Prochainmatrix Ltd

PROCHAINMATRIX Software As A Service (SaaS)

Prochainmatrix solution enables organisations to manage their cost-improvement, change and transformation initiatives. PMO, Programme and project management. Contracts management of spend and income. Collaborate on Initiatives, dashboards and document management built in.
The application suite empowers management to make savings, prioritise, eliminate silo-working culture and remove the over-reliance on spreadsheets.


  • Web based system, accessible anytime, anywhere.
  • Professionally hosted in the UK data centre.
  • (SaaS), supported by a formal back to back SLA.
  • Avaiability 24/7, 365 days a year with >99.97% up-time.
  • Client user-portal and account management.
  • Dashboards, customise reports and charts.
  • Flexible application workflow.
  • Flexible configuration to meet your organisation's needs.
  • Proactive application-system enhancement.
  • Implementation support, guidance and knowledge-transfer.


  • Create and manage multi-year savings, efficiencies and operational work-plans
  • Realise the organisation's spend under agreement and risk exposure
  • Empower the organisation's departments and functions to collaborate
  • Reduce and manage programme office and project management costs
  • Access and process real-time information, anytime, anywhere
  • Prioritise resources and focus where benefits can be maximised
  • Better understand the organisation's risk and cost profile
  • Able to ensure the organisation's objectives are being proactively pursued
  • Enhance governance and performance reporting to senior management
  • Able to capture and maximise savings and efficiencies


£29940 per licence per year

Service documents

G-Cloud 10


Prochainmatrix Ltd

Customer Services

020 75548569

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Community cloud
Service constraints The service has NO real constrains. All aspects of the service are accessible by one of the commonly used Web Explorers. The service is fully WEB enabled. There is NO impact on any of the client`s hardware.
System requirements
  • None specific requirements
  • A URL registration in client Fire walls

User support

User support
Email or online ticketing support Email or online ticketing
Support response times The online, Help Desk support calls, are rated by priority order.
No distinction is made on any one of the seven days of the week.
Users can manage status and priority of support tickets.
A document is made available to clients, showing response and resolution times.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 A
Phone support Yes
Phone support availability 9 to 5 (UK time), 7 days a week
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.0 A
Web chat accessibility testing Cisco Webex - products support mixed conferencing capabilities, so different people can join with a Windows or Mac computer or a phone into the same session. WebEx Mobile App is for WebEx Meetings whereas the desktop, laptop or tablet user uses a program called Meeting Centre.
Onsite support Onsite support
Support levels Support is provided at several Levels: - Professional support for Finance Procurement and Project Management Office. - Effect of changes and re-engineering. - General training, produced and hosted by a professional training company. - On side, support and training in the use of the Application. - Off side support
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Start Using. - Training videos. Online professionally developed videos provide initial introduction to services. - The implementation plan, includes various milestones: Data transformation – Initial system populate Onside training is provided to specific user groups - Documentation is stored on line and users are given access via personalised portals
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction All data stored belongs to the client user. At the end of the contract, the final position is negotiated, agreed and executed. All data is offered in various formats: Comma separated text Spreadsheet SQL table back up files. The data may also be available on line for a limited period of time.
End-of-contract process Included in the Price:
All data stored belongs to the client user. At the end of the contract, the final position is negotiated, agreed and executed. All data is offered in various formats: Comma separated text Spreadsheet SQL table back up files. The data may also be available on line for a limited period of time.
Additional Cost:
At a client`s request it is also possible: To extract data to a specified format, ready to be imported into a new system

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Whenever applicable, forms can be design to a particular specification/model.
The main differences of the services are simply the adopted model of an object.
Services accessed by PCs or laptops are designed to a particular size screen.
Service objects used by mobile devices are design to offer the user a fluid kind of forms.
The service will adjust the size of the form depending on the device used.
Accessibility standards WCAG 2.0 A
Accessibility testing JAWS and WindowsEyes. All web interfaces are tested continuously. Development stages include a web test. As soon as an object is completed, be it a form or report, this is followed by a publication stage. Once published all objects are then tested via a browser. Testing is carried out using a variety of locations and hardware. The onside training provides a final testing opportunity, before the system is declared live.
What users can and can't do using the API Services are subject to user ids and passwords. All users are set up following a strictly defined process. Users can call upon a predefined URL / Mask for their organisation and then receive a log-in page. Once logged into the system menus – tabs – object – functions will be made available based the group/s they have been assigned to. The web interface allows users to view – modify – or report on the stored data. Report production include Charts etc. All users are also able to manage their passwords and renew them before they expire.
Users can not change the software
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The service software has been authored by Prochainmatrix, including back and front end.
As such all aspects of the system cab reconfigured.
All changes are subject to discussion and agreement with a client.
The way this is done:
- Client request is needed for a particular change with a brief explanation.
- The impact of the request is assessed
- A response is provided, in terms of time required etc.


