Kaiasm Demand Engine
We give our clients the ability to radically align their proposition with the demand in their market/information space, satisfying users and growing market share in the process.
It drives competition analysis, buying/content strategy, supplier analysis, range/category/information extension, PIM, online product filtering, extended conversion rate optimisation, on-site search and information architecture.
Features
- Remote access
- Browser based
- Visualised insight
- Action lists - and action-forwarding
- Mapping large scale demand data to services and products
- Performance reporting for continuous alignment to demand
- Information architecture creation and transition
- Onsite search capability enhancement (Endeca, Funnelback, Solr etc)
- Easy integrations with client systems e.g. project management, chat, analytics
- Organic search performance management
Benefits
- Shifting operational focus from supply-led to demand-led
- Prioritisation operational tasks towards greatest value
- Seeing the whole market/information space in one view
- Insight to inform product or information range-extension
- Supporting your clients in finding what you offer
- Aligning internal culture to external demand
- Clear and simple visualisation without losing valuable information
Pricing
£50,000 to £1,125,000 a unit
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 11
Service ID
6 6 2 5 9 3 3 2 5 0 1 9 2 7 1
Contact
KAIASM LTD
Liam McGee
Telephone: 0330 223 1164
Email: info@kaiasm.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
-
Analytics e.g.: Google Analytics; Adobe Analytics.
On-site search technologies e.g.: Solr; Endeca; Funnelback; ElasticSearch; Algolia; Fredhopper; Attraqt.
Agile project management e.g.: Jira; Trello; Github; Zenhub.
Internal services and products - Cloud deployment model
-
- Public cloud
- Private cloud
- Hybrid cloud
- Service constraints
- None.
- System requirements
- None
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
4 Hour response time to emails
9:00-17:00 Mon-Fri
Excluding weekends and public holidays
faster response by separate negotiation - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
We are with our clients for the long game. Our support aims to partner with the client to remove any organisational, operational, technical and even financial obstacles from the path of the project. Implementation support is included within the project cost, with further support levels available (and costed) on a case by case basis.
We provide a technical account manager as part of the service. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Onsite training
Blended learning
User documentation
Help-as-you-work via tooltips and keys
SCORM-compliant training modules via moodle or integrated into client's own training system. - Service documentation
- Yes
- Documentation formats
- HTML
- End-of-contract data extraction
-
Via download through the user interface.
For the client's convenience, this may be accomplished for a period after the contract ends via a support request. - End-of-contract process
-
The service is suspended and the client can download their data.
Support of ingestion into other systems is available at extra cost - for example, if a particular schema is required.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Firefox
- Chrome
- Safari 9+
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Visualisations are smaller, and the layout changes, but all functionality is in place.
- Service interface
- No
- API
- Yes
- What users can and can't do using the API
- We provide a read API for most aspects of the service. Bulk writes would be done via a support request.
- API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
Customisation: every view can be customised via filters, reorders and data cuts. Most aspects of the visualisation (labels, number of nodes shown) are also custom options
Bespoking: the tool is often bespoked to the particular needs of large clients.
Scaling
- Independence of resources
-
Each client gets their own instance or set of instances within AWS.
We also give uptime guarantees within our SLA for our digital tools (see 'guaranteed availability' below.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Implementation quality
Implementation extent
Search visibility
Demand Alignment ratio
Google Analytics (sessions, visitors, pageviews etc.)
Actions (sent via email or via a project management tool integration) - Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- Less than once a year
- Penetration testing approach
- In-house
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Via the web application.
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- Freemind mm
- Treejack compliant csv
- Neo4j data dump
- Excel xlsx
- Mongo data dump
- RDF
- JSON
- XML
- Anything else requested, within reason e.g. OWL, SKOS
- Data import formats
-
- CSV
- ODF
- Other
- Other data import formats
- We'll take anything digital.
