Aspyre is a cloud-based, portfolio, programme, project & PMO management software tool with a proven track-record of: increasing the visibility of your portfolio of programmes and projects; ensuring consistent, standardised and real-time reporting; achieving significant financial savings; enabling seamless, collaborative working with external organisations; promoting innovation by capturing ideas.
- Portfolio, programme, project and PMO management
- Risk and issue management
- Milestones and dependencies management
- Financial (savings and costs)and other benefits management
- Strategic objectives, KPIs and efficiency targets
- Initiatives and ideas management
- Resource planning and tracking (including timesheets)
- Lessons learned information
- Extensive reporting suite and multiple dashboards
- Meeting minutes and agendas - improves meeting administration
- Improves visibility of portfolios/programmes/projects across your entire organisation
- Provides a consistent way of working
- Significantly reduces the time taken to produce reports
- Data is entered once but reported in many ways
- Facilitates better planning of programmes and projects
- Enables seamless collaborative working, internally and with external partner organisations
- Allows lessons learned to be captured, shared and reported on
- Effectively manages your resources
- Helps to ensure programme/project benefits are realised
- Extensive in-house public sector experience to help facilitate implementations
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Service constraints||The service may be unavailable for a short time after 21:00hrs to allow for periodic updating of the application.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Our cloud-based ticketing system will instantly log all calls and reply back to the sender with an email acknowledging receipt.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.1 AA or EN 301 549|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Onsite support|
As part of an 'Aspyre Package', we will carry out all of the initial setup and configuration of Aspyre’s ‘tree structure’. We will use our extensive experience to help you quickly see results from Aspyre. This will involve the creation of folders that represent your organisation's structure, all your divisions/departments together with folders for each of your programmes and projects, a number of which we will flesh out ‘end-to-end’ with data provided by yourselves. We can complete this and get you up and running, including training of your users, in a matter of days. This is something that really sets us apart from our competition where it’s common to wait several months to get their systems configured and users allowed onto it.
We also include a Reporting Guidance document, customised for your own organisation, that will show the ‘minimum dataset’ that needs to be completed in order to produce meaningful reports etc. We will then use this document to provide on-screen ‘hover text’ to assist users and flag up mandatory fields to be completed.
We will provide a dedicated technical account manager that can be contacted via phone or email.
Our Aspyre Support team are also available via email.
|Support available to third parties||Yes|
Onboarding and offboarding
We typically provide onsite training but online training can also be provided, if required.
User documentation, training manuals and videos can be found within the application and hard copies are also provided.
|End-of-contract data extraction||
Users can extract data themselves via an xml export facility.
We can also provide a flat file of client data at the end of a contract.
|End-of-contract process||We can provide a flat file of data at the end of a contract. This will not include any documents that a client may have uploaded to the application. These can be retrieved by the client themselves or we can carry this out on their behalf but this would incur additional costs.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Accessing Aspyre using a mobile device is essentially the same as the desktop service although it has obviously been designed to resize perfectly for smaller screens to make it more user-friendly. If data is amended using a mobile device then this will automatically be reflected in the desktop service, and vice versa.|
|Description of customisation||
As part of an Aspyre Package, we will carry out the initial configuration of your system based on working directly with yourselves and sharing our extensive experience of working with similar clients. We will also train a number of your own users to be in-house 'Administrators' so that they will be able to carry out these tasks autonomously in the future.
Aspyre can be configured in the following ways:
Functionality/screens can be enabled/disabled.
Additional data fields can be added and/or removed, if not required.
Data field names on each screen can be amended to suit.
Choices in drop-down lists can be added to/amended.
Data fields can be made mandatory.
Hover text (on-screen guidance notes) can be added to assist users.
Logos can be uploaded and assigned to different areas of Aspyre, as required. The relevant logo is then automatically included on all reports generated from Aspyre.
Aspyre allows multiple configurations of all the functionality mentioned above to be applied to different areas of the 'tree structure' - this allows separate organisations and/or departments to work in the exact way that they want and produce the required reports for their respective audiences.
|Independence of resources||
Performance of the Aspyre system is monitored on a regular basis through reports provided by our third-party data hosting provider.
Each client has their own individual Aspyre database stored on the server.
|Service usage metrics||Yes|
|Metrics types||Users with Administrator level access can use a suite of administrative tools including an 'Audit Trail' facility.|
|Reporting types||Reports on request|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||Less than once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||Other|
|Other data at rest protection approach||
All Aspyre data is hosted by a third-party company named Piksel (formerly known as IOKO/Carelink). They are the longest established, most highly accredited specialist provider of NHS N3 hosting services.
