Asset Insights Ltd

SharpCloud - UK Public Cloud (Official)

SharpCloud is the leading visual business collaboration software used to support and manage strategic decisions across business portfolios.
SharpCloud is a Gartner ‘Cool Vendor’ product that enables users to structure and visualise business information in new and innovative ways, enhancing decision-making capabilities and improving collaboration around enterprise processes and datasets.


  • Explore relationships in your data through various dynamic views
  • Connect stories and scale through SharpCloud for Enterprise
  • Fully integrated with O365 and Azure AD for seamless authentication
  • Connect to and sync with Excel (Online) and Sharepoint
  • Automate connectivity to existing enterprise systems with the SharpCloud API
  • Share stories with an unlimited number of people
  • Collaboration features let you comment, co-author and monitor stories
  • Easily acquire data straight into your stories using Forms
  • Customise dashboards and enrich stories with annotations
  • Diverse Use Cases including Roadmapping, Risk, Project Portfolio and Innovation


  • Improve communications through the creation of an engaging digital narrative
  • Generate new strategic insights across business portfolios
  • Improved collaboration around enterprise processes and datasets
  • Better visualisation of complex themes and relationships
  • Greater transparency and consistency of portfolio decisions
  • More value created from existing tools and data
  • Line of sight between teams, process owners and leadership
  • Fully enterprise ready and integrates with your business


£495 to £1000 per person per year

Service documents


G-Cloud 11

Service ID

2 7 5 6 6 7 9 2 7 3 2 4 0 9 8


Asset Insights Ltd

David Waters


Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
Only certain web browsers (specified below) are supported, and the service may not function with other browsers. Various optional applications are limited to use on Microsoft Windows devices only.
System requirements
  • Access to a suitable network connection
  • A compatible web browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
P1 incidents raised with SharpCloud support will receive a response within 2hrs during UK working hours 9am-5.30pm Monday-Friday.
Extended Support is available on request and will be priced specifically to meet customer needs including out of hours and weekend options.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
SharpCloud Public Cloud Multi-tenant instance is available on Microsoft Azure offering 99.95% availability.
P1 incidents raised with SharpCloud support will receive a response within 2hrs during UK working hours 9am-5.30pm Monday-Friday.
Extended Support is available on request and will be priced specifically to meet customer needs.
Support available to third parties

Onboarding and offboarding

Getting started
Users have access to a range of resources to help them become competent in using SharpCloud. The in-product Help story includes detailed information and downloadable guides covering all SharpCloud’s capabilities and links to a range of videos hosted on the SharpCloudTV YouTube channel.

Users have access to an online Learning Management System (LMS), allowing them to work through appropriate courses for their needs, building from beginner to expert status. Additionally users can attend free online webinars (hosted weekly) and we offer the option to purchase on-site training and custom courses.

SharpCloud includes a selection of free samples stories and public examples to inspire ideas and to help users develop great content.

We host regular ‘discovery-days’ and other events at which users share their stories and knowledge.
Service documentation
Documentation formats
End-of-contract data extraction
Data within the system can be copied to an excel file, or downloaded as a storyzip file. Data in storyzip files can be extracted into resource files and JSON objects.
End-of-contract process
At the end of contract the users and content can be removed from the system.

Should you require your data to be extracted at the point of exit a discontinuation fee will be applied, this is subject to the amount of data and security level of data held on the system.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The mobile version is a fully functioning replica of the desktop site when in landscape mode and provides a reduced interface with less visual functionality when in portrait mode.
Service interface
What users can and can't do using the API
SharpCloud offer two API's. 

The ODATA REST API (public web) provides access to story data via RESTFUL services using ODATA syntax for batch and filter operations.
Full documentation of the service can be found here:

Most objects can be created/updated via the API but the service is intended to simplify data access for web developers. As such, the API is not used by the application per se and does not enable all functionality.

The .NET SDK (requires .NET 4.7) provides full object model access to the story (items, relationships attributes etc) and can be used to interrogate and create stories. It uses the same private endpoint as the web clients so is functionally rich and can do everything the web client can.

It requires some basic knowledge of SharpCloud story structure and a .Net environment making it less suitable for simple integration with other web systems.

