ROL Solutions Ltd


GovMetric is an established service enabling over 75 public sector providers to gather customer feedback and thereby understand the quality and quantity of their service delivery across all of their access channels, 24/7. Online reporting allows the data to be analysed, graphed, distributed and benchmarked thereby gaining maximum insight.


  • Customer satisfaction monitoring
  • Real time reporting
  • Multi channel
  • Customer experience
  • Customer feedback
  • Customisable forms & surveys
  • Benchmarking
  • Dashboards
  • Automated reporting
  • Web analytics


  • Inform and evaluate your channel migration strategy
  • Target improvements where it makes a difference to customers
  • Support 'right first time' service delivery
  • Reduce formal complaints
  • Achieve your key corporate objectives and measure performance against KPI's
  • Benchmark with other local authorities
  • Reduce the cost of collecting data manually
  • Workflow feedback across the organisation to deliver customer excellence
  • Understand the customer journey
  • Improve your digital platform


£3500 to £25500 per instance per year

Service documents

G-Cloud 11


ROL Solutions Ltd

Nic Streatfeild


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints No, the service is available 24 hrs a day, 7 days per week.
System requirements Latest browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 9 to 5 (UK time), Monday to Friday
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels Standard level of support is 0830 to 1730 and is inclusive in annual support fees.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Once your order is confirmed, we will schedule a kick-off meeting as soon as possible. Following this meeting you can expect to be completely up and running within 6 - 8 weeks, subject to resource availability.
We will provide an experienced project manager who will work with a nominated contact from your end.

Our project manager will help you to:
- Confirm the GovMetric components needed to meet to your requirements,
- Identify sources of interaction data and confirm the requirements for any GovMetric interfaces with other systems,
- Agree your question sets and service categories,
- Agree and execute a project plan.

We offer the following training sessions to our new clients, all of which are included in the standard set up price. This includes:
- Promoting GovMetric,
- Staff engagement,
- Train the trainer,
- Introduction to reporting.

Once you are up and running with GovMetric, we will provide you with a further training session approximately 2-3 weeks after going live. We will work through the data that you have collected so far, and discuss how to build on your success.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction At the end of the contract the user can download via the in-built extract function all data as required. This can be downloaded as a CSV file. Should the user require any assistance with this functionality, then this would be provided by GovMetric at no additional charge.
End-of-contract process At the end of your contract, the data collection and reporting systems can be turned off at no cost should you choose not to renew.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Access to the survey is mobile responsive resizing dependant on the device type. The reporting suite is fully accessible online and again resizes to present fully on a mobile device.

There is no tangible difference between access from a mobile or a desktop.
Service interface Yes
Description of service interface The service interface enables users to view customer satisfaction and feedback data through a series of dashboards and management reports.
Accessibility standards WCAG 2.1 AA or EN 301 549
Accessibility testing The service has been tested by users of assistive technology across its customer base to ensure ease of use.
What users can and can't do using the API The API enables the extraction of processed data.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The following features are customisable by users:
Management Reporting,

The following features are customisable by admin:


Independence of resources All traffic to our systems is load balanced across multiple servers in multiple disparate data centres. There are various levels of caching in place to ensure that the service is always as responsive as possible.


Service usage metrics Yes
Metrics types Service metrics can be provided on a regular basis through agent dashboards.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Data can be downloaded via the in-built extract function. This is downloaded as a CSV file.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Reasonable endeavours will be made to ensure the GovMetric Service Platform is available for access by the Subscribing Client to meet an annual average uptime target of 99.99%.
Approach to resilience All services are replicated over multiple-geographically disbursed locations with all traffic load balanced between. Faulty systems within our platform are automatically removed and replaced to ensure full resilience.
Outage reporting Service outage reports are communicated by our Service desk via email and telephone where appropriate.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels There are named contacts for all subscribers who can contact and arrange service changes.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 QMS UK LTD
ISO/IEC 27001 accreditation date 17/10/2016
What the ISO/IEC 27001 doesn’t cover ISO 27001 applies to all aspects of the company's service provision.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes The company is accredited under ISO27001. The company's Managing Director directly oversees the ISMS through regular Operations Meetings with direct reports.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The Change Control process is designed to capture and manage the various requests for changes, upgrades and development of the Service Platform.

Subscriber requests for changes and updates will be reviewed by the company using an Issue Management system.

Any agreed changes then go through a process of configuration and testing prior to being deployed to the live environment.
Vulnerability management type Supplier-defined controls
Vulnerability management approach All GovMetric servers are monitored using the Amazon AWS Inspector service, which reviews all servers against potential security issues and vulnerabilities, as set out in 'Common Vulnerabilities and Exposures' and 'Security Best Practices' defined by the AWS Inspector Core Rules Sets. All found issues and vulnerabilities are reviewed on a weekly basis by the senior technical team and dealt with according to the relative risk.
Protective monitoring type Supplier-defined controls
Protective monitoring approach All external traffic to our platforms are automatically monitored and protected by our cloud provider, Amazon AWS, who comply with various standards relevant to the security of its services including ISAE 3402. Any traffic getting through to our systems is then monitored by our engineering team with automated alerts triggered in the case of abnormal trends e.g. due to brute force or DDOS attacks. Any potential issues are investigated immediately with further analysis of the relevant server and service logs.
Incident management type Supplier-defined controls
Incident management approach Common events (e.g. unsuccessful penetration attacks) are dealt with by the engineering team with the relevant customer account manager notified. A summary of the event would be raised at the next Operations Meeting (which involves the entire management team). The account manager will decide upon the appropriate manner to inform the customer.

Critical events (e.g. successful penetration attacks) - dealt with by the engineering team however the entire management team are notified/kept updated until the attack is halted. An incident report will be shared with affected customers detailing the level of the attack and what (if any) data was accessed.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £3500 to £25500 per instance per year
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