Four Pillars of Digital Strategy: Design; Content; Functionality; Usability Digital Audit Digital landscape mapping: SWOT Digital transformation Digital strategy Improve profitability Unlock additional revenue Reduce costs Change management Current (as-is) asset/digital channel mapping Mapping real estate to organisational requirements Benchmarking Best practice
- Four Pillars of Digital Strategy: Design; Content; Functionality; Usability
- Digital Audit
- Digital landscape mapping: SWOT
- Digital transformation
- Digital strategy
- Change management
- Current (as-is) asset/digital channel mapping
- Mapping real estate to organisational requirements
- Benchmarking & best practice
- Design/build & hosting
- Suitable for all public-sector organisations
- User-friendly, multi-platform (web/tablet/mobile)
- Management Information/audit
- Suitable for non-technical users
- User self-service
- Four Pillars of Digital Strategy: Design; Content; Functionality; Usability
- Digital Audit & landscape mapping: SWOT
- Improve profitability
- Reduce costs
- Unlock additional revenue
£750 per person per day
- Education pricing available
- Free trial available
Panlogic Limited - Digital Engineering
0208 948 5511
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Depends on agreement|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.0 AA or EN 301 549|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Levels & costs depend on agreement.
We can provide a technical account manager.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Self-service on-boarding process|
|End-of-contract data extraction||JSON export is possible|
Included: access to the payment platform
Not included: any bespoke elements
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||None|
|Accessibility standards||WCAG 2.0 AA or EN 301 549|
|Description of customisation||
Option to completely white-label the solution
|Independence of resources||Real-time resource monitoring & auto-scaling|
|Service usage metrics||Yes|
|Metrics types||Real-time dashboards|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Data sanitisation process||No|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||JSON & CSV export|
|Data export formats||
|Other data export formats||JSON|
|Data import formats||Other|
|Other data import formats||N/A|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Approach to resilience||Available on request|
|Outage reporting||Email alerts|
Identity and authentication
|User authentication needed||No|
|Access restrictions in management interfaces and support channels||N/A|
|Access restriction testing frequency||At least once a year|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||No audit information available|
|Access to supplier activity audit information||No audit information available|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||No|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||No|
|Security governance approach||
Security governance is defined in the SLA. However, responsibility typically for the systems procured via Panlogic lies with the Project Manager, Client Services Director and ultimately one of the Company Directors. Each of the policies that make up the security policy are reviewed annually by the senior staff.
Changes or additions can be proposed at any time by any member of staff, any substantive changes made to any documents will be communicated to all relevant personnel.
|Information security policies and processes||
Panlogic has the following policies:
-Information Handling Policy
-User Management Policy
-Acceptable Use Policy
William Makower - Director
John Foster-Hill - Director
Designated Project Manager
On a day to day basis its the responsibility of the Project Manager to ensure the policies are set in place and overall its the Directors' responsibility to ensure all policies including HR and data protection are adhered.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Incident change and planned development changes are documented via the Panlogic ticketing system along with User Guide revisions.
Documented changes are recorded in states:
These are announced via email and/or blog updates for significant developments.
Source code is maintained in a Git code repository and is tagged for releases, as are database changes.
Deployments of changes are automated using deployment services.
|Vulnerability management type||Undisclosed|
|Vulnerability management approach||
Threats are assessed by reviewing log files and traffic abnormalities and identifying non-genuine traffic.
Patches are deployed immediately after an issue is identified. A patch is first developed and tested and then implemented when proven to resolve the issue.
Information regarding threats is collated through social media, github, news groups, dedicated forums relating to the technologies used (e.g. PHP website, MySQL website etc.).
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Third-party tools are used to help gain insight from the server level upwards, to aid in identifying any internal or external incorrect use or abuse.
When a potential compromise is identified resolutions are defined, developed, tested and deployed as soon as possible.
Timings are typically covered within an SLA, but responses start usually from 4 working hours.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Any incidents are recorded using Panlogic's ticketing system for tracking, escalation and reporting.
All incidents receive an initial response and then a follow-up with more detail. The timings will be governed by the agreed SLA.
Security breaches will be deemed a 'Level 1: Critical' incident and actioned accordingly.
Following a security incident and/or personnel changes, policies for access to systems are applied.
Security and other 'Level 1: Critical' incidents are notified to the service Project/Account Manager who will in turn notify their equivalent at the client organisation.
FAQs provided online are a 1st-line support option to common issues and questions.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£750 per person per day|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||
Trial and free options available.
Everything is included.
Time period limited by arrangement.
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|