It is ideal for complex batch operations or desktop tools, and is used in a number of free add-on tools (e.g. Query connect which connects on-prem databases to the cloud service).
API documentation
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment
Customisation available
Description of customisation
SharpCloud can be configured and customised to help accelerate adoption and exploitation via:
Configuration of attributes, tags and relationships (by the user)
Creation and application of customised SharpCloud story templates and widgets (provided through Consultancy Support)
Creation of visualisations based on a range of pre-built models (by the user)


Independence of resources
The Public Cloud instance is a shared service. The API is throttled in order to limit the load that can be applied by anyone customer. Private Cloud deployments are also available on request to separate data and load for an additional fee.


Service usage metrics
Metrics types
Usage metrics are available through the Administration Portal, usage of shared content is available through the interface to the content creator.
Reporting types
Reports on request


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
SharpCloud Software Ltd

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data within the system can be copied to an excel file, or downloaded as a storyzip file. Data in storyzip files can be extracted into resource files and JSON objects.
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats
  • CSV
  • Other
Other data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
SharpCloud Public Cloud Multi-tenant instance is available on Microsoft Azure offering 99.95% availability.
P1 incidents raised with SharpCloud support will receive a response within 2hrs during UK working hours 9am-5.30pm Monday-Friday
Approach to resilience
Available on request
Outage reporting
Email alerts/phone calls

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
  • Other
Other user authentication
Identity Federation (AAD)
Access restrictions in management interfaces and support channels
Username or password
Identity Federation (AAD)
2 Factor Authentication
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
  • Cyber Essentials Plus (SharpCloud)
  • Cyber Essentials (Asset Insights Ltd)

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
Other security governance standards
Cyber Essentials Plus
Information security policies and processes
The Information Security Policy and Data Protection Policy are available on the internal SharpCloud SharePoint/Team site. Updates are communicated via email to all staff. They are both owned by the Chief Technology Officer.
All new staff receive induction that includes the Information Security Policy
The policies have been written based on ISO 27001 and ISO9001 standards.
There are no exceptions to the current security policies and procedures. Should an exception be raised it will be assessed and either accepted or rejected by the senior management team and the Policy updated accordingly.
SharpCloud maintains written roles and responsibilities for all IT personnel. These roles and responsibilities outline security access, reporting lines etc. for each role as documented in the Security Policy.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The service utilises Azure DevOps for deployment which ensures that the build process, configuration and deployment is managed consistently via a change process.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We follow best practice guidelines for software development using design patterns created or approved by MS including the multi-tier design pattern and application security layers (OWIN, MVC etc). Any threat we are made aware of is treated via our incident management process with changes tracked using our normal release process.
The service is constantly updated with new features and improvements. These are released approx. weekly to our SaaS services. If a security flaw is exposed, it would be patched within that timeframe. We conduct application penetration tests at least annually. MS provide constant patching and monitoring to the underlying PaaS.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
The underlying Azure PaaS has built in protection for DOS attacks etc. We recommend clients implement SSO via AAD which gives you further protection for authentication (e.g. enforce multi-factor authentication, password policies, prevent login from multiple locations etc). In addition, each story has an audit displaying access details enabling admin users to identify any suspicious activity.
The service is actively monitored by SharpCloud support staff for application level issues and Microsoft for underlying hosting (Network, storage and compute) issue.
The support team are constantly monitoring the system and performance and will react appropriately in a timely manner to any issues.
Incident management type
Supplier-defined controls
Incident management approach
All incidents are currently reported to '' and escalated accordingly.
Common issues like password resets, account unlocks will be handled by your internal IT if SSO is configured (if not this is easily done by users themselves automatically via email).
Security incidents will be reported in accordance with our incident management policy.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£495 to £1000 per person per year
Discount for educational organisations
Free trial available
Description of free trial
Anyone can try SharpCloud for Small Business for free at anytime for a period of 10 days. During this time users can create as many stories as they like and share stories with colleagues via email.

Pricing is available for 90 day assisted pilots for SharpCloud for Enterprise.
Link to free trial

Service documents

Return to top ↑