Method Apps Limited

Method Grid

Method Grid is a methodology, project and process platform that enables collaborative capture, sharing and continuous-improvement of structured operating procedures, service methodologies and repeatable best-practice. The developed resources serve as both a centralised knowledge management resource and a process/project engagement tracking and QA solution.

See for more information.


  • Methodology Platform
  • Methodology framework and content management builder
  • Clone master methodology frameworks into specific workflow instances
  • Multiple content areas available (text, images, videos, files, links etc.)
  • Free pre-loaded methodology frameworks and templates
  • Collaborative chat and @mention notifications (user configurable)
  • Checklist functionality and workflow progress tracking
  • Configurable library folder structure (and access control)
  • Content labelling, filtering and search (of process library)
  • Integration with leading file/collaboration services (SharePoint, Google etc.)


  • Deliver services more consistently
  • Enhance staff productivity
  • Facilitates knowledge-based staff collaboration
  • Effective staff on-boarding and dynamic training resource provision
  • Facilitates managerial workflow tracking and QA
  • Supports oversight and assurance of regulatory/standard practices
  • Builds (structured) value into intellectual property (IP)
  • Imposes structure on 'messy' process areas ("makes the complex simple")
  • User configurable access control enabling sub-team collaboration


£4 to £10 per person per month

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

3 4 9 3 5 6 0 3 9 6 0 5 4 3 1


Method Apps Limited

Dom Moorhouse


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints No constraints
System requirements
  • Internet browser
  • Internet connection

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Within two hours on weekdays (0900-1700hrs) and same day during weekends.
User can manage status and priority of support tickets No
Phone support No
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible We aim to adhere to the WCAG 2.0 accessibility guidelines. Our code is written so that the chatbox is navigable by keyboard using screen reader software.
Web chat accessibility testing No testing
Onsite support Yes, at extra cost
Support levels We provide three levels of initial proof-of-concept trials and implementation support:

(1) "Launch": Facilitated online with client account leads (one-hour); free of charge

(2) "Initiate": Facilitation of 2-3 day collaborative workshops with senior users (typically 1-10) at their premises to support initial methodology design/capture, super-user training and to configure implementation and adoption plans. Bespoke cost contingent on duration/size.

(3) "Capability Build": Experienced member(s) from our GRIDteam will lead a structured support and capability-development engagement (typically 4-6 weeks) at your premises. This involves collaborative working with your IP/KM leads - working to a structured client requirement/plan.

We provide three levels of ongoing user support (all priced as an integral part of the subscription service):

(1) Tier 01. Knowledge database covering all aspects of Method Grid features and configuration (FAQ, video tutorials etc.) available as a self-service resource.

(2) Tier 02. Helpdesk (email/webchat) covering unaddressed functionality questions, performance issues and/or unexpected application behaviour (see Helpdesk response).

(3) Tier 03. Account Management support. Accounts with 100+ users are provided a dedicated support/account manager.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The solution is designed to very intuitive to use. New users are supported by a detailed FAQ and video tutorial knowledge base as well as some light-hearted gamification (users achieve badges for working their way through the available feature set - surprisingly popular with business users!). In addition, our Tier 1 support includes a same-day response support ticket and in-app chat bot.

For larger installations, we offer onsite and online 'super user' training (typically run as four 1.5 hour modules).
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Users have the ability to self-service export data via an export function. This produces a Microsoft Excel (.xlsx) file that preserves content structure along with a zip file of all uploaded content.

Additionally, our support team can be contacted for data extracts in additional formats.
End-of-contract process At the end of the contract, user access simply ceases but account content is retained for twelve months to facilitate any subsequent account resuscitation.

The software-as-a-service (SaaS) contract - typically invoiced annually - subsumes all user subscription licence and service support costs.

There are no additional end of contract costs.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The service is fully responsive on mobile; however, we recommend mobile for the primary use of the service (accessing content, procedure/activity tracking etc.) rather than the capture, editing and maintenance of content.
Service interface No
What users can and can't do using the API Whilst there is not a proprietary API for Method Grid, we do currently offer webhook automation into common collaborative chat apps (Slack, Google Chat, Microsoft Teams) and have development plans for future such third-party APIs as well as our own proprietary API.
API documentation No
API sandbox or test environment No
Customisation available Yes
Description of customisation The service is inherently customisable in so much as it is a platform for the bespoke capture of structured operating procedures, service methodologies and repeatable best-practice.

In addition, users can configure the look-and-feel (logos and colour palette), system APIs and notifications settings. This is all done from within the service "Settings" area.

Administrators can customise system-wide settings allowing all users the ability to configure individual user experience (e.g. notification settings).


Independence of resources We have a dedicated account management team/capability. This team/capability scales according to our user growth. We anticipate having a dedicated G-Cloud 11 lead in our support team to ensure this framework is always given due prominence and service attention.


Service usage metrics Yes
Metrics types We provide basic user access metrics (e.g. days since last login). There are plans to further enhance such usage metric reporting.
Reporting types Real-time dashboards


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach The service includes an export function at a grid (content unit) level - accessible to all users. This creates an Excel file preserving the logical structure of a user's data and data links along with all associated files.

Additional export formats are available on request.
Data export formats Other
Other data export formats Microsoft Excel (.xlsx)
Data import formats Other

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability We outsource our servers and rely on third party SLA's for availability. We currently use Digital Ocean, but are planning a migration to Amazon Web Services before Q4 2019.

In the past two years, we have had 10 minutes of unplanned downtime giving us an uptime of over 99.9%.
Approach to resilience Information available on request.
Outage reporting We determine which customers were/are affected and notify them by regular emails with respect to the issue and mitigation response/timeline. Significant outages (and our mitigating response) will be messaged additionally through our social media channels. Any maintenance related downtime (affecting the whole platform) is scheduled at quiet hours and users are notified well in advance.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Access to management interfaces and support channels are managed by our CTO in the role of super admin. Access is granted based upon business need and reviewed on a monthly basis.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information You control when users can access audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials application in process

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach We use industry standards to operate our data security management. Method grid has its own data security policy which is available on request.
Information security policies and processes We review our security policy twice a year. The information security policy is the responsibility of a Board Level Director.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Code and assets are tracked and versioned in Git.

Releases are versioned and deployed using

Any code changes are reviewed by a member of the development team and released to a staging environment for testing before being released to production.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We assess potential threats using Burp Suite ( and manual penetration testing. We monitor our network for unusual activity and our application is also covered by CloudFlare.

We also receive alerts from NCSC (National Cyber Security Centre) of newly found threats which, if applicable are prioritised into our workflow
Protective monitoring type Supplier-defined controls
Protective monitoring approach We routinely monitor server data and statistics as well as deploying external third-party tools to test our server response time. Any unusual activity is investigated by analysing the server logs such that appropriate resolution action can be decided/acted upon.
Incident management type Supplier-defined controls
Incident management approach Our customer support team respond initially to all incidents that have been reported to us by users. The incident is then passed over to the relevant technical team who prioritise the incident and a configure a resolving plan of action (along with the estimated time frame for a fix to be tested/released). This information is fed back to the reporting user.

Users can report incidents through our application or via a support page.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £4 to £10 per person per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Our full-feature service is available for proof-of-concept evaluation. The term and nature of these trials is contingent on the nature of the users' requirement but typically last for 4-12 weeks. Department-level trial domains are configurable on request.

Service documents

Return to top ↑