Version 1 is experienced in providing flexible grant management solutions to Public Sector organisations. We provide two alternative technical platforms which can be chosen based on the detailed grant management requirements and the clients technical strategy and preferences.
- Advice on best practice
- Business Processes tailored to your requirements
- Full analytics capability
- Comprehensive periodic CRM Health checks
- Reactive support to issues that arise
- Customer Portals
- Efficient reliable grant management service
- Workload management
- Customer self-service
£40.00 per user per month
Version 1 Solutions Limited
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Service constraints||For constraints relating to the underlying Azure platform see- https://docs.microsoft.com/en-gb/azure/ to determine applicable constraints based on buyers requirements.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
1 hour priority calls
4 hour response standard
Can be tailored to customer requirement
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.0 A|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||Yes, at an extra cost|
|Web chat support availability||24 hours, 7 days a week|
|Web chat support accessibility standard||WCAG 2.0 A|
|Web chat accessibility testing||Version 1 uses Skype for our web chat support. The following is a list of devices with supported accessibility features available for Skype on Windows 8 desktop: • Narrator screen reader enables blind people to use their computer or other device as its purpose is to read text on the screen aloud. Skype for Windows desktop and Skype for Windows 8 may also work well with third-party screen readers such as NVDA (free download) and JAWS. • High-contrast settings benefit low vision users and users with little or no color perception as it makes text easier to read. • Magnifier is a feature intended for low vision users as it enlarges the screen and makes text easier to read and images easier to see|
|Onsite support||Yes, at extra cost|
|Support levels||The Managed Service provided by Version 1 is based on our ISO 20000 processes and procedures. The ISO 20000 standard held by Version 1 since July 2011, is aligned to the ITIL service framework and covers standard service processes such as Incident Management, Change Management and Release Management . During on-boarding we can tailor these processes and agree the detail of their implementation, in particular how they integrate with the client’s own internal processes. There is an additional charge for this tailoring which can be incorporated in the on-boarding costs. Version 1 has an ITIL based Service Governance structure in place for each client to ensure SLAs are met and the overall support service is managed in a responsive, customer-focused manner. The focus of the service governance will be a regular Service Management Board or Service Review Meeting attended by key stakeholders. Each managed service client is assigned a service manager to co-ordinate their service provision and ensure customer satisfaction levels are maintained. At Version 1, Continuous Service Improvement as a core element of our Managed Service offering and we incorporate it into the client's Managed Service at the outset of our engagement|
|Support available to third parties||Yes|
Onboarding and offboarding
A critical aspect of any project is the need to conduct comprehensive training for the users in the use of the application. Version 1 is committed to conducting professional training to ensure that users of the system can gain maximum benefit from using it.
Version 1 normally propose a ‘train the trainer’ approach to user training be adopted, integrated with the testing and overall acceptance phase of the project. This requires a difference in approach from standard training courses, as users need to be trained in both the application and in how to pass this on to their colleagues.
