4 Roads Ltd

Engagement Management Professional (Public Cloud)

This solution enables public sector organisations achieve their customer engagement and digital transformation goals. Key aspects include a customer portal, case management, knowledge management, enterprise search, analytics, end-to-end process automation, CRM and social/email support. Delivered as a cost-effective public cloud solution, each tenant's data/services are securely maintained and individually configured.


  • Customer portal to enable self-service opportunities
  • Case management with workflow to enable automation
  • Knowledge management and Enterprise Search
  • Process management to help deliver efficient services
  • Reporting and customer insights to inform decision making
  • Forms to enable smarter data collection
  • Integrations including REST-based APIs
  • Customer Relationship Management (CRM) functions
  • Live agent-assisted chat with support for AI assistance
  • Social messaging integrations to be where the customer is


  • Digitally enable processes (including automated integration)
  • Channel shift services to responsive digital / self-serve channels
  • Understand what's working well, what isn't and why.
  • Reduce/eliminate waste (e.g. remove "middle office")
  • Deliver personalised services to customers
  • Optimise point of contact resolution
  • Deliver efficient employee / partner processes through a unified portal
  • Enable processes to support GDPR compliance
  • Allow for social media listening and transaction intake
  • Provide web chat capability


£21 per person per month

Service documents

G-Cloud 11


4 Roads Ltd

James Browne

+44 0808 189 2044


Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to The 4 Roads service wraps around Verint's EM Professional to provide additional services such as solutions development, customisation and integrations as part of the service rather than a separate procurement.
Cloud deployment model Hybrid cloud
Service constraints There are no constraints beyond the standard system requirements for the solutions.
System requirements Supported browser (any modern version)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Tickets are responded to on a priority basis, ranging from Level 1 Urgent to Level 3 Not Urgent, as per the Service Level Agreement (SLA). SLAs are agreed with clients based on business and operational needs. Our standard response times range from 4 hours to 2 days. Out of office hours, our response times are as agreed with the client per their needs. High-security tickets will be answered 24/7.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 A
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.1 A
Web chat accessibility testing None.
Onsite support Yes, at extra cost
Support levels Custom support packages depending on the agreed SLA. We can provide a support desk service and service monitoring, application maintenance, patching, knowledge base and error/bug logging, SLA reporting. Pricing can be arranged based on support hours or a fixed support contract depending on the level of customisation and support required. Development is charged separately. An Account Manager is provided with all support levels.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Onboarding services are included within the pricing for the services provided (refer to the pricing document). This is for commissioning: additional work to assist you in configuring required processes and integrations can then be performed either by the client or Verint through additional services at the SFIA rates. A video tutorial is available at no additional charge with the service as a primer for the configuration of processes on the service. A range of additional training courses are available, if required, for business and technical users at the SFIA rates provided. Comprehensive product documentation and product videos are available. Users can also access the Verint Online Community to receive advice, guidance and process collateral from Verint and their worldwide customer base.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • Video
  • Example Screenshots
End-of-contract data extraction Following a formal and authenticated request for the data, a full extract of user data will be provided within 10 days of service termination (or earlier by special arrangement).
End-of-contract process At the agreed termination date, all access to the service will be removed. Unless previously agreed, this date will also trigger the extract and transfer of user data, assuming this is required. The costs of this data extraction and the subsequent purging of that data (from both production and backup environments) will be dependent on data volumes and will be scoped and reasonably charged for at the SFIA rates appropriate.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service A responsive design and the use of HTML5 features within the Forms module allows usage on a variety of mobile and desktop devices, with context specific rendering according to the device type used (e.g. phone number fields, dates, location, etc).
Service interface No
What users can and can't do using the API The solution provides an extensive capability to access configured processes within the Process Management component using SOAP/REST APIs which in turn can drive a comprehensive range of CRM/Case management activities throughout the service. This capability allows for full interoperability of the service with legacy applications and data sources, subject to secure access (via SSL support).
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The service allows clients to configure case, process, workflow, forms and knowledge search components through supported configuration interfaces. This includes the configuration of integrations to client or cloud third party systems using modern web service techniques (e.g. REST). These configurations can be performed by business-level staff for simpler aspects and IT-level staff for more complex configurations and integrations.


