Robotic Process Automation

HGS automation services enables Non-Invasive technology to automate multiple online form and manual transactions and repetitive tasks thus improving efficiency and effectiveness of process. HGS evaluate your current systems and deploy solutions that then enables teams to focus resource back to value-added work while automation takes care of repetitive tasks.


  • Non Invasive technology no requirement for back-office integration through APIs
  • Seamlessly uses client’s existing end-user interfaces and enterprise applications
  • Acts autonomously to use and orchestrate any application
  • Technologically-agnostic solutions, works well in rule based, data intensive processes
  • Applicable across multiple domains and industry verticals
  • Brings inherent data protections, transactional integrity across systems
  • Undertake structured, repeatable, computer based tasks, Perform complex decisions
  • Clear audit trails and other system management functions
  • Access more than one system to complete a process
  • Do information search, collation or updating, Use workflow enabled interaction


  • Significant Cost Reduction in Process Management Tasks
  • Enhanced Efficiency & Customer Experience
  • Reduction in Average Handle Time (Speed)
  • Increase in Right First Time Process Tasks (Accuracy)
  • Increase in Employee Productivity
  • Reduced Training Timeline
  • Increase in compliance for completed processes
  • Higher CSAT Scores with Faster Resolution
  • Non-Invasive technology which works to bring together different system
  • Test systems can be deployed to provide proof of concept


£500 to £4000 per unit

  • Free trial available

Service documents

G-Cloud 9



Rob Irons

07827 940800


Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to It varies by the model we go with. Our RPA software can work both independently or along with other services
Cloud deployment model Private cloud
Service constraints We will build a high available cloud
System requirements
  • Our RPA license will have version updates
  • The base platform of RPA runs on windows system
  • And will have the required standard updates

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Within 4 hours
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels To be Edited
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Depending on the approach or the business model that we go with training may or may not be applicable. We can provide onsite, online or offsite training along with user documentation

Once the solution is created if the client wishes to run the bot from their end then a control room training will be provided so the bots can be run at the client end. Appropriate documentation and training will be provided
Service documentation Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
  • PPT
  • Word
End-of-contract data extraction The software does not store any data and any data used will be at the client server and respective applications. The software is only a conduit to process the data and action the tasks. Thus there is no data extraction which is required at the end of contract
End-of-contract process Any software is removed. There is no change to customers original configuration.

Using the service

Using the service
Web browser interface No
Application to install No
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility RPA is a back office system and not web based deployed in a non invasive way with client systems.
Accessibility testing RPA does not have a specific user interface and is used to mirror users habits rather than interact resulting in no requirement to test with assistive technology.
Customisation available No


Independence of resources Each service is independent and will have different licenses and hence no conflict should arise when the demand peaks up with other users


Service usage metrics Yes
Metrics types - Time taken by the bot to process the cases
- Cases processed / exception
Reporting types Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach This is not applicable for our solution
Data export formats Other
Other data export formats Export data is not applicable
Data import formats Other
Other data import formats Not Applicable

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability We build high availability solutions with 99.99% between data centers within UK
Approach to resilience Its will be made avaialble on request
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication 2-factor authentication
Access restrictions in management interfaces and support channels We provide dedicated/seggregated network for business teams
Access restriction testing frequency At least every 6 months
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users receive audit information on a regular basis
How long user audit data is stored for User-defined
Access to supplier activity audit information Users receive audit information on a regular basis
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 TUV Rheinland
ISO/IEC 27001 accreditation date 02/05/2014
What the ISO/IEC 27001 doesn’t cover N/A
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes HGS Head of Security reports directly to the UK CEO. They are responsible for:
• Management oversight and direction for both physical and logical aspects of security, including information security;
• Coordinating and directing HGS UK’s entire security framework, including the information security controls at all HGS UK locations mediated through the Local Security Committees (see below) ;
• Commissioning or preparing information security policy statements, ensuring their compliance with the principles and axioms approved by the Executive Directors, and formally approving them for use throughout HGS UK;
• Periodically reviewing the security policy statements to ensure the efficiency and effectiveness of the information security controls infrastructure as a whole, recommending improvements wherever necessary;
• Identifying significant trends and changes to HGS UK’s information security risks and, where appropriate, proposing changes to the controls framework and/or policies for example by sponsoring major strategic initiatives to enhance information security;
• Reviewing serious security incidents and, where appropriate, recommending strategic improvements to address any underlying root causes;
• Periodically reporting on the status of the security controls infrastructure to the Executive Directors, and liaising as necessary with the Risk Management and Audit Committees .

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach All changes to IT and systems infrastructure are project managed an have to be assessed, and cleared by the HGS UK security council. This group meets once a week to discuss changes, assign project leads and provide feedback to operations on the deployment of new service solutions. All meetings are recorded with any identified risks fed back to UK Board.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach HGS UK employs Tenable Nessus Vulnerability Scanning solution for identifying potential vulnerabilities against the known vectors in the relevant space. These vulnerabilities are managed for Microsoft platforms through WSUS, while for other software, hardware & firmware, relevant patches, and best practices are implemented manually. HGS’ Change Management Procedure controls the vulnerability fixes deployment. On the Microsoft platform, patches are usually rolled out to the test bed workstations/servers within 1 week of patch release by the vendor. After 1-2 weeks of successful testing of the same on the test bed, the same is rolled out to the production workstations/servers.
Protective monitoring type Supplier-defined controls
Protective monitoring approach HGS UK employs LogRhythm SIEM Appliance for log collation from various critical devices & login servers. The correlation between the logs of such devices and the logs of WSUS, Nessus Vulnerability Scanner, Sophos Antivirus Console gives HGS UK's SOC team a 360 degree view of the security threat level which is constantly monitored (365/24/7) for any activity spikes which may be the cause for any alarms, which allows the IT team to take necessary action to prevent any potential InfoSec threats.
Incident management type Supplier-defined controls
Incident management approach HGS’ Incident Management process follows ITIL v3 and provides a robust mechanism for users to raise incidents against services we provide. Incidents are raised via email, phone or system alerts which are then handled by the HGS team through the various levels. Feedback on incidents are provided via email or via a RCA if it was classified as a major incident.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £500 to £4000 per unit
Discount for educational organisations No
Free trial available Yes
Description of free trial Depending on the opportunity a proof of concept can be offered for free and this would include the consulting and development costs for a period of one month


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