This G-Cloud 9 service is no longer available to buy.

The G-Cloud 9 framework expired on Monday 1 October 2018. Any existing contracts with LUCANET (UK) LIMITED are still valid.
LUCANET (UK) LIMITED

LucaNet Financial Management

Planning, Budgeting, Forecasting and Consolidation software in a Cloud environment.

Features

  • Consolidated P&L, balance sheet, cash flow statement and disclosure
  • Consolidated financial statements to any accounting standards
  • Present multiple views of your organisation structure(s)
  • Pre-built, standard financial data warehouse
  • Complete integration of consolidation, planning and business process
  • Present multiple views of your organisation structure(s)
  • Foreign currencies and group currencies
  • Expense and revenue consolidation, consolidation of debts
  • Cash flow statement on company and group level
  • Complete Excel integration

Benefits

  • Multilingual
  • Dimensional analysis of your financial information
  • Certified. Software pursuant to Institute of Auditors AG
  • Relevant. Data can be imported at push of a button
  • Flexible. Model structures can be adapted to individual requirements
  • Transparent. Values can be traced to document level
  • Integrated. Consolidate actual and planning figures in same model
  • Comprehensive opportunities for comparison and charts
  • Management cockpit

Pricing

£22 to £92 a user a month

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at <removed>@b5c534b1-8397-41fd-8ef5-cde7f20c1909.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 9

Service ID

3 7 1 8 1 0 6 0 2 5 9 0 0 2 2

Contact

LUCANET (UK) LIMITED <removed>
Telephone: <removed>
Email: <removed>@b5c534b1-8397-41fd-8ef5-cde7f20c1909.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
No constraints
System requirements
Any currently supported browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
A range of SLA agreements are available.
Support hours are typically 9:00-17:30
Weekend coverage by contract or requested arrangement

Weekday support is included as part of agreement

Initial response times vary from 2 hours, 4 hours and 1 day depending on the level of service contracted.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Chat is typically resolved into an interactive web session with our support team. Working cooperatively, and by sharing screens support an the client work interactively together to resolve any issues.
Web chat accessibility testing
Unknown
Onsite support
Yes, at extra cost
Support levels
Support levels are the same for all customers, the only difference is any contract to provide extended hours, or weekend working.

We provide a technical account manager to support calls

Standard hours support is included in the cloud fee, extra hours, days etc are by agreement.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
OnSite training and user documentation are all provided.

The system also has inbuilt help to guide the user to daily tasks, for to provide additional information as necessary. The documentation can be customized by the users.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
The core database is a SQL Server relational model.

Any person with the appropriate SQL skills can write extraction routines, or use reporting writing tools and export to CSV.
End-of-contract process
The contract ends at the end of the agreed period. We will assist in the extraction or the data, this as described previously is a simple task.

We can then either delete the database, or if contracted retain the data for access for a period. No updates will be allowed but the data is there for query and reporting. A fee will be agreed and charged on a monthly basis for this service.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Access from a mobile device is identical to access from a desktop device. In reality the volume of information being displayed requires a laptop, desktop or 'Pad' device.

Large screen phones can work in full screen mode.

We do not have a specific 'App' which uses use.
Accessibility standards
None or don’t know
Description of accessibility
???????
Accessibility testing
???????
API
No
Customisation available
Yes
Description of customisation
All aspects of the data displayed, the input forms, the report layouts etc can all be customised.

Reporting is 'Open', users can use any XMLA compliant took to retrieve data and report. Database is SQL Server, as such it can be customised

The system administration deals with data structure matters, the user can change the look and feel

Scaling

Independence of resources
On the Scale page of the Azure Hosted classic portal, you can configure automatic scale settings for your web role or worker role. Alternatively, you can configure manual scaling instead of rules-based automatic scaling. You can scale an application only within the limit of cores for your subscription.

