Through the power of interactive maps, Lattice transforms intangible data into valuable insights. Lattice's digital technology facilitates collaborative decision making, providing organisations with efficient technology driven results. Manage and analyse geospatial data in industries as varied as transport, environment and education.
- Interactive maps
- Model visualisation
- User Management
- Collaborative data manipulation
- Data Analysis and Insight
- Collaborative map based data exchange
- Efficient decision making
- Simplified data interrogation
- Comprehensive visual data analysis
- Machine Learning Capabilities
£5000 per licence per year
WSP UK Limited
0161 200 5000
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
Buyers are advised of planned maintenance and WSP endeavours to perform this process outside of core business hours.
Buyers are required to access the system using supported browsers from Microsoft, Google, Apple or Mozilla.
|System requirements||Supported web browser from Microsoft, Google, Apple or Mozilla|
|Email or online ticketing support||Yes, at extra cost|
|Support response times||Support is available 9:00am to 5:00pm on UK business days. Low severity: System bug or issue that has little to no impact for the end user. This includes cosmetic changes, content updates and requests to change existing system functionality. response time within 5 business days. Medium severity: System bug or issue that has an impact on a small number of end users. Response time within 2 business days. High severity: System bug or issue has a significant impact on system usage for the majority of end users. Response time within 1 business day.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Web chat support||No|
WSP will provide level 2 support where:
• Cosmetic and low level usage issues that don’t affect major
application functionality. Partial, non-critical loss of functionality to
• Cosmetic issues, including images not loading
• Errors in documentation
• Impaired operations of some components, but users can continue
using the application
• Initial milestones are at minimal risk
Level 3 support
WSP will provide level 3 support where :
• Major functionality is severely impacted, production environment or
other critical system(s) are down and no workaround is immediately
• Operations can continue in a restricted fashion, although long term
productivity may be adversely affected
• Elements of report data may unavailable
• A major milestone is at risk. Ongoing and incremental updates are
• The system is down or unavailable
• A potential compromise of security or data protection
• A substantial loss of service or quality of service
• Business operations have been severely disrupted
• Core application functionality has been severely disrupted
A named technical account manager or cloud support engineer may be provided on request at an additional cost.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||WSP provide online documentation.|
|End-of-contract data extraction||Customer data that has been hosted by WSP will be returned electronically via a secure method.|
Customer data that has been hosted by WSP will be returned to the customer electronically via a secure method. If this data is sent to a third-party an additional fee may be charged.
WSP will delete personal data after the end of services, or on expiry of a contract or agreement, unless it's necessary to retain the data by law.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||No|
|Independence of resources||Containerised architecture of Lattice provides enhanced support for service users. Distributed applications and micro-services are more easily isolated, deployed, and scaled.|
|Service usage metrics||Yes|
|Metrics types||Metrics focus on Service/System Availability, Reliability (Mean Time Between Failure and Mean Time To Repair), Response Time and User Activity. Additional metrics may be available upon Request.|
|Reporting types||Reports on request|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||Other|
|Other data at rest protection approach||Our protection of data at rest is through hardware encryption and endpoint firewall management systems. This is in addition to a rigorous access management policy that has been implemented around the perimeter of our infrastructure.|
|Data sanitisation process||No|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||Data may be exported in .csv format on request.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||WSP will endeavour to ensure that the Lattice software is available 99% of the time, excluding any periods of scheduled maintenance*. *During UK business hours, excluding weekends, unless otherwise stated. 97% – 98.899%% service availability: 10% monthly fee credited in support hours Less than 97% service ability: 20% monthly fee credited in support hours|
|Approach to resilience||Lattice is centrally managed, serving users the correct level of access for their role. Lattice incorporates up-to-date and regularly patched software Audit logs are regularly monitored and any suspicious activity investigated. Compliance with the GDPR guidelines for data handling, data processing, and industry standards for security management,|
|Outage reporting||Service outages are reported by email alert.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||
Users need to be properly authenticated before being permitted to perform management activities, report faults or request changes to the service.
Authentication is handled by a Third Party provider
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||Bureau Veritas Certification|
|ISO/IEC 27001 accreditation date||16/07/2013|
|What the ISO/IEC 27001 doesn’t cover||The certificate applies to the secure provision of IT services to all WSP sites in the UK.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||WSP UK Ltd are ISO/IEC 27001 compliant. The Lattice team are in the process of gaining accreditation.|
|Information security policies and processes||
WSP UK Ltd is committed to ensuring that the confidentiality, integrity, and availability of all our systems and employees awareness of their responsibilities are maintained at an appropriate level. Every member of staff is responsible for reading the WSP Information Security Policy and ensuring that its provisions are carried out.
A management framework has been established to initiate and control the implementation of information security within the Company. A corporate Information Security Review Forum (ISRF) was therefore created, with members drawn from IT, Audit, HR and the major divisions of the Company.
WSP standards and procedures are continually developed to ensure compliance with current legislation and industry standards.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Technology and process changes are approved and prioritised by the Development team before work commences. For each change, WSP perform an impact analysis on the IT environment and an assessment of security risks. Affected stakeholders are notified of significant changes and any action required on their part.
Changes are subject to testing and QA cycles prior to deployment to a production environment. All code changes require strict guidelines for initiation, development, testing and approval.
Lattice documentation and configuration management systems are updated to reflect its current state and configuration. Information is maintained in accordance with security and privacy guidelines.
|Vulnerability management type||Undisclosed|
|Vulnerability management approach||Our infrastructure is secured using cloud services and data is encrypted at rest and in transit with Authentication, Auditing and Access Controls. Data cleansing and psuedoanonymisation is conducted where required. External tools are used to scan infrastucuture and applications regularly for vulnerabilities, including developer commits. We use error tracing services against live websites to proactively check against security issues and errors, monitoring live feeds for suppliers, all underpinned by appropriate alerting in real-time. When a vulnerability is found, we register it as a P1 and promptly develop and release a fix as a matter of urgency.|
|Protective monitoring type||Undisclosed|
|Protective monitoring approach||
. Inbuilt monitoring and logging for the entire platform, providing visibility and an understanding of who is accessing our system in real-time.
. Proactive alerting and monitoring systems provides root cause analysis.
. Adherence to KPIs for security and up-time - alerts are triggered when performance is outside of baseline
. WSP team identify resources and respond according to agreed SLAs
|Incident management type||Undisclosed|
|Incident management approach||
The Incident Management process for Lattice describes the activities that take place to resolve incidents within the service management web portal. Interactions which are determined to be anything other than an incident are outside the scope of this process.
An incident is reported to the service management web portal, a reference number assigned and the issue is then triaged by the support team. It is then categorised and prioritised according to agreed SLAs .
Incident reports are provided by email.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£5000 per licence per year|
|Discount for educational organisations||No|
|Free trial available||No|