WSP UK Limited


Through the power of interactive maps, Lattice transforms intangible data into valuable insights. Lattice's digital technology facilitates collaborative decision making, providing organisations with efficient technology driven results. Manage and analyse geospatial data in industries as varied as transport, environment and education.


  • Interactive maps
  • Model visualisation
  • User Management
  • Collaborative data manipulation
  • Data Analysis and Insight


  • Collaborative map based data exchange
  • Efficient decision making
  • Simplified data interrogation
  • Comprehensive visual data analysis
  • Machine Learning Capabilities


£5000 per licence per year

Service documents

G-Cloud 11


WSP UK Limited

Andrew Porter

0161 200 5000

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Buyers are advised of planned maintenance and WSP endeavours to perform this process outside of core business hours.
Buyers are required to access the system using supported browsers from Microsoft, Google, Apple or Mozilla.
System requirements Supported web browser from Microsoft, Google, Apple or Mozilla

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times Support is available 9:00am to 5:00pm on UK business days. Low severity: System bug or issue that has little to no impact for the end user. This includes cosmetic changes, content updates and requests to change existing system functionality. response time within 5 business days. Medium severity: System bug or issue that has an impact on a small number of end users. Response time within 2 business days. High severity: System bug or issue has a significant impact on system usage for the majority of end users. Response time within 1 business day.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support No
Web chat support No
Onsite support No
Support levels WSP will provide level 2 support where:
• Cosmetic and low level usage issues that don’t affect major
application functionality. Partial, non-critical loss of functionality to
the application:
• Cosmetic issues, including images not loading
• Errors in documentation
• Impaired operations of some components, but users can continue
using the application
• Initial milestones are at minimal risk

Level 3 support
WSP will provide level 3 support where :
• Major functionality is severely impacted, production environment or
other critical system(s) are down and no workaround is immediately
• Operations can continue in a restricted fashion, although long term
productivity may be adversely affected
• Elements of report data may unavailable
• A major milestone is at risk. Ongoing and incremental updates are
• The system is down or unavailable
• A potential compromise of security or data protection
• A substantial loss of service or quality of service
• Business operations have been severely disrupted
• Core application functionality has been severely disrupted

A named technical account manager or cloud support engineer may be provided on request at an additional cost.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started WSP provide online documentation.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction Customer data that has been hosted by WSP will be returned electronically via a secure method.
End-of-contract process Customer data that has been hosted by WSP will be returned to the customer electronically via a secure method. If this data is sent to a third-party an additional fee may be charged.

WSP will delete personal data after the end of services, or on expiry of a contract or agreement, unless it's necessary to retain the data by law.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices No
Customisation available No


Independence of resources Containerised architecture of Lattice provides enhanced support for service users. Distributed applications and micro-services are more easily isolated, deployed, and scaled.


Service usage metrics Yes
Metrics types Metrics focus on Service/System Availability, Reliability (Mean Time Between Failure and Mean Time To Repair), Response Time and User Activity. Additional metrics may be available upon Request.
Reporting types Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Other
Other data at rest protection approach Our protection of data at rest is through hardware encryption and endpoint firewall management systems. This is in addition to a rigorous access management policy that has been implemented around the perimeter of our infrastructure.
Data sanitisation process No
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Data may be exported in .csv format on request.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability WSP will endeavour to ensure that the Lattice software is available 99% of the time, excluding any periods of scheduled maintenance*. *During UK business hours, excluding weekends, unless otherwise stated. 97% – 98.899%% service availability: 10% monthly fee credited in support hours Less than 97% service ability: 20% monthly fee credited in support hours
Approach to resilience Lattice is centrally managed, serving users the correct level of access for their role. Lattice incorporates up-to-date and regularly patched software Audit logs are regularly monitored and any suspicious activity investigated. Compliance with the GDPR guidelines for data handling, data processing, and industry standards for security management,
Outage reporting Service outages are reported by email alert.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Users need to be properly authenticated before being permitted to perform management activities, report faults or request changes to the service.
Authentication is handled by a Third Party provider
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Bureau Veritas Certification
ISO/IEC 27001 accreditation date 16/07/2013
What the ISO/IEC 27001 doesn’t cover The certificate applies to the secure provision of IT services to all WSP sites in the UK.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards WSP UK Ltd are ISO/IEC 27001 compliant. The Lattice team are in the process of gaining accreditation.
Information security policies and processes WSP UK Ltd is committed to ensuring that the confidentiality, integrity, and availability of all our systems and employees awareness of their responsibilities are maintained at an appropriate level. Every member of staff is responsible for