4 Roads Ltd

Engagement Management Professional (Public Cloud)

This solution enables public sector organisations achieve their customer engagement and digital transformation goals. Key aspects include a customer portal, case management, knowledge management, enterprise search, analytics, end-to-end process automation, CRM and social/email support. Delivered as a cost-effective public cloud solution, each tenant's data/services are securely maintained and individually configured.


  • Customer portal to enable self-service opportunities
  • Case management with workflow to enable automation
  • Knowledge management and Enterprise Search
  • Process management to help deliver efficient services
  • Reporting and customer insights to inform decision making
  • Forms to enable smarter data collection
  • Integrations including REST-based APIs
  • Customer Relationship Management (CRM) functions
  • Live agent-assisted chat with support for AI assistance
  • Social messaging integrations to be where the customer is


  • Digitally enable processes (including automated integration)
  • Channel shift services to responsive digital / self-serve channels
  • Understand what's working well, what isn't and why.
  • Reduce/eliminate waste (e.g. remove "middle office")
  • Deliver personalised services to customers
  • Optimise point of contact resolution
  • Deliver efficient employee / partner processes through a unified portal
  • Enable processes to support GDPR compliance
  • Allow for social media listening and transaction intake
  • Provide web chat capability


£21 per person per month

Service documents


G-Cloud 11

Service ID

2 5 6 3 9 7 0 5 2 0 2 7 9 9 0


4 Roads Ltd

James Browne

+44 0808 189 2044


Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
The 4 Roads service wraps around Verint's EM Professional to provide additional services such as solutions development, customisation and integrations as part of the service rather than a separate procurement.
Cloud deployment model
Hybrid cloud
Service constraints
There are no constraints beyond the standard system requirements for the solutions.
System requirements
Supported browser (any modern version)

User support

Email or online ticketing support
Email or online ticketing
Support response times
Tickets are responded to on a priority basis, ranging from Level 1 Urgent to Level 3 Not Urgent, as per the Service Level Agreement (SLA). SLAs are agreed with clients based on business and operational needs. Our standard response times range from 4 hours to 2 days. Out of office hours, our response times are as agreed with the client per their needs. High-security tickets will be answered 24/7.
User can manage status and priority of support tickets
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 A
Web chat accessibility testing
Onsite support
Yes, at extra cost
Support levels
Custom support packages depending on the agreed SLA. We can provide a support desk service and service monitoring, application maintenance, patching, knowledge base and error/bug logging, SLA reporting. Pricing can be arranged based on support hours or a fixed support contract depending on the level of customisation and support required. Development is charged separately. An Account Manager is provided with all support levels.
Support available to third parties

Onboarding and offboarding

Getting started
Onboarding services are included within the pricing for the services provided (refer to the pricing document). This is for commissioning: additional work to assist you in configuring required processes and integrations can then be performed either by the client or Verint through additional services at the SFIA rates. A video tutorial is available at no additional charge with the service as a primer for the configuration of processes on the service. A range of additional training courses are available, if required, for business and technical users at the SFIA rates provided. Comprehensive product documentation and product videos are available. Users can also access the Verint Online Community to receive advice, guidance and process collateral from Verint and their worldwide customer base.
Service documentation
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • Video
  • Example Screenshots
End-of-contract data extraction
Following a formal and authenticated request for the data, a full extract of user data will be provided within 10 days of service termination (or earlier by special arrangement).
End-of-contract process
At the agreed termination date, all access to the service will be removed. Unless previously agreed, this date will also trigger the extract and transfer of user data, assuming this is required. The costs of this data extraction and the subsequent purging of that data (from both production and backup environments) will be dependent on data volumes and will be scoped and reasonably charged for at the SFIA rates appropriate.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
A responsive design and the use of HTML5 features within the Forms module allows usage on a variety of mobile and desktop devices, with context specific rendering according to the device type used (e.g. phone number fields, dates, location, etc).
Service interface
What users can and can't do using the API
The solution provides an extensive capability to access configured processes within the Process Management component using SOAP/REST APIs which in turn can drive a comprehensive range of CRM/Case management activities throughout the service. This capability allows for full interoperability of the service with legacy applications and data sources, subject to secure access (via SSL support).
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
The service allows clients to configure case, process, workflow, forms and knowledge search components through supported configuration interfaces. This includes the configuration of integrations to client or cloud third party systems using modern web service techniques (e.g. REST). These configurations can be performed by business-level staff for simpler aspects and IT-level staff for more complex configurations and integrations.