A number of “super users” for the system should be nominated by the client and could also be identified through a Training Needs Analysis process
|End-of-contract data extraction||Version 1 will assist with service migration and can provide a data extract in an agreed format.|
|End-of-contract process||The migration work at end-of-contract will be chargeable based on the standard G-Cloud rate card.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||The service is optimised for mobile, desktop and tablet use and there are differences. Core functionality is available across all platforms. See https://support.office.com/en-us/article/Office-Online-browser-support-AD1303E0-A318-47AA-B409-D3A5EB44E452|
|Accessibility standards||WCAG 2.0 A|
|Accessibility testing||For users with disabilities Microsoft have the Disability Answer Desk (DAD), and for enterprise customers with accessibility questions or accessibility related compliance questions they have the enterprise Disability Answer Desk (eDAD). See https://www.microsoft.com/en-us/accessibility/ for more details|
|Description of customisation||Please see https://technet.microsoft.com/en-us/office/dn788774.aspx|
|Independence of resources||Please see http://www.microsoft.com/en-us/download/details.aspx?id=54249|
|Service usage metrics||Yes|
|Metrics types||System Users|
|Supplier type||Reseller providing extra features and support|
|Organisation whose services are being resold||Microsoft|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||
|Other data at rest protection approach||For data at rest, Office 365 deploys BitLocker with AES 256-bit encryption on servers that hold all messaging data, including email and IM conversations, as well as content stored in SharePoint Online and OneDrive for Business. BitLocker volume encryption addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers and disks. Your organization’s files are distributed across multiple Azure Storage containers, each with separate credentials, rather than storing them in a single database.|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Version 1 can provide a data extract in an agreed format|
|Data export formats||
|Other data export formats||See https://products.office.com/en-us/business/office-365-online-data-portability|
|Data import formats||
|Other data import formats||Please see http://fasttrack.microsoft.com/office/onboard/50|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||See Microsoft's Online Service Terms at http://www.microsoftvolumelicensing.com/Downloader.aspx?DocumentId=11745|
|Approach to resilience||Please see https://www.microsoft.com/en-us/cloud-platform/global-datacenters and https://www.microsoft.com/en-us/TrustCenter/|
|Outage reporting||Please see https://azure.microsoft.com/en-us/status/ and https://portal.azure.com/#blade/HubsExtension/ServicesHealthBlade|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
Office 365 comes with a set of administrator roles that you can assign to users in your organization. Each admin role maps to common business functions, and gives those people permissions to do specific tasks the Office 365 admin center.
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||Between 6 months and 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||Between 6 months and 12 months|
|How long system logs are stored for||Between 6 months and 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||Certification Europe|
|ISO/IEC 27001 accreditation date||29/07/2015|
|What the ISO/IEC 27001 doesn’t cover||The scope of the certification covers all Version 1 Managed Service activities|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||No|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
Version 1 recognise that the relationship between information security and IT service management is so close that we implemented an Integrated Management System (IMS) that has been certified to ISO 27001:2013 and ISO 20000-1:2011 with matching scopes.
The Version 1 IMS is based on the guidance provided in the International Standard for the Corporate Governance of IT (ISO/IEC 38500) and the International Standard for Risk Management (ISO 31000).
The Version 1 IMS has a broad scope that supports all of our ICT services.
The Version 1 IMS is audited every 3 months, alternately by internal and external auditors.
An Information Security Officer along with the IT Governance Committee are responsible for maintaining the IMS, as well as providing advice and guidance on policy implementation.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||Verison 1 has developed formal standard operating procedures (SOPs) governing the change management process. These SOPs cover both software development and hardware change and release management, and are consistent with established regulatory guidelines including ISO 27001 and ISO 20000|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||In support of the Information Security Policy, Office 365 runs multiple layers of antivirus software to ensure protection from common malicious software. Servers within the Office 365 environment run anti-virus software that scans files uploaded and downloaded from the service for viruses or other malware. Additionally, all mails coming into the service run through the Exchange Online Protection engine, which uses multiple antivirus and antispam engines to capture known and new threats against the system. .|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||
Office 365 employs sophisticated software-defined service instrumentation and monitoring that integrates at the component or server level, the datacenter edge, our network backbone, Internet exchange sites, and at the real or simulated user level, providing visibility when a service disruption is occurring and pinpointing its cause.
Proactive monitoring continuously measures the performance of key subsystems of the Office 365 services platform against the established boundaries for acceptable service performance and availability. When a threshold is reached or an irregular event occurs, the monitoring system generates warnings so that operations staff can address the threshold or event.
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
Microsoft has developed robust processes to facilitate a coordinated response to incidents.
• Identification – System and security alerts may be harvested, correlated, and analyzed.
• Containment – The escalation team evaluates the scope and impact of an incident.
• Eradication – The escalation team eradicates any damage caused by the security breach, identifies root cause for why the security issue occurred.
• Recovery – During recovery, software or configuration updates are applied to the system and services are returned to a full working capacity.
• Lessons Learned – Each security incident is analyzed to protect against future reoccurrence.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||Yes|
|Price||£40.00 per user per month|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|