Capita Business Services Limited

Hosted UNIT 4 Business World ON!

Unit4 works with Public sector organisations worldwide. Unit4 can manage your entire services operation in a single, integrated, cloud ERP suite. Our solutions are designed around the people who use them, they're quick to roll out, a joy to work with, fast to deliver real benefits and easy to change.


  • Full coverage of ERP for Public Sector and Education Sector
  • Full suite of Student Management Solutions
  • Mobile Applications available
  • Support for Collaboration
  • Comprehensive Integration capabilities
  • Securely Accessible from anywhere
  • Industry Good Practice Business Processes
  • Capita IT Services, a Capita Company
  • Integrated Reporting Tools
  • Agresso UNIT4


  • Total Low Cost of Ownership
  • Capita IT Services, a Capita Company
  • Ability to adapt to Business Change
  • Sector Specific Functionality
  • Upgrade Elasticity
  • Ease of Access
  • Change when you change
  • Public Private Cloud options


£7.43 to £207.00 per person per month

Service documents


G-Cloud 11

Service ID

4 1 1 4 4 5 2 3 0 5 6 0 7 0 9


Capita Business Services Limited

Capita Business Services Ltd


Service scope

Software add-on or extension
Cloud deployment model
Hybrid cloud
Service constraints
Dependent on customer requirements which will define the solution provided.
System requirements
  • Implementation will be coordinated by a Capita IT Services TDA
  • Connectivity to our secure private network.
  • Options for connectivity to PSN/N3/HSCN networks are also available
  • Please see Service Definition for further details.

User support

Email or online ticketing support
Email or online ticketing
Support response times
Targets are measured and reported monthly across the entire hosting platform
Calls answered within 20 seconds >=80%
Calls answered within 60 seconds >=90%

P1 Incidents, response within 30 mins, 95% resolved within 4 working hours.
P2 Incidents, response within 60 mins, 95% resolved within 8 working hours.
P3 Incidents, response within 4hours, 95% resolved within 8 working hours.
P4 Incidents, response within 4 hours, 95% resolved within 3 working days.

Incident management, escalations and emergency operations are described further in our Service Definition Document.
User can manage status and priority of support tickets
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Onsite support
Yes, at extra cost
Support levels
Unit4 Customer Support is the single point of contact for all Service issues regardless of type of issue. Unit4 Support and Operations activities: • Deploy solution updates. • Management and maintenance of all infrastructure. • Network connectivity of Unit4 SaaS to public internet. • Back-up and disaster recovery. • Security of application operating environment and infrastructure. • Monitoring of application and infrastructure. • Performance tuning. • Trouble-shooting and resolving issues, both customer-initiated and those raised by monitoring alerts. • Database copy between environments upon request, e.g. Production to Preview. Unit4 provided a Fully Managed ERP Solution hosted as a SaaS Service on the Microsoft Azure Cloud. Incident logging and escalation for Unit4 Cloud is carried out through the Unit4 UK service desk and can be done via telephone (9am – 5pm) email or customer support portal both of which are available 24 hours per day. Incidents will be logged by the customer suitable trained named individuals who will set a priority based upon system and business variables. Once logged unit 4 will progress these to resolution within the target response and resolution times for the given SLA. An Account Manager is provided for all Unit4 Customers.
Support available to third parties

