Saadian Technologies UK Limited

Offender Management

Savvy is a powerful and highly flexible offender management platform providing capabilities that can be configured in to meet a range of offender management requirements. The platform provides a number of configurable modules which can operate independently or together offering flexibility and responsive pricing.

Features

  • Case management: management of offender cases throughout their life-cycle
  • Assessments: Configurable needs and risks assessments
  • Scheduling: calendar, task, project and programme management, notifications, workflow
  • Resource Management: manage and assign resources (skills, availability and capacity)
  • Multi-agency information sharing: one shared view of a case/incident
  • Referral/Services Management: manage service providers, create catalogue, live availability
  • Configurable workflow and business rules to intelligently manage your business
  • View data from different perspectives, focusing on User Needs
  • Notifications of events and changes: Email, SMS , In-App
  • Flexible Integration capabilities bringing in data from partner systems

Benefits

  • Cost reduction when compared to legacy applications
  • Flexible capabilities help you consolidate/rationalise existing systems
  • Lower cost of ownership by consolidating to a platform
  • Improved visibility/efficiency as processes and information are aligned
  • Resources can be used more effectively and efficiently
  • Improved quality and service flexibility based on powerful data model
  • Modular design gives you control and options for integration
  • User focused design gives a flawless user experience
  • Future-proofed - the solution can change with your business
  • Links with existing systems/You can connect your own modules

Pricing

£5 to £15 per person per month

Service documents

G-Cloud 9

634025442966928

Saadian Technologies UK Limited

Jennie Jablonski/Joe Hussey/Cliodhna McGuirk

020 73978502

sales@saadian.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints No
System requirements
  • The system requirements are closely linked to your business requirements
  • We work with you to understand your business requirements
  • We then recommend appropriate computing resources to ensure accessibility/scale/performance

User support

User support
Email or online ticketing support Email or online ticketing
Support response times High Severity- service outage- 1 hour
Medium Severity- partial outage- 4 hours
Low Severity- minor request- 5 days
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels High  - Our highest Service Level response is reserved for complete Service Outage.
It is expected that the reporter will communicate directly via Email or
Telephone for this type of outage. Our service desk will respond within 1
hour and provide subsequent updates every 1 hour (if required). The
escalation level is immediate and the target fix is as soon as possible

Medium - Our second highest Service Level response is reserved for partial outages or interruptions. It is expected that reporter will communicate directly via Email or Telephone for this type of outage. Our service desk will respond
within 4 hours and provide subsequent updates every 4 hours (if required).
The escalation level is after the initial target fix time and the target fix is
within 8 hours.

Low - Our third Service Level response covers enquiries, minor issues and change requests. It is expected that the reporter will communicate directly via Email for this type of issue. Our service desk will respond within 5 days (if
required) the target fix date will be the next schedule release for agreed
upon change requests).
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started As part of the on-boarding process we would propose an implementation plan that sets out our approach to platform configuration, deployment and accreditation (if needed). This will be provided under our Cloud Support Service called Savvy Platform Configuration Services.
Service documentation Yes
Documentation formats
  • ODF
  • PDF
  • Other
Other documentation formats MS Word
End-of-contract data extraction One of the our key principles is that you maintain ownership and control of your data. This means that we make it easy to return your data to you in a format that can easily be re-used. On termination, we will provide you with an extract of your data in CSV or XML format.
End-of-contract process When customers are off-boarding with us, we would agree a format for the return of your data with you. We will then decommission the service and securely delete all data held by us (if we are managing the service for you).

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The software service has been designed to be responsive to device type so the mobile service functions in the same way as the desktop service with the primary difference being screen layout.

We can also provide native mobile apps as part of our Cloud Support Service (Savvy Platform Consultancy)
Accessibility standards WCAG 2.0 A
Accessibility testing We provide a number of the WCAG 2.0 AA and WCAG 2.0 AAA requirements but not yet all of them
In summary, we provide text alternatives for non-text content, alternatives for video, presentation does not rely solely on colour, keyboard users are not trapped, clear keyboard focus, consistent use of menus, icons and images, detailed help and instructions is provided and the application has a logical order with clear headings
API Yes
What users can and can't do using the API The Savvy platform has been designed to be completely modular. This means that each of the different capabilities of the Platform is loosely coupled and can work independently of each other. It also means that the capabilities can be replaced with alternative solutions. The platform can interface with any system that has an open API. For example, the platform is currently configured to use Saadian's SMS messaging gateway but it could easily be configured to use any other SMS gateway.
 
The Platform also has a flexible integration component meaning that data from other sources can easily be consumed and integrated into the platform.
 
The Platform can also be configured to provide an open API to other systems, enabling external systems to read information (such as the status of a case) or provide case updates (which might be subject to manual review if required).

