Liberata UK Ltd

Capacitygrid Empty Homes Review

The Capacitygrid Empty Homes Review is designed to help councils maximise their New Homes Bonus funding by completing a full review of every single long-term empty property, and correctly identifying those properties which are now occupied ahead of the CTB1 deadline.


  • Maximise New Homes Bonus funding
  • Provision of online webform to encourage residents to respond online
  • Review of every single Long Term Eempty property
  • Exclusion process to ensure you can exclude properties
  • Real time reporting available through Service Cloud
  • Multiple channels for residents to respond
  • All evidence available to download directly into DMS
  • Optional additional incentive, review and reminder mailings and/or outbound calling
  • Optional additional provision of inspections
  • Optional additional system updates


  • Increased New Homes Bonus funding
  • Accurate update and review of Council Tax database
  • Provision of additional residents contact details
  • Increased accuracy of New Homes Bonus funding forecasts


£10 to £15 per unit

Service documents


G-Cloud 11

Service ID

6 3 4 9 3 8 2 0 0 1 7 3 2 3 7


Liberata UK Ltd

G-Cloud Bid Administration

020 7378 3700

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints None
System requirements Modern web browsers with internet access

User support

User support
Email or online ticketing support Email or online ticketing
Support response times We have dedicated Customer Support Managers for each account to provide immediate assistance during office hours 8.45-5.30 Monday to Friday
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support No
Support levels Dedicated Customer Support Manager for each account to provide immediate assistance. On-boarding and off-boarding assistance included and technical support also available at no extra cost.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Dedicated Customer Support Manager to guide through and track implementation. Full on-boarding documentation is also provided with user manuals for accessing the Service Cloud and training webinars where required.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction All data is available to download in a number of different file formats and instructions are given as part of the on-boarding/off-boarding process.
End-of-contract process User accounts are disabled and data removed in an agreed timescale. An end of review/off-boarding call will also be held with the buyer.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service None
Service interface No
Customisation available Yes
Description of customisation Customisable webform and letters. The client can request amendments on the review specifications.


Independence of resources Regular server capacity monitoring


Service usage metrics Yes
Metrics types A provision of reports available on the cloud highlighting the progress of the review,
Reporting types
  • Real-time dashboards
  • Regular reports


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency Less than once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Application file download
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability 24/7 accessibility, 99.75% availability over the review period
Approach to resilience The solution is provided from a UK-hosted, dual datacentre, private cloud platform which supports SAN to SAN replication of data between the two sites. The platform is design to give tolerance to single points of failure, and is support by our 24x7 support organisation. Data can also be backed up locally to a virtual tape library, enabling rapid restore when required.
Outage reporting Email notifications to users

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels User roles restrict access to specific functions with the application.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 19/04/2010
What the ISO/IEC 27001 doesn’t cover IT hosting as that has been outsourced to a third party
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards • ISO20000 (IT Service Management)
• ISO22301 (Business Continuity)
• ISO27001 (Information Security)
• Cyber Essentials
Information security policies and processes Liberata Acceptable Use Policy
Liberata Access Control Policy
Liberata Information Security Management Policy
Liberata Compliance Policy
Liberata Data & Asset Management Policy
Liberata Mobile Working Policy
Liberata Personnel Security Policy
Liberata Risk Management Policy
Liberata Incident Management Policy

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The Change Management process is aligned and certified to ISO20000 IT Service Management. A UKAS accredited body performs external audits to test the Policy/Procedural compliance of ISO20000.

A Change Advisory Board sets the requirements to which the life-cycle of change is managed.

CAB objectives:
Ensure that changes to the IT Infrastructure are assessed, prioritised and scheduled in a timely and cost effective way that maintains contractual client service levels;
Ensure Changes are reviewed throughout the Change Lifecycle;
Ensure appropriate resources are in place to meet clients’ business requirements;
Improve clients’ overall satisfaction with the services provided; and
Manage emergency change.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Regular scanning is in place to identify vulnerabilities and the required remediation implemented to a defined plan to comply with PSN and ISO27001.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Servers have security logs in Audit Collection Services, within Microsoft System Operations Manager.

Managed network devices have security logs shipped to Cisco Monitoring, Analysis and Response solution. 

Logs are retained for at least 6 months including:
User or process Unique ID; 
Date and time of event; 
Physical or logical address; 
Type of service executed;
Privileged command executions;
In-bound email traffic claiming origination from PSN addresses or from 'null' addresses;
Excessive outgoing web traffic;
Regular data exchanges with external addresses;
Log record changes.

We have a SyOPs document which details the frequency for manually validating access controls and firewalls logs, etc.
Incident management type Supplier-defined controls
Incident management approach Incidents are managed via the Service Desk with an incident management team responsible for coordinating and directing the response. Conforms to the requirements of ISO27001 and ISO20000.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks Public Services Network (PSN)


Price £10 to £15 per unit
Discount for educational organisations No
Free trial available No

Service documents

Return to top ↑