Our configuration will provide some 'headroom' based on normal usage, the above 'scaling' will provide for unusual circumstances. Beyond that, its like a change of requirements is occurring, in which case extra Cloud capacity can be purchased.

Analytics

Service usage metrics
Yes
Metrics types
The systems hold a log of the user activity (LogIn, LogOut).
This information can be reported.
We do not provide real-time dashboards as standard but they system has the data available for presentation.
Reporting types
Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
During daily operations the LucaNet environment invites users to export some of all of the data they are working with. Its simply a matter of selecting the export data button.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • Excel
Data import formats
  • CSV
  • Other
Other data import formats
  • Excel
  • Access
  • SQL Server table

Data-in-transit protection

Data protection between buyer and supplier networks
Private network or public sector network
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Azure offers 99.9% availability or higher across dozens of different elements of its Cloud service.

We/they do not offer a refund policy
Approach to resilience
Microsoft will disclose this information on request.

Azure operates in multiple geographies around the world. An Azure geography is a defined area of the world that contains at least one Azure Region. An Azure region is an area within a geography containing one or more datacenters.+

Each Azure region is paired with another region within the same geography, together making a regional pair.
Outage reporting
A public dashboard. it can be accessed here

https://azure.microsoft.com/en-gb/status/

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Use of Active Directory, and as needed additional hardware (Dongle) or software
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Standards Institute
ISO/IEC 27001 accreditation date
1st July 2016
What the ISO/IEC 27001 doesn’t cover
Full details for your self assessment can be found here

https://gallery.technet.microsoft.com/Azure-ISOIEC-27017-71fd9976
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
29 Sep 2016
CSA STAR certification level
Level 3: CSA STAR Certification
What the CSA STAR doesn’t cover
Full details can be found here

https://downloads.cloudsecurityalliance.org/star/certification/STAR-658377-Microsoft-Azure.pdf
PCI certification
Yes
Who accredited the PCI DSS certification
Unknown
PCI DSS accreditation date
Unknown
What the PCI DSS doesn’t cover
Full details here

https://gallery.technet.microsoft.com/Azure-PCI-Attestation-of-d9a87962/file/171091/1/Azure%20PCI%20DSS%20AoC%20FY2016%20Package%20.zip
Other security accreditations
No

Security governance

Named board-level person responsible for service security
No
Security governance accreditation
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Microsoft also complies with both international and industry-specific compliance standards and participates in rigorous third-party audits that verify our security controls. The internal procedures are not available for inclusion.

The guiding principle of our security strategy is to “assume breach.” The Microsoft global incident response team works around the clock to mitigate the effects of any attack against our cloud services. And security is built into Microsoft business products and cloud services from the ground up, starting with the Security Development Lifecycle, a mandatory development process that embeds security requirements into every phase of the development process.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
https://gallery.technet.microsoft.com/14-Cloud-Security-Controls-670292c1/file/159108/2/Azure%20UK%20Governments%20-%2014%20compliance%20controls.pdf
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
This document addresses vulnerability assessment recommendations that applicable to Virtual Machines running in Azure.

https://docs.microsoft.com/en-us/azure/security-center/security-center-vulnerability-assessment-recommendations
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Full details can be found here

https://enterprise.microsoft.com/en-gb/articles/roles/it-leader/meeting-governments-14-cloud-security-principles/
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Full details can be found here

https://gallery.technet.microsoft.com/Azure-Security-Response-in-dd18c678

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • Public Services Network (PSN)
  • New NHS Network (N3)
  • Joint Academic Network (JANET)

Pricing

Price
£22 to £92 a user a month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Fully functional product included

Customization not included

30 days trial

Documents

Pricing document
Pricing document
Skills Framework for the Information Age rate card
Skills Framework for the Information Age rate card
Service definition document
Service definition document
Terms and conditions document
Terms and conditions document

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at <removed>@b5c534b1-8397-41fd-8ef5-cde7f20c1909.com. Tell them what format you need. It will help if you say what assistive technology you use.