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection between networks
- IP whitelist
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection within supplier network
- IP whitelist
Availability and resilience
- Guaranteed availability
-
# Uptime
Uptime of covered services is guaranteed to a certain percentage of time within UK office hours, which is 9am-5pm Mon-Fri excluding bank holidays (the services will normally also be available outside these hours). The level of guaranteed uptime depends on the priority level of the service:
Priority level Guaranteed uptime
1 99.9%
2 99%
3 98%
Uptime is calculated to the nearest minute, based on the number of minutes in the given month within the scope of the SLA. If uptime for any item drops below the relevant threshold, a penalty will be applied in the form of a credit for the client.
The level of penalty will be calculated depending on the number of hours for which the service was unavailable, minus the downtime permitted by the SLA:
Priority level Penalty per hour (Pro-rated to nearest minute)
1 5% of monthly charge for covered service
2 2% of monthly charge for covered service
3 1% of monthly charge for covered service
Uptime penalties in any month are capped at 100% of the total monthly fee of the covered service
Uptime measurements exclude periods of routine maintenance. These must be agreed between the supplier and client in advance. - Approach to resilience
- Available on request.
- Outage reporting
- Configurable email alert.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
-
Management interfaces:
- User roles
- Username/password
- IP address whitelisting
Admin interfaces and access
- Private Key
- 2-factor authentication - Access restriction testing frequency
- At least once a year
- Management access authentication
-
- Username or password
- Other
- Description of management access authentication
- IP range limiting
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- We comply with those aspects of ISO/IEC 27001 we deem applicable to our type and size of company and service. We do not hold sensitive or personally identifiable data, and where non-commercial would normally be appropriate for open realease, so the security hazards are comparatively low.
- Information security policies and processes
-
We have policies processes and reporting based on those parts of ISO27001 appopriate to our size and type of business, together with UK Cyber Essentials. We use an Assets, Threats and Vulnerabilities risk model.
Scope:
We hold information in electronic media (databases, files in PDF, Word, Excel, and other formats), and on paper either as printed materials or handwritten notes. We hold it on behalf of employees, clients, suppliers and partners, and we provide various elements of it as appropriate and reasonable to shareholders, our country’s government agencies and regulators, the media, and the local community.
Our information systems include systems and data attached to our data or telephone networks, systems managed by us, mobile devices used to connect to our networks or hold our data, data over which we hold the intellectual property rights, data over which we are the data controller or data processor, and communications sent from or to us.
Information security policies (available on request):
- Classification
- Backups
- Access Control
- Passwords
- Cryptographic controls
- Disaster recovery
- BYOD and Work from Home
Cyber security policies (available on request):
- Authentication
- Anti malware
- Install/Update
- Firewalls
- Removable storage
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Available on request.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
We use an assets/threats/vulnerabilities model. Resisters of these are available on request.
Update/Patch policy: Devices, apps and software are patched as soon as possible after an update or patch is released. We may defer to end of working day, but then let it update. Operating systems, programs, phones and apps should all be set to ‘automatically update’ wherever this is an option. Any software or hardware which is no longer supported must be reviewed by IT for safety.
Information about potential threats gleaned from OWASP Threat Agent content, the Intel Threat Agent Library (TAL) and Threat Agent Risk Assessment (TARA). - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
For logging and alerting, we are aiming to meet the GPG-13 baseline control set: PMC1, PMC4, PMC7, PMC9, PMC10, PMC1, PMC12.
Identification also via network intrusion and prevention tools (e.g. snort)
Response alerts senior sysadmin and Head of Research to a compromise, with third party assistance (e.g. via AWS) brought in as necessary.
Response to incidents is ASAP (best efforts) for high priority systems,
1 hour (working hours) for low priority systems. - Incident management type
- Supplier-defined controls
- Incident management approach
-
We have processes for common events (e.g. port probes) and rare events (denial of service attacks).
Users report inicidents via standard support channels.
Incident reports provided via issue management system (github)
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £50,000 to £1,125,000 a unit
- Discount for educational organisations
- Yes
- Free trial available
- No