All equipment used is within the Telehouse data centre in London which offers Tier 4 levels of security.
Our hosted infrastructure is held within a secure enclosed suite (TFM20) where access requests are managed via the Piksel Service Desk and restricted to Piksel engineers and trusted 3rd party support.
Piksel’s security structure has the following accreditations: ISO 27001, ISO 20000, ISO 9000 and IGSoc.
|Data sanitisation process||No|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||Users can export data via xml reporting functionality. All other reports generated within Aspyre can also be exported into common formats such as .pdf, .xls, .rtf, etc. and exported.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||Please refer to 'Addendum 1 - Service Level Agreement' which can be found in the document - Aspyre Terms and Conditions for G-Cloud 9.|
|Approach to resilience||Please refer to 'Section 3. Data Backup, Restore & Disaster Recovery' of the uploaded document - Aspyre Service Definition for G-Cloud 9.|
|Outage reporting||Please refer to 'Section 3. Data Backup, Restore & Disaster Recovery' of the uploaded document - Aspyre Service Definition for G-Cloud 9.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||
Our management interfaces use role-based access control to limit
functionality to specific user accounts.
These Administrator roles can be used by clients to tailor functionality of the application, setup and configure user access rights, etc. They can also be configured so as to only have Administrator rights for a particular area/division/department.
Our support staff have global access to the entire application in order to be provide first-class levels of support.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||SGS United Kingdom Ltd.|
|ISO/IEC 27001 accreditation date||05/12/2008|
|What the ISO/IEC 27001 doesn’t cover||The ISO/IEC 27001 accreditation mentioned above applies to the data hosting provided by our third-party partners, Piksel. Further documentation around this and any other data-hosting related information is available on request.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
It is the Policy of Mosaique Limited to ensure that:
i) Information will be protected from a loss of: confidentiality, integrity and availability.
ii) Regulatory and legislative requirements will be met.
iii) Business continuity plans will be produced, maintained and tested.
iv) Information security training will be available to all staff.
v) All breaches of information security, actual or suspected, will be reported to, and investigated by, the Information Security Manager.
Guidance and procedures have been produced to support this policy. These include incident handling,information backup, system access, virus controls, passwords and encryption.
The role and responsibility of the designated Information Security Manager is to manage information security
and to provide advice and guidance on implementation of the Information Security Policy.
The designated owner of the Information Security Policy has direct responsibility for maintaining and reviewing the Information Security Policy.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
We have a robust and mature change process that is fully integrated throughout all areas of the business asset change lifecycle.
Change and configuration management activities conducted by Mosaique include: logging and scheduling of service requests received from clients, impact and risk analysis of proposed changes in liaison with relevant 3rd parties, including change approval, security review and regression planning, maintenance of a log of changes; a summary of relevant changes is provided to customers on a quarterly basis.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
As part of our centralised patch management and monitoring process, we ensure that operating system patches and enhancements are assessed and applied to our management and customer infrastructure in a regular, timely manner with the minimum impact to service. Any minor updates that may be required are carried out to the server after 20:00hrs.
We maintain our situational awareness of new and emerging threats through engagement with vendors, CERTS and specialist groups.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
All Aspyre data is held by our third-party data hosting provider - Piksel (Carelink).
Piksel undertake to provide monitoring, management and issue resolution for the server hardware, operating system, web services and Internet from their Tier-4 Data centre.
Monitoring of hardware, specific processes and agreed applications are managed via Piksel’s Nagios monitoring solution.
The core networking infrastructure, including switches and firewalls, and every server hosted in the Carelink Environment are monitored around the clock. Server monitoring includes network connection, http response, processor usage, disk space usage as well as key processes and services.
|Incident management type||Supplier-defined controls|
|Incident management approach||
We operate a well-defined and established incident management process to log, assign and diagnose incidents based upon urgency and impact and to restore service operation as quickly as possible with the minimum of disruption, in line with our SLAs.
Users will report incidents via email to our Aspyre Support team.
An incident priority will be established and the incident will be logged on our ticketing system.
Diagnostics and investigations will be carried out until the incident has been satisfactorily resolved.
Please refer to the following document for further information - Aspyre Service Definition for G-Cloud.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£16 to £25 per licence per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||
Core functionality included in 30-day trial version:
Details/Project Initiation Document (PID)
Risks & Issues
KPIs & Objectives
Plan (including Gantt)
|Link to free trial||https://www.aspyreweb.com/AspyreWeb/Trial/AspyreTrial.aspx|