Independence of resources The solution is provided on the Amazon Web Service which allows for elastic scaling of resources to scale with demand automatically.


Service usage metrics Yes
Metrics types We provide a 99.5% uptime availability level which is monitored and used to measure service quality.
Reporting types Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold Verint

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach In addition to the end of contract process described above, a range of data is available for download (e.g. form XML, search results export as CSV/PDF/Excel etc).
Data export formats
  • CSV
  • Other
Other data export formats XML
Data import formats
  • CSV
  • Other
Other data import formats
  • Process Management data ingestion (rules based)
  • Ad hoc data import (file upload widget)

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Availability of the service is 99.5%, assured by contractual commitment.
Approach to resilience Provided through a combination of load balancing, duplication of servers, virtual servers and other techniques.
Outage reporting Outages will be notified via our Customer Community: users can subscribe to this to receive proactive notifications.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication "Users" access the system via username or passwords, optionally over a VPN. For citizens/customers accessing processes associated with the service, a range of authentication capabilities are available including Identity Federation (e.g. Gov.UK Verify) using SAML and/or OAUTH. 2 factor authentication can be supported through additional customisation. The system is open and flexible to allow support for other forms of authentication (e.g. 2-factor or Public key) if required - additional services would be required.
Access restrictions in management interfaces and support channels Through username and password to configuration and support interfaces.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Verint manage the risks that have a potential to impact Verint’s SaaS solutions through:
Formal information security programs; Pre-employment screening ; programs; Regular participation in standards audits to validate certifications and compliance; Systems monitoring and log reviews; Routine preventative maintenance; Threat detection and mitigation systems; Adherence to rigid processes and procedures; Regular reviews and vulnerability testing of the SaaS solutions; Implementation of industry best practices; Incorporation of security in our software designs; Resilient and redundant systems design; Broad legal protections secured through partner contracts. Active ISO risks are centrally tracked and assigned an owner, who is responsible for addressing them and reporting on the status until the risk has been mitigated. An identified risk is never reviewed in isolation from other mitigating controls. Once all controls are taken into account, a full picture of the actual risk is defined and used for determining the corrective actions.

Verint's hosting partner for this public cloud offering (Amazon) are also 27001 compliant.

Verint and its hosting partner continuously monitor for new vulnerabilities or changes that may expose its SaaS solutions to new risks. If identified, risks are addressed according to the aforementioned mechanisms and process.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach A change configuration board is maintained and consulted for all service changes to the public cloud solution.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Verint monitor all relevant vendor and security alert mailing lists for updates on operating system and supporting application vulnerabilities. Each alert is categorised according to a defined schema and advice on how to best handle each vulnerability is supplied to production teams. The three categories of vulnerabilities are: Irrelevant - not patched; Relevant noncritical - patched as part of the normal patching cycle; Critical - Verint initiates the Critical Vulnerability Process which may result in the vulnerability being patched immediately, depending on operational impact and apparent risk of server compromise. This category of vulnerabilities are typically patched inside 48 hours
Protective monitoring type Supplier-defined controls
Protective monitoring approach Verint maintains Intrusion Detection Systems at its network borders, and runs daily network scans to detect anomalous server network configurations. Information from these systems is combined with a centralised log repository that allows Verint system administrators to analyse the data as a whole and detect correlations and patterns within the data.

If an anomaly is detected and confirmed as a security incident, the Security Incident Response Plan is followed, which includes notification of impacted customers and full remediation of the issue.
Incident management type Supplier-defined controls
Incident management approach When the Security Incident Response Plan is initiated, the following activities occur: 1) The Customer Response Team consults the Security Incident Identification Guide; 2) Once the impact of the incident has been identified, impacted customers are notified; 3) A response plan to remediate the issue is written; 4) The Lead System Administrator and Support Manager oversee actions from the plan to make sure they are carried out; 5) An incident closure report is written, that documents all of the actions taken and their result; 6) The reports are supplied to impacted customers; 7) The incident is closed.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £21 per person per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Access to a demonstration level version of the service on a special request basis. Access will be limited to an agreed number of users for a mutually agreed period.
Link to free trial Not publically provided.

Service documents

pdf document: Pricing document odt document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