Events Management Service
Cloud hosted event management system with admin interface and customer facing front-end
Features
- Events admin system tailore to event types
- Customer front-end tailored to event types
- Supports multiple event types
- Search and discovery of events
- Event booking
- Cloud hosting
Benefits
- Resilient, scalable and cost effective fully managed hosting service
- Eliminates need to develop events system
- Mobile responsive interface offering intuitive experience
- Higher customer satisfaction
- Streamline events management process
- Syndicate events across other websites
Pricing
£515 a person a day
- Education pricing available
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at tenders@stormid.com.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 11
Service ID
3 9 9 6 7 9 5 0 0 7 7 0 7 9 3
Contact
Storm ID
Business Development
Telephone: 0131 561 1250
Email: tenders@stormid.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- No service constraints.
- System requirements
- No specific requirements
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
-
Response times are categorised by service request priority: Urgent: 1 hour; High: 4 hours; Medium: 8 hours; Low: 16 hours.
Response times at weekends, public and bank holidays are negotiated separately. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Response times are categorised by service request priority: Urgent: 1 hour; High: 4 hours; Medium: 8 hours; Low: 16 hours.
P1 - Urgent: Complete loss of an entire service for all users or severe degradation resulting in inability to function;
P2 - High: Service functioning improperly resulting in some loss of service/system failure removing service from a number of users;
P3 - Medium: Service functioning at less than optimal performance/system problem impacting but not removing service, resolve minor bugs/site errors;
P4 - Low: Change requests.
Support services are tailored to each client and charges reflect the level of service required to support the service. Standard hourly rate is £105. A discounted rate of £95 can be had for bank of hours bought in advance.
Storm ID provide a Technical Account Manager backed up by a WebOps Team. Support can be accessed via an online ticketing system, email or phone. Enhanced support (outside office hours and at peak service use) is available optionally. Monitoring systems and alerts will be implemented with regular reports provided on service performance and support used. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
To support customers use the service we offer a tailored training programme which can be delivered onsite or here at Storm.
Training documentation is provided and is often tailored to reflect the customers unique set-up.
A telephone support service is available free of charge to those who have attended to training. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Data is extracted by logging a support request via Storm's support ticketing website service Assembla or by making request to extract through their Account Manager.
- End-of-contract process
- Included within the price of the contact will be the decommissioning of all services and the supply of the application source code.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The admin functionality is optimised for desktop and tablet while the user interface for citizen access will be accessible on all devices.
- Service interface
- Yes
- Description of service interface
- .
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- .
- API
- Yes
- What users can and can't do using the API
- Users can use the API to syndicate events to other websites
- API documentation
- Yes
- API documentation formats
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Buyers can customise the events admin interface and the customer facing front-end
Scaling
- Independence of resources
- Virtualisation technology is used to ensure applications and users sharing the same infrastructure are kept apart.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Using tools such as web analytics and other data sources Storm ID’s Performance team monitors and measures service performance to recommend where improvements to the service can be made.
These recommendations are reviewed with our clients to determine options for continued improvement. - Reporting types
- Regular reports
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- EU-US Privacy Shield agreement locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Data is exported from the application on request via the Storm ID Service Account Manager.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
-
Storm guarantee that our hosted Events service will be available 99.95% of the time. We guarantee at least 99.99% of the time customers will have connectivity between Microsoft Azure SQL Database and the Internet gateway.
We acknowledge that if the service levels fall below the quality we commit to then penalties will be incurred to compensate clients and drive service improvement.
Financial penalties and service credits and their calculation will be agreed as part of the call-off agreement with the specific customer together with the terms and conditions and KPIs for the service. - Approach to resilience
- Available on request.
- Outage reporting
- Email alerts.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Limited access network (for example PSN)
- Access restrictions in management interfaces and support channels
- Available on request
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- 2-factor authentication
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
- Cyber Essentials
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- Storm are working towards ISO/IEC 27001:2013 (ISO 27001) which is the international standard that describes best practice for an information security management system (ISMS).
- Information security policies and processes
-
It is the policy of Storm ID to ensure that Information will be protected from a loss of:
Confidentiality: so that information is accessible only to authorised individuals.
Integrity: safeguarding the accuracy and completeness of information and processing methods.
Availability: that authorised users have access to relevant information when required.
The Operations Director and their team review and make recommendations on the security policy, policy standards, directives, procedures, incident management and security awareness education.
Regulatory, legislative and contractual requirements are incorporated into the Information Security Policy, processes and procedures.
The requirements of the Information Security Policy, processes, and procedures are be incorporated into the Storm’s operational procedures and contractual arrangements.
Storm ID is working towards implementing the ISO27000 standards, the International Standards for Information Security.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Change management processes are employed to evaluate, control and minimise risks and costs, and to maintain the standards and quality criteria planned during project delivery
Extensive documentation of the service is maintained to ensure knowledge sharing and continuity of service into Production.
Storm ID employs a self-documenting approach to writing code and supplements this, where appropriate, with technical and user guides.
We do this in order to ensure that skills and knowledge are transferred to Storm ID’s operations and support staff to enable them to efficiently deliver ongoing support and maintenance services, in accordance with agreed SLAs. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Vulnerability management is handled by our WSUS management and security bulletin subscriptions, which notify us of new threats. Where necessary, manual patches are deployed.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- We use 3rd party 'always-on' site monitoring services to detect any potential issues with service. We use site/server logging features, enabled in the Azure service portal, to subsequently search for any malicious activity on the site. We respond within 1hr to urgent issues .
- Incident management type
- Supplier-defined controls
- Incident management approach
- Storm ID has a pre-defined process for managing common incident events. All suspected security events are reported to the Operations Director by email, telephone or in person. The Operations Director will log the incident and notify the service owner and Storm ID Support Team. The Operations Director will provide incident reports in line with incident communication strategy.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £515 a person a day
- Discount for educational organisations
- Yes
- Free trial available
- No
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at tenders@stormid.com.
Tell them what format you need. It will help if you say what assistive technology you use.