EUS Holdings Limited

eAuctions

eAuction provides a solution for setting up online eAuction events, compliant with EU Procurement legislation and running secure eAuctions. The solution provides workflow to agree opening bids, non-price parameters, extension times etc. Suppliers can be selected and invited to attend the Auction event and can carry out Online Registration.

Features

  • EU Procurement Directives (2014/24-25/EU)
  • UK Procurement Regulations 2015
  • Online eAuction Events with workflow
  • Multi lot, MEAT and non price parameters
  • Automatic extensions
  • Different Auction Strategies
  • Self service or fully managed
  • Stand alone or integrated to eTendering
  • Full audit trial and secure messaging
  • Online secure messaging

Benefits

  • Easy to set up and use
  • Minimum training
  • Demo Training Environment included
  • Flexible commercial options
  • Real time update of prices
  • Flexible weighting models

Pricing

£500 per unit per year

  • Free trial available

Service documents

G-Cloud 9

649512756558216

EUS Holdings Limited

Sid Bains

07789 260 680

sid.bains@eu-supply.com

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Contacts Management
Dynamic Purchasing System
Online Evaluations
ESPD
eAuctions
ESPS
Dynamic Forms
Cloud deployment model Private cloud
Service constraints No
System requirements Browser and internet access only required

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Standard SLA, 9.00am to 5.00pm working day, response within 2 hours. Extended SLA available at extra cost e.g. 24 hour support.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Standard SLA available on request with extended SLA available at extra cost depending on requirements. Agreed escalation process to include Technical Account Manager and Account Director
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Authority makes a request to join the system via contacting EU Supply (phone or via email) and completes a simple initialisation form with the Authority details and buyer details.
Upon receipt of a Purchase Order, the Authority is set up in the system both on the live production site and a demo/training site. Standard procurement templates are loaded for the Authority.
The secure log in is sent to the Administrator of the Authority. The Administrator of the Authority can access guidance and training material and create additional users as per the Purchase Order.
Authority can go live and start publishing tenders within one day of receipt of online form and the PO.
There is a minimum set up and implementation fee of £2,500 to configure the system including setting up the OJEU templates based on a standard configuration. Additional configuration and extra support are chargeable.

Training is available onsite and/or online with user manuals and worked step by step examples. The system is easy to use and can be up and running within 2 weeks.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Authority has to give written notice of termination and then can either download all Authority data using print pdf and download document facility or purchase a read only/viewer licence to access old tender data.
End-of-contract process At the end of the contract, the Authority has to give written notice of termination and then can download all Authority data using print pdf and download document facility. This is included in the price.

There is an additional option to purchase a read only/viewer licence which is subject to negotiation.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices No
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing Interface testing done using assistive technology
API Yes
What users can and can't do using the API Import and export of tender data
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Online configuration through an administration interface

Scaling

Scaling
Independence of resources Service Level Agreement:

The availability of the Services, excluding scheduled unavailability, shall be:
 99.8% during Working Hours; and
 99.5% outside Working Hours in cases where the Service Provider has agreed to provide extended hours under Additional Services.

Analytics

Analytics
Service usage metrics Yes
Metrics types Service Uptime and availability
Reporting types Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Via download documents, export reports as pdf and/or excel
Data export formats
  • CSV
  • Other
Other data export formats
  • XLS
  • PDF
  • .doc
Data import formats
  • CSV
  • Other
Other data import formats
  • XLS
  • .doc

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Private network or public sector network
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability The availability of the Services, excluding scheduled unavailability, shall be:
 99.8% during Working Hours; and
 99.5% outside Working Hours in cases where the Service Provider has agreed to provide extended hours under Additional Services.
The recording of Downtime shall commence during Working Hours from the time the relevant Service Case is logged by the Service Provider’s help desk.

Downtime attributable to any of the following causes shall be disregarded:
 failure by the Customer to take any specified avoidance action previously agreed between the Customer and the Service Provider; and/or failure of the Customer’s infrastructure.
The Service Provider shall provide the eSourcing Service so that Users shall experience response times (assuming a broadband connection) at least as fast as those achieved by leading eCommerce sites. This should be achieved for at least 99.5% of the time the Service is available during Working Hours.
Approach to resilience As per our Information Security Management Policy, this information is available on request as a Commercial Protect Document
Outage reporting Email Alert to Administrators

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Physical and logical separation and control
Access restriction testing frequency At least once a year
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Parabellum Cybersecurity Group
ISO/IEC 27001 accreditation date 29/08/2016
What the ISO/IEC 27001 doesn’t cover All Business Processes covered
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations
  • ISO 9001: 2015
  • ISO 20000-1: 20111
  • ISO 14001: 2015

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes ISO27001 for all business processes plus Her Majesty’s Government (CESG) Security Policy Framework for processing OFFICIAL-SENSITIVE (RESTRICTED) information. The company’s services are subjected annually to external independent and world class penetration testing versus OWASP standard.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach There is a formal change management and release process. As a multi-tenanted platform the releases are provided to all the users of a platform at the same time. Releases are announced at least 14 days before they are provided. New releases are applied to the 'test/training' platform 1-2 weeks before being loaded onto the 'live' platform, so users have time to test the new changes and provide feedback to EU Supply.
Full release notes are provided before the release is applied to the 'test' platform to allow users to assess any new features or fixes.
Vulnerability management type Supplier-defined controls
Vulnerability management approach EU Supply has used RMADS since 2010 to manage OFFICIAL-SENSITIVE information (IMPACT LEVEL 3 certified) by UK HMG, in accordance with CESG and HMG IA Security Policy Framework. Risk Assessment and Risk Management for Risk Profile agreed with HM Treasury CLAS security accreditors in accordance with HMG IA Standard No. 1 (IAS1) Part 1, v 3.6.

Due to the sensitive nature of the RMADS, a copy of the RMADS is available on request as a commercial protect document.
Protective monitoring type Supplier-defined controls
Protective monitoring approach EU Supply has used RMADS since 2010 to manage OFFICIAL-SENSITIVE information (IMPACT LEVEL 3 certified) by UK HMG, in accordance with CESG and HMG IA Security Policy Framework. Risk Assessment and Risk Management for Risk Profile agreed with HM Treasury CLAS security accreditors in accordance with HMG IA Standard No. 1 (IAS1) Part 1, v 3.6.

Due to the sensitive nature of the RMADS, a copy of the RMADS is available on request as a commercial protect document.
Incident management type Supplier-defined controls
Incident management approach EU Supply has used RMADS since 2010 to manage OFFICIAL-SENSITIVE information (IMPACT LEVEL 3 certified) by UK HMG, in accordance with CESG and HMG IA Security Policy Framework. Risk Assessment and Risk Management for Risk Profile agreed with HM Treasury CLAS security accreditors in accordance with HMG IA Standard No. 1 (IAS1) Part 1, v 3.6.

Due to the sensitive nature of the RMADS, a copy of the RMADS is available on request as a commercial protect document.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £500 per unit per year
Discount for educational organisations No
Free trial available Yes
Description of free trial Demo training environment and the full live production environment for 1 month.

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