PQS Supplier & Contractor Management
PQS Pre-Qualification-Scheme™ is a registered SSIP Member.
We provide a FREE cloud based Supplier Management software for
you to monitor and manage your supply chain.
We assess your supply chain, you manage and monitor them using our FREE cloud based tool.
- Free cloud based supplier mananagement software
- Flexibility and choice
- Real-time supply chain information
- FREE acccess to PQS registered suppliers and contractors
- FREE access to software to manage suppliers and contractors
£0 to £0 per unit per year
- Education pricing available
- Free trial available
Capabiliteez Ltd t/a PQS Pre-Qualification-Scheme
0333 567 5670
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
Planned maintenance undertaken out of normal working hours (9 to 5pm)
Suppliers and contractors appearing in the database need to be PQS registered
|System requirements||Web browser (e.g. chrome, edge)|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Same day response.
No service at weekends.
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Tailoring free software to organisational requirements
|Support available to third parties||Yes|
Onboarding and offboarding
Where required onsite setup and initial account creation can be provided.
User training is available through documentation or contact via email or phonecall, dependant on the customer preference.
User instructions is are available through prepared through documentation.
Screen sharing services can be implemented to guide users as required.
|End-of-contract data extraction||Exports of data in CSV, excel, or pdf formats|
Users stop accessing the software
We discuss deletion of the overall account
This is a free software tool
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||
Desktop service preferred.
Layout and resolution limited on mobile.
|Description of customisation||
Active users can be added removed at any point by designated persons. There is no limit to how many active users can be had at a given time.
Visual branding is highly customisation, colours logos etc. can be modified by designated persons.
How data is presented and manipulated is adjustable by the end user where relevant.
Flexible reporting functionality is in place, some reports allow complete user customisation as to what data should be presented in a report.
|Independence of resources||
The PQS Administrators monitor usage and performance daily
We have a fully scaleable platform to avoid users being affected by demand of other users
|Service usage metrics||Yes|
Basic metrics around supplier and contractors
Basic logs of user activity
|Supplier type||Not a reseller|
|Staff security clearance||Staff screening not performed|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||Physical access control, complying with another standard|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||Tailored export tool to CSV, excel or PDF|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||Excel|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
Service is available continuously except for planned and any non planned maintenance.
The service is FREE.
|Approach to resilience||
In process of finalising cyber essentials certification.
Databases and file storage are managed by a 3rd party with assurances for data security, physical security and data loss mitigation.
Additionally in house backups are maintained and stored securely in the incredibly unlikely event there is data loss by the 3rd party.
|Outage reporting||Scheduled maintenance details are displayed on login page. There are mechanisms in place to inform users if the service is unavailable for use in the event of an unscheduled outage.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||Administrative user(s) in your organisations controls invitations and permissions of users|
|Access restriction testing frequency||At least once a year|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||You control when users can access audit information|
|How long user audit data is stored for||Between 1 month and 6 months|
|Access to supplier activity audit information||You control when users can access audit information|
|How long supplier audit data is stored for||Between 1 month and 6 months|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||In progress - Cyber Essentials|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||In process of finalising cyber essentials certification|
|Information security policies and processes||Policies and practices based on principles of ISO27001.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Principles of ISO27001 adopted|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Principles of ISO27001 adopted|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||Principles of ISO27001 adopted|
|Incident management type||Supplier-defined controls|
|Incident management approach||Principles of ISO27001 adopted|
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£0 to £0 per unit per year|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||The whole service is FREE|