Independence of resources The database server is scaled to accommodate and server a very large number of databases. The database server is monitored, by the service provider and it will be adjusted accordingly. The current ratio is approximately 10 times large than what the actual used number. Each client is assigned to a dedicated Web VMs with their own connections. Each client is also allocated a sub mask to the main


Service usage metrics Yes
Metrics types Metrics types
• Disk
• HTTP request and response status
• Memory
• Network
• Number of active instances
Reporting types
• Real-time dashboards
• Regular reports
Reporting types Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach A standard icon is made available to all Form Objects which are data based.
Users have the ability to simply click on the nominated object to download all data displayed on the form
The approach is to extract data, in an excel spreadsheet.
This requires the used hard ware to be installed with Microsoft spreadsheet or open source spreadsheet software.
A single click action results in:
- obtaining relevant records
- opening the software
- displaying selected records
Data export formats
  • CSV
  • Other
Other data export formats
  • Microsoft Spreadsheet
  • Open source Spreadsheet
  • Html
Data import formats
  • CSV
  • Other
Other data import formats
  • Spreadsheet format
  • Html

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability SLA in place for 24/7 and 99.98%
There is no refund policy.
Approach to resilience - Services are hosted within N3. -
The database server is not directly available to the internet.
- Firewall protection - VMS connectivity for development - Security, policy
Access to information has to be indirectly requested by one of the client Web VMs
Connections between the web VMs and the database server are password protected.
Outage reporting The service provider, RedCentric engineers, are informed by an API at the first instance. Whilst they investigate an email alert is sent to Prochainmatrix.
Prochainmatrix will subsequently inform the relevant client of the problem, planned solution and the expected duration of time to resolve the issue.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
Access restrictions in management interfaces and support channels All user access to application service is clearly defined in Security policy. Setup of all new users is subject to written notification by a client senior manager. Users are assigned to user groups. Each menu object is assigned a security group. Senior client managers assign a user who can perform system administration functions Access to help desk support is restricted to senior user who have system admin assigned to them.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for Between 6 months and 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 6 months and 12 months
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • GDPR
  • Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Redcentric takes a holistic approach to network security, ensuring that it is integrated into our solutions right from the start. We apply the same stringent approach to protecting our networks regardless of whether they are for deployment in high or low risk environments. Looking at the challenges within IT security our clients have similar concerns. As web applications proliferate, network borders disappear and workers become increasingly mobile, how can you protect your information assets? Topping the list of concerns are; Cybercrime - targeted attacks, stealing data easily convertible to cash Malware - Loggers, backdoor & data capture code deliberately planted on weaker systems Workforce mobility - laptops, PDA's and USB keys containing sensitive data are high risk Outsourcing & Cloud computing - Ability to manage 3rd parties containing sensitive data Data breaches - the business threat of a serious security breach impacting daily operations

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach WHAT DOES REDCENTRIC DO THAT’S DIFFERENT? Redcentric own and manage our own data centre estate and platforms, which means we can provide outstanding service and market leading SLAs. To ensure your infrastructure remains secure your managed IaaS solution sits on your LAN protected by maintained firewall, IP and subnet addresses. No matter the IaaS environment, your data security and privacy issues are met. “Software delivery is now so streamlined, with centralised hosting rather than local LAN-based installations, that we are able to focus our efforts far more on product development and the customer experience than on systems and network 'housekeeping'.”
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Prochainmatrix benefits from the high standard of the environment provider, RedCentric (RC). RC have a long list of certificates. The environment is based on Microsoft technologies, which provide a continuous list of required patches. The current services include a dedicated Patching policy.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach IT problems can be identified with Infrared. It therefore makes sense to monitor your infrastructure performance 24/7 - so you can spot problems before they affect your end users and get in the way of business. Infrared is a fully automated network and system management service that gives you detailed alerts and reports on your IT infrastructure via a secure web portal. It's designed for the small to medium enterprise and flexible enough for your particular network.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Features include: View of the current status of open tickets, the ability to log new calls and update existing records Storage utilisation and trend information On-line access to billing data Access to project manager and latest status and date information for projects in service delivery Access to an industry leading reporting and management suite – Info Vista Additionally - Prochainmatrix offers a client Help Desk Support at application level.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • New NHS Network (N3)
  • Joint Academic Network (JANET)


Price £29940 per licence per year
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