Independence of resources
The solution is provided on the Amazon Web Service which allows for elastic scaling of resources to scale with demand automatically.


Service usage metrics
Metrics types
We provide a 99.5% uptime availability level which is monitored and used to measure service quality.
Reporting types
Reports on request


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
In addition to the end of contract process described above, a range of data is available for download (e.g. form XML, search results export as CSV/PDF/Excel etc).
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats
  • CSV
  • Other
Other data import formats
  • Process Management data ingestion (rules based)
  • Ad hoc data import (file upload widget)

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Availability of the service is 99.5%, assured by contractual commitment.
Approach to resilience
Provided through a combination of load balancing, duplication of servers, virtual servers and other techniques.
Outage reporting
Outages will be notified via our Customer Community: users can subscribe to this to receive proactive notifications.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication
"Users" access the system via username or passwords, optionally over a VPN. For citizens/customers accessing processes associated with the service, a range of authentication capabilities are available including Identity Federation (e.g. Gov.UK Verify) using SAML and/or OAUTH. 2 factor authentication can be supported through additional customisation. The system is open and flexible to allow support for other forms of authentication (e.g. 2-factor or Public key) if required - additional services would be required.
Access restrictions in management interfaces and support channels
Through username and password to configuration and support interfaces.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Verint manage the risks that have a potential to impact Verint’s SaaS solutions through:
Formal information security programs; Pre-employment screening ; programs; Regular participation in standards audits to validate certifications and compliance; Systems monitoring and log reviews; Routine preventative maintenance; Threat detection and mitigation systems; Adherence to rigid processes and procedures; Regular reviews and vulnerability testing of the SaaS solutions; Implementation of industry best practices; Incorporation of security in our software designs; Resilient and redundant systems design; Broad legal protections secured through partner contracts. Active ISO risks are centrally tracked and assigned an owner, who is responsible for addressing them and reporting on the status until the risk has been mitigated. An identified risk is never reviewed in isolation from other mitigating controls. Once all controls are taken into account, a full picture of the actual risk is defined and used for determining the corrective actions.

Verint's hosting partner for this public cloud offering (Amazon) are also 27001 compliant.

Verint and its hosting partner continuously monitor for new vulnerabilities or changes that may expose its SaaS solutions to new risks. If identified, risks are addressed according to the aforementioned mechanisms and process.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
A change configuration board is maintained and consulted for all service changes to the public cloud solution.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Verint monitor all relevant vendor and security alert mailing lists for updates on operating system and supporting application vulnerabilities. Each alert is categorised according to a defined schema and advice on how to best handle each vulnerability is supplied to production teams. The three categories of vulnerabilities are: Irrelevant - not patched; Relevant noncritical - patched as part of the normal patching cycle; Critical - Verint initiates the Critical Vulnerability Process which may result in the vulnerability being patched immediately, depending on operational impact and apparent risk of server compromise. This category of vulnerabilities are typically patched inside 48 hours
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Verint maintains Intrusion Detection Systems at its network borders, and runs daily network scans to detect anomalous server network configurations. Information from these systems is combined with a centralised log repository that allows Verint system administrators to analyse the data as a whole and detect correlations and patterns within the data.

If an anomaly is detected and confirmed as a security incident, the Security Incident Response Plan is followed, which includes notification of impacted customers and full remediation of the issue.
Incident management type
Supplier-defined controls
Incident management approach
When the Security Incident Response Plan is initiated, the following activities occur: 1) The Customer Response Team consults the Security Incident Identification Guide; 2) Once the impact of the incident has been identified, impacted customers are notified; 3) A response plan to remediate the issue is written; 4) The Lead System Administrator and Support Manager oversee actions from the plan to make sure they are carried out; 5) An incident closure report is written, that documents all of the actions taken and their result; 6) The reports are supplied to impacted customers; 7) The incident is closed.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks


£21 per person per month
Discount for educational organisations
Free trial available
Description of free trial
Access to a demonstration level version of the service on a special request basis. Access will be limited to an agreed number of users for a mutually agreed period.
Link to free trial
Not publically provided.

Service documents

Return to top ↑