save as XML / CSV / HTML format
• Export Documents and supporting files
• Collaborative Authoring
• Export as zip file - individual XML content files plus images for documents
• Export as Entire PDF
Customers can use the service to carry out this work themselves or alternatively Professional Services can be engaged to carry out this work on a fee basis as per G-Cloud 9 SFIA Rate Card
End-of-contract process Each party’s right to terminate is addressed in the Objective Connect terms and conditions of use. Objective also has limited suspension rights as follows:
Objective may take the Application offline or filter or block the Customer’s access, without derogating from its right to terminate this Agreement and without liability for repudiation if:
1. the Customer fails or neglects to pay any outstanding invoice within seven (7) days of the date of a written demand for payment by Objective;
2. Objective is authorised or directed to suspend the Service by a government, administrative, regulatory and/or law enforcement agency to do so;
3. for the purpose of Scheduled Maintenance;
4. the presence of a Virus threatens the integrity of the Application, Customer Data and/or hosted environment; and
5. the Customer is reasonably believed to have undertaken any prohibited actions.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices No
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing Objective Keytone Solution is tested through feedback from the Objective User Group community ref Accessibility
What users can and can't do using the API Collaborative Authoring and Stakeholder Management can be used without any development or integration. It is however possible to integrate to our solutions using our Web Service API or via our RESTful HTTP interface. The Collaborative Authoring/Stakeholder Management web browser client uses these interfaces to make the application work. This means that any data set or function that is available within the application can be made available (subject to security and licensing) to other third-party applications.
API documentation Yes
API documentation formats PDF
API sandbox or test environment No
Customisation available Yes
Description of customisation Custom defined Meta Data by the customer
Customer branding for integration with customer's website with Objective support
Template branding for Collaborative Authoring with Objective support


Independence of resources We have an operational team that pro-actively monitors and plans demand and hence ensures the elasticity of the Keystone solution. In addition, capacity management is performed for the application through the defined architecture, sizing and predicted customer demand through a multi-tenanted solution.


Service usage metrics Yes
Metrics types Service Metrics include Outage reports via the Customer dashboard
From a Consultation Engagement Model - users can configure repprts on different engagement events as part of the core functionality.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Customers can export their data from the system using the following tools provided by the system:
• Stakeholder Management
• Run reports for consultees and comments
• Save as XML / CSV / HTML format
• Export Documents and supporting files
• Collaborative Authoring
• Export as zip file - individual XML content files plus images for documents
• Export as Entire PDF
Customers can use the service to carry out this work themselves or alternatively Professional Services can be engaged to carry out this work on a fee basis.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • HTML
Data import formats
  • CSV
  • Other
Other data import formats HTML

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network Other
Other protection within supplier network IPC and message queues

Availability and resilience

Availability and resilience
Guaranteed availability There is a target service level of 99.8% for the application.
Approach to resilience Our global data centre and bandwidth supplier is Peer1 Hosting. Full redundancy is implemented throughout, including traffic re-routing to guarantee our services are delivered 24/7. Our data centres have a high level of security and resilience, with 24-hour air-conditioning power, UPS with emergency generators for backup, fire detection and suppression and security measures that include active security measures. Onsite facilities include heating, ventilation, air-conditioning and UPS are all configured to N+1 standards, which means that no single point of failure exists. UPS are backed up by onsite generators.
Outage reporting Users can see service outages reported in their application dashboard
Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Service management via bastion hosts and use of a VPN
Access restriction testing frequency Less than once a year
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 ACS Registrars
ISO/IEC 27001 accreditation date 15/07/2015
What the ISO/IEC 27001 doesn’t cover The scope of Objective's accreditation covers the following: The protection of data for the provision of specialist information management software solutions and services around content collaboration and process management to the corporate and public sector. Assets protected include all organisation data client data required for the delivery of services and supporting physical and cloud based IT infrastructure. Assets protected are within the physical locations internal networks external connectivity and remotely managed services within the control of Objective Corporation UK Ltd. in Accordance with Statement of Applicability Ver 1.3
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes All Objective staff in the UK are responsible for conforming to the security manual in all their work. The procedures which make up the Information Security Management System (ISMS) define specific responsibilities. The Objective UK Information Security Manager, who reports directly to the General Manager UK, is responsible for the ISMS design and development, liaison with external advice and guidance (e.g. interest groups, product user groups). He is responsible for:
• owning the ISMS and ensuring that it presents an integrated set of policies and controls which support Objective’s information security policy
• establishing information security objectives to support the policy, and controlling their achievement
• ensuring that any failures, events or improvement opportunities relating to information security are recorded and addressed as appropriate (including retention of records as required)
• maintaining the ISMS components in accordance with agreed improvements, and ensuring that they are implemented correctly
• ensuring that any resources required to support information security are identified and requested
• monitoring the system's effectiveness through audits and other measures
• ensuring compliance with the requirements of ISO 27001
• ensuring staff awareness of information security
• maintaining knowledge of information security good practice.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Change and configuration management procedures are followed to track service components throughout their lifecycle to ensure the network remains operational and stable at all times. No changes may be made to the IT infrastructure without the Systems Administrator’s approval. The Systems Administrator reviews and risk assesses changes for potential security impact and mitigates and manages appropriately before deployment onto live system environments
Vulnerability management type Supplier-defined controls
Vulnerability management approach Incidents are raised in response to threat identification and managed on a risk impact assessed basis and prioritised for response.
Patches are deployed and managed in accordance with defined processes with emergency patch processes defined for dealing with high impact / high priority incidents. Potential threats and threat actors are monitored and regularly reviewed as part of the regular review process.
Protective monitoring type Supplier-defined controls
Protective monitoring approach A multi-layered strategic approach exists to protect the data, network and laptop/desktops from Internet borne threats that uses: • Anti-virus and malware scanner software on laptops/desktops and servers to protect against virus and malware infections • Email filtering to prevent email based attacks delivered in the form of incoming spam mail. • A firewall regulates inbound and outbound traffic to protect against potential threats. • Anti-malware protection • Operating systems software is updated to address known vulnerabilities. Tickets are raised in response to an incident and prioritised for response based on risk assessment.
Incident management type Supplier-defined controls
Incident management approach Users report and raise incidents through the Support Portal and tickets are raised to progress incidents. Each ticket is reponded to with details of root cause of the incident together with incident resolution details identified.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £120 per unit per month
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