Asset, Property & Compliance Management Software and Oracle and IBM Cloud solutions. copy
elf Software Ltd specialise in developing software solutions and comprehensive support services in Property, Asset & Compliance specifically to support Local Authorities, Academies, Schools & Outsourcing Companies.
In addition elf Software ltd can now offer Oracle and IBM cloud software solutions.
- Asset Management Planning
- Estates Management
- Facilities Management (Helpdesk & PPM)
- Management of Cyclical Compliance Activities (Statutory Testing & Inspections)
- Plant & Equipment Servicing
- Surveying & Assessments (Asbestos, Condition, DDA, Fire Risk)
- Oracle Cloud offerings
- IBM Cloud offerings
- Anytime, Anywhere, on any device
- Real-time information flow that enhances visibility
- Enhanced efficiency in business processes, improving productivity
- Use land and property more effectively
- It delivers the necessary knowledge to support better decision making
- Overcome compliancy issues in keeping the estate safe
- Transforms your approach to remove wasteful duplication of data
- Integration of all property management information needs
- One data repository to store property information
£9000 to £30000 per unit per year
- Education pricing available
Elf Software Ltd
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Service constraints||Our service has no constraints for the buyer, however, if the buyer wants to host the software internally they will need to adhere to our system architecture model.|
|System requirements||None unless client is hosting the software|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Based on a business day, questions are replied to within 24 hours.|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Support is provided by elf's internal Service Desk.
The level provided is support between Monday - Friday 09:00am - 17:00pm.
Each support issue is dealt with according to the agreed SLA's.
|Support available to third parties||Yes|
Onboarding and offboarding
Elf provide leading secure, accurate, efficient and effective front and back office business services and solutions to a range of public and private sector organisations. Delivered through the application of innovative technology, proficient processes and flexible resource models; providing excellent value for money. This service enables customers to meet and exceed service levels, in an efficient and cost effective manner delivered through a unique mixture of knowledge, skills and proven secure technology.
On award of a contract, elf will immediately instigate a Project Initiation Meeting (PIM) to ensure the timescales are met. The PIM will identify amongst other matters, the project reporting and quality assurance and performance monitoring requirements of the client.
elf’s data services offering is backed up by the knowledge and expertise to help provide a comprehensive review of all data sources, systems and structures in order to allow clients to use information effectively.
Customers have the option of tailored, on-site training or formal courses at elf’s training centre. elf hosts a range of comprehensive training solutions for new and advanced users of the software suite.
|End-of-contract data extraction||Customers are able to work with ourselves to extract all of the data at the end of the contract if this is required.|
|End-of-contract process||If customers wish to use our expertise in extracting all of their data at the end of the contract, there are additional costs involved and this will depend on the volume and complexity of the data.|
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||Windows|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||The main application is accessed via IE11 requiring Windows OS. The interactive portal applications are designed as a light weight front-end for clients, contractors and staff.|
|Description of customisation||The service is modular based, which allows customers to choose what applications they want.|
|Independence of resources||We operate though a Tier 3 level data centre utilising a market leading supplier who is able to meet our scalable demands to ensure that our clients services are not affected.|
|Service usage metrics||Yes|
We are able to offer two different types of service metrics which are as follows:
Ticket volume, ticket backlog, resolution rate, average reply time, average first response time, customer satisfaction, average handle time, first contact resolution rate, net promoter score and replies per ticket.
Uptime SLA of the hosted solution.
|Reporting types||Reports on request|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||
Users can export data into several different formats i.e. PDF, CSV, Excel, Word and XML.
Data can be extracted directly from the SQL database if users have the relevant expertise.
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||Our hosting supplier provides an SLA which incorporates a 99.9% service uptime. Any refunds due to availability issues would be on a client by client basis in line with their contract.|
|Approach to resilience||This information is available on request.|
Our hosting supplier notifies us by Email if there are any server outages.
We in turn, will Email our clients directly.
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Within the application a system administrator is responsible for user access and privileges. With the 2 factor authentication the first point of access is controlled via internal hosting IT.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||SN Registrars (Holdings) Limited|
|ISO/IEC 27001 accreditation date||28/02/2016|
|What the ISO/IEC 27001 doesn’t cover||All aspects of our system infrastructure and product offerings are covered by our ISO certification.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||Compliance with ISO27001 is a written requirement of employment at our company and is regularly assessed by our in-house auditing team as well as through six monthly externally led audits. We also operate through the premise of least available privilege for all system users, including a named and vetted system team whose higher level access to systems is fully monitored and subject to 2FA throughout. The systems team report to the Technical Director who is entirely responsible as a Board member for the technical infrastructure. We also operate our entire company systems on the same infrastructure - fully separated from client instances - and as such our company DR and BCP apply to the same infrastructure.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||All system components are subject to 24/7 monitoring for performance and tracked issues, and are proactively replaced if their performance shows signs of future degradation. We also operate an N+N redundant system in most areas, with a fallback to N+1 to avoid a single failure impacting on system availability. Changes are fully assessed for security impact in line with ISO27001 security controls and tested on internal development systems before rollout.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Our technical team are alerted to potential threats directly by our hardware and software partners, and will deploy threat responses immediately based on industry information or detected issues within our infrastructure. Patches are deployed based on the level of threat and impact on our infrastructure - as we operate a fully redundant series of systems, we can inspect the performance as patches are deployed and continue rollout or roll back as needed.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||As with all system level impacts, we monitor the system 24/7 to ensure that all operating parameters are within expected levels, and our automated monitoring systems will raise an alert to our systems team if this is not the case. Patches and updates to the system are communicated to all affected users directly and also published on our status page for our cloud servers.|
|Incident management type||Supplier-defined controls|
|Incident management approach||Incidents can be reported to our systems team through our ticketing system and will automatically be raised to priority 1 if a cloud based system is affected. Our team also apply standard processes for the resolution of system issues against a known good backup and rollback procedure. Incident reports - both ongoing and previous - are available through our status page at status.academia.co.uk.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£9000 to £30000 per unit per year|
|Discount for educational organisations||Yes|
|Free trial available||No|