Onboarding and offboarding

Getting started
Training can be provided as a mix of “Train the Trainer” and eLearning techniques. Unit4 will ensure a customer’s super users are provided with sufficient training to be able to conduct a detailed User Acceptance Testing session, and have a thorough understanding of all aspects of the solution including the relevant knowledge for creating user defined reports. The Unit4 training will also ensure that customers have sufficient capabilities to support their own System Administration going forward into and beyond Go-live. This training will be a combination of hands on and classroom/elearning training for project team. There is also functionality with in the product to assist in supporting end users such as the Knowly experience pack which allows both Super users and Individuals to make notes on tasks and actions on specific screens. System documentation is supplied in pdf format in line with government open document standards.
Service documentation
Documentation formats
End-of-contract data extraction
Upon final exit Unit4 will export the final copy of the Production Database to a Unit4 controlled Azure storage location. The export will be in a format usable with the latest version of Microsoft SQL Server. Customers can manually download this export from this location. Unit 4 will maintain a secure read only copy of the Authorities production environment including database for a period on 1 month post exit, this copy will then be deleted unless the Authority informs Unit4 otherwise. Customer responsibilities for this additional service offering include: • Customer access responsibility – control who has permission to download the export • Ensuring data privacy during and after download • Establishing, monitoring and managing the download process • Restoring or importing the export once downloaded • Licensing, operating and installing in the customer’s IT infrastructure any applications that will be used in the retrieval process and subsequent use of the export
End-of-contract process
Upon any termination of the Agreement Unit4 shall, provided that it has received a request in writing from the Customer no less than 3 months prior to the scheduled termination date, continue to provide the Software Service to Customer under the same terms for a transitional period of up to six (6) months. Access to the Software Service during the Transition Period will be subject to the fees set out in the applicable Call Off Agreement, prorated on a monthly basis and payable in advance, based on the annual fees charged to Customer for the Software Service during the twelve month period immediately preceding the termination date plus an additional ten percent (10%). During the Transition Period, Unit4 will provide cooperation and assistance as Customer may reasonably request to support an orderly transition to another provider of similar software, services, or to Customer’s internal operations. Such cooperation and assistance will be limited to consulting regarding the Software Service and will be subject to a fee based on Unit4’s then-current rates for Professional Services and such services will be set out in a Call Off Agreement.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 10
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices
Differences between the mobile and desktop service
Mobile service accessed through propriety apps or HTML5 rendered browser. Limited number of transactions still require full desktop client typically high volume transactions.
Service interface
What users can and can't do using the API
Unit4 Business World Web Services provide a way of processing data, in a secure manner adhering to modern industry standards, but requiring some technical expertise. Unit4 Business World Web Services include options to create and maintain Absences, Applicants, Employee balances, Commitment transactions, Customer master maintenance, Document archive, Employments, HR maintenance, Masters and Attributes, Payroll transactions, Planner transactions, Position master file, Project master file, Rates register, Resource master file, Supplier master maintenance, Timesheets, Travel expenses, User status and maintenance, Value Reference Rates, Workflow. Where a Web Service is not yet exposed, ACT (Customisation Tool can often be used to modify or expose new Web Services. Within Unit4 Student Management, Unit4 recognises that there will always be a need to interface to other systems including learner management and financial management systems and there is a rich web services API layer to provide full Integration with third-party applications with minimal IT support. The API provides the ability to get or insert/update/delete any data element and can invoke actions (e.g. run a report, send an email etc).
API documentation
API documentation formats
  • PDF
  • Other
API sandbox or test environment
Customisation available
Description of customisation
Unit4 products are highly configurable through the application itself, so very few of our customers find a need to customise the solution. ACT is a customisation tool that is only available to Unit4 Integration consultants to increase the functionality of Unit4 products.


Independence of resources
In Unit4 Cloud, processing resources are shared, but Unit4 monitors and leverages elastic resourcing to ensure all get sufficient to meet the SLAs, and to handle activity peaks. Azure provides the first level of network separation, upon which Unit4 adds further isolation using VNETs. In a Dedicated service model a dedicated VNET is provided so all available network bandwidth is dedicated to a single customer. Unit4 customers always have a dedicated database to ensure data separation. In a dedicated cloud processing resources are also dedicated to a single customer, and an option of VPN and ExpressRoute connectivity.


Service usage metrics
Metrics types
Please see Service Definition Document
Reporting types
Regular reports


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
UNIT4 Agresso

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
User can export their data in a variety of formats including .xls, .csv, or xml.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • XML
  • Direct to .XLS
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • .XML
  • Direct from .XLS

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Unit4’s service availability commitment for any given calendar month is that the Production Service will be available at least 99.8% of the time. Service Availability is calculated per month as follows: Total time - Service Outage divided by total time times 100 = greater than 99.8% “Service Outage” means the time (in minutes) that the Production Service is unavailable (as measured in accordance with this Section A, paragraph 1) in any month, but excludes any unavailability for those reasons set out below under the heading “Exclusions”; “Total Time” means the total number of minutes in any month; Exclusions Unit4’s service availability commitment excludes any unavailability for the following reasons: • Planned Maintenance; • Unplanned Preventative Maintenance; • failure of any circuits or connections provided by third party telecommunication providers or common carriers; • failure of any external internet service provider or an internet exchange point; • acts or omissions of the Customer or any Users permitted to access the Production Service; • behaviour of Customer applications, equipment or managed operating systems; • Force Majeure events (as described in the SMA).
Approach to resilience
Please see Service Definition Document
Outage reporting
Notified by Service Desk / Auto Alert notifications

Identity and authentication

User authentication needed
User authentication
Other user authentication
User authorisation process will be established and followed as part of service take-on.
Access restrictions in management interfaces and support channels
Access to administrator functions are restricted, only being available to those individuals that have been granted permissions.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
Anything NOT mentioned here: Information Security relating to hardware, software, networking, paper documentation, personnel and supporting media for client facing information, client owned and supplied information, remote access, internal and data processing facilities. The management of 3rd Party Service Providers. In accordance with the Statement of Applicability version 4.0.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Who accredited the PCI DSS certification
We maintain and host PCI DSS compliant solutions
PCI DSS accreditation date
What the PCI DSS doesn’t cover
Other security certifications
Any other security certifications
  • Cyber Essentials
  • N3
  • PSN
  • ISO22301 (Continuity and Data Recovery)

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Please engage Capita IT Services for full details of our approach to Security Governance and Policies.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Please engage Capita IT Services for full details of our approach to Change Management.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Please engage with Capita IT Services for full details of our Vulnerability Management processes.
Protective monitoring type
Protective monitoring approach
Please engage with Capita IT Services for full details of our Protective Monitoring process.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Please engage with Capita IT Services for full details of our Incident Management Process.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Connected networks
  • Public Services Network (PSN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)


£7.43 to £207.00 per person per month
Discount for educational organisations
Free trial available

Service documents

Return to top ↑