Fine grained role based access can be configured for every data item in Savvy. The Savvy API enforces system role based access controls (RBAC) ensuring that access to data is always controlled, regardless of the access mechanism.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Savvy is a powerful and highly flexible platform that provides capabilities that can be configured in many different ways to provide business applications tailored to suit your specific requirements.

The Platform is made up of a number of different capabilities which are grouped together to form Modules (e.g. Case Management, Assessments, Scheduling, Resource Management)
These Modules can operate independently or be used together to provide even more powerful functionality. You can combine and configure the different Platform Modules in different ways to
provide a complete solution to meet your exact needs.

For the offender management module, the Platform allows you to define the data that you need to capture against offenders, victims and other entities (people, places, incidents, events, etc.) that you might want to store in the system.
It allows you to put in place business rules and workflow to govern the way that the system works – enabling you to automate processes, integrate with other systems and set-up alerts and notifications; managing cases throughout their life-cycle.

Users can design screens so that information is right where they need it and can build screens for specific purposes – making it easier and quicker for them to execute key activities.

Scaling

Scaling
Independence of resources The service is configured to use load balancing and clustering techniques to ensure that demand upon the service is spread evenly over computing resources and to reduce the impact upon the users

As part of the onboarding process Saadian will work with the buyer to fully understand their usage expectations to ensure that the required resources are available as the service usage grows

Analytics

Analytics
Service usage metrics Yes
Metrics types We provide a range of service metrics such as:
Application logins ( e.g. frequency, role etc.)
Performance (e.g. number of concurrent users online throughout the day)
Session Analytics (e.g. duration, timeouts etc.)
Access Mechanisms (e.g. browser types)
Application Paths (e.g. most commonly used functionality)
Case Load (e.g. volume, type etc.)
Storage (e.g. size of structured and unstructured data)
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach Access to Data is strictly controlled by the Saadian Information Security management system. Policies and processes are in place to ensure that only those with a valid need to access data are allowed and technically able to do so
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach The service has functionality built in that will allow users to export data
Data export formats
  • CSV
  • Other
Other data export formats XML
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • MS Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • Other
Other protection between networks Data in transit is encrypted. Network connectivity between the buyers network and Saadian services is configured based on the buyers security requirements e.g. private network or public sector network.
A full CHECK compliant ITSHC is commissioned to ensure security of the connection
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Saadian operate an Information Security Management system (including an administrative user Syops) that strictly limits who can access the data
ITSHC are conducted on the service at regular intervals to identify any potential security risks

Availability and resilience

Availability and resilience
Guaranteed availability We can agree availability levels for the service with you - this determines
when the service must be available and limits unplanned downtime (but allows for planned maintenance windows).
Availability is closely linked to infrastructure configuration because we
need to make sure the right infrastructure is in place to support the
expected levels of availability.
Approach to resilience Load Balancing The service is accessed through a load balancer that direct traffic to available nodes. This ensures a consistent level of response and single points of failure
Application Monitoring: Application monitoring is configured for all servers and nodes to monitor the performance of physical servers and their specific applications and services. This helps Saadian understand and address problems before they cause full disruption
Clustering: Service Nodes work in clusters that share customer states and information in real time. This allows the service to fail over to another cluster if there is a disruption
Disaster Recovery: DR environments and plans can be put in place in accordance with customer needs to ensure that the service can be recovered in the case of a disaster
Outage reporting Application monitoring tools can be configured to send regular reports and automatic notifications of outages or disruptions

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Access to management and support interfaces is controlled by a strict role based access policy. The service is developed in accordance with our ISO27001 compliant Access control Policy
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Other

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations CHECK Penetration Tested

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach Saadian understands that Information security is not only a technical issue, but a business and governance challenge also. As such the security of information and other critical organisational resources is treated as a priority throughout the company.

Saadian have an executive appointed Information Security Manager and an Information Security Management system with policies that extend beyond the technical aspects to include critical business processes.

Executive Management is invested in Information security and receive reports on security performance and breaches
Information security policies and processes Saadian understands that Information security is not only a technical issue, but a business and governance challenge also. As such the security of information and other critical organisational resources is treated as a priority throughout the company.

Saadian have an executive appointed Information Security Manager and an Information Security Management system with policies that extend beyond the technical aspects to include critical business processes.

Executive Management is invested in Information security and receive reports on security performance and breaches

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The Saadian configuration and change Management processes are based upon ITIL best practices and consists of a set of documents, processes and routines that form part of Saadian IT Service Management
Vulnerability management type Undisclosed
Vulnerability management approach N/a
Protective monitoring type Supplier-defined controls
Protective monitoring approach Protective Monitoring is supplied by a third party to GPG 13 standard
Incident management type Supplier-defined controls
Incident management approach The Saadian Incident Management process is based upon ITIL best practices and consists of a set of documents, processes and routines that form part of Saadian IT Service Management

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • New NHS Network (N3)
  • Joint Academic Network (JANET)

Pricing

Pricing
Price £5 to £15 per person per month
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