This G-Cloud 10 service is no longer available to buy.

The G-Cloud 10 framework expired on Tuesday 2 July 2019. Any existing contracts with SPS UK&I LIMITED are still valid.
SPS UK&I LIMITED

Swiss Post Solutions uBook Courier Management

uBook is an easy to use cloud based tool for booking and managing couriers, that ensures compliance and directs users to the most cost-effective courier service for their needs.

Features

  • Cloud based service accessible from desktop, laptop, tablet
  • Pre-populated with approved suppliers
  • Intelligent service selection, active spend management, multiple user profiles
  • Saved profiles and addresses - automated address validation
  • Automated production of appropriate shipping documents for consignment type
  • Prompts for additional documentation if required
  • Tracking integrated with leading suppliers for full visibility
  • Reporting on consignment and location by sender
  • Powerful reporting including by cost centre, trends etc.
  • Automated invoice reconciliation and supplier performance reporting

Benefits

  • Visibility and control of spend
  • Low volume users benefit from collective discounts
  • Less time spent booking/tracking and reporting – increased productivity
  • Substantially reduces cost in administering and reconciling courier spend
  • Provides single view audit trail for all consignments
  • Ensures all consignments are handled according to regulations
  • Links to guidance on import/export regulations and requirements
  • Control of supplier usage
  • Increased adherence to policy – less maverick spend
  • Easy to use; optional intranet integration and single sign-on

Pricing

£650 a unit

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid.team@spsglobal.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 10

Service ID

2 8 7 2 3 7 8 8 0 4 2 9 9 0 7

Contact

SPS UK&I LIMITED SPS Bid Team
Telephone: 0845 301 3708
Email: bid.team@spsglobal.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
At this time, there are no foreseen service constraints that buyers should know about.
System requirements
Users have anti-virus Softare installed on their devices

User support

Email or online ticketing support
Email or online ticketing
Support response times
Yes, service centre, up to 5 days to respond/resolve issues
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
No
Support levels
We have a Service Centre (Help Desk) included as part of our service. The normal operating hours of our Service Centre are 8am to 6pm but clients have the ability to submit a query/ticket between 7am and 8am via our online Service Centre Plus online system. Anything received between 7am and 8am will be picked up by the Help Desk staff at 8am. Should this not be sufficient, we are happy to look at bespoke options for specific clients. Our support engineers are on hand to assist users with a range of queries and tickets are raised for all queries which are monitored to resolution. Other than our Service Centre Plus online system, support queries can also be sent in by email, phone or fax.
Support available to third parties
No

Onboarding and offboarding

Getting started
All chosen Users of the Service will be provided with their own login/Service Access Credentials. SPS adopts the train-the-trainer approach to product training. User guides will also be provided.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
A specific Data extraction plan will be planned and agreed with the customer. Depending on the agreed data extraction plan, will depend on the method of data extraction. All data extraction methods are secure and inline with ISO27001 procedures.
End-of-contract process
Exit fee's will be discussed and agreed with the client on each contractual basis before contract signature. Depending on the clients requirements regarding Contract exit and termination, will depend on what happens at the end of the contract

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Firefox
  • Chrome
Application to install
No
Designed for use on mobile devices
No
Accessibility standards
None or don’t know
Description of accessibility
The service is accessible via a standard web browser.
Accessibility testing
SPS at this time has not undergone interface testing for users of assistive technology, however testing of this sort is in the service development pipeline.
API
No
Customisation available
Yes
Description of customisation
All customisations of all SPS Services will be explored and agreed with the buyer prior to contract. Client themselves are unable to make ad-hoc customisation with SPS' Solutions.

Scaling

Independence of resources
SPS has invested heavily into all its services to ensure the system capacities are built and designed to manage and operate whilst large volumes of users are accessing and using the system.

Analytics

Service usage metrics
Yes
Metrics types
We provide full Management Information reporting. We record detailed information to provide comprehensive qualitative and quantitative MI reporting. Reports are typically periodic and are emailed directly to authorised requesting users.
Reporting types
  • Real-time dashboards
  • Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Other
Other data at rest protection approach
Customer authored Data is encrypted at rest for all cloud services. When hard disks are taken out of service they are demagnetised and destroyed on site. Our sites are accredited annually to ISO27001.
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data can be exported by clients to us in various ways including SFTP or physical media
Data export formats
  • CSV
  • Other
Other data export formats
  • SFTP
  • Physical media
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • PDF
  • XML

Data-in-transit protection

Data protection between buyer and supplier networks
Other
Other protection between networks
This will depend on the agreed transfer method. It can be encrypted or secured in another fashion which will be agreed with the client
Data protection within supplier network
Other
Other protection within supplier network
Supplier-Defined process audited and certified to ITHC standard.

Availability and resilience

Guaranteed availability
SPS meets target service levels set at between 99.6% and 100%. We can provide details of SLA and service level credits are agreed with clients on a case by case basis.
Approach to resilience
Available on request
Outage reporting
Email alerts from the SPS Support Team.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Username and password as well as authorisation levels are assigned to all users of the system.Allowing users with higher level of authority to access management interfaces and support channels
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
SGS
ISO/IEC 27001 accreditation date
16/09/2016
What the ISO/IEC 27001 doesn’t cover
Information Security relating to hardware, Software, LAN and WAN management, documentation including paper based and digital Customer communications for client facing information, client owned and supplied information and internal processing facilities relating to the provision of central mail rooms including customer locations, document processing centres and head office activities.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
SPS policies and processes are in line with ISO 27001 accreditation. SPS security policies include;
- Information Security Policy
- Data Protection Policy
- Encryption policy
- Password Policy
- Physical Security policy
- Incident Management and improvement process

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
SPS’ approach to Solution configuration and Risk management is built on recognised principles of change management and is again closely aligned with the principles of PRINCE2. SPS’ risk assessment and change management process ensures that there are regular reviews of any potential risks during the development pipeline of the solution and at the very least a one-time review of risks associated with any changes made to the solution throughout its lifetime. From this review, necessary preventive and / or contingency actions will be identified and passed to detailed work planning, including an update of the solution pipeline.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The compliance team within SPS are responsible for the internal auditing of all processes and procedures. This includes undertaking with our information security manager information security risk assessments and risk treatment plans, looking at all critical assets and processes, alongside a Business Impact Assessment and BC Risk Assessment a Business, looking at critical business systems and processes. This is all then followed up by internal and external audits covering all parts of the certificated standards to ensure that SPS is working to their own internal processes and controls and we are able to maintain 9001, 14001, 27001 certifications.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
The respective asset owners are responsible for arranging for the controls to be implemented effectively; this would typically include defining the controls in policies and/or procedures, so that they can become part of everyday business practice. Asset owners are responsible also for the management of any risks which are not specifically addressed in the Risk Assessment. The SPS Risk Assessment and Risk Treatment plan document is structured by using the Asset List to identify the threats to each asset. Each threat and consequent risk is quantified. We further analyse this information for all significant risks and their respective controls.
Incident management type
Supplier-defined controls
Incident management approach
SPS' procedure provides guidance on the handling of security incidents, breaches or suspected incidents and breaches.This policy applies to all SPS systems and sites and to all SPS staff, temps, contractors and third parties working on behalf of SPS. Once the incident has been identified and contained, efforts can then be focused on finding an appropriate solution. The fundamental features of any solution should be investigation, action and follow-up/record-keeping; the order in which they are implemented depends upon the nature of the incident.
The Services Director, assisted by the Compliance manager, will initiate the appropriate investigation.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£650 a unit
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid.team@spsglobal.com. Tell them what format you need. It will help if you say what assistive technology you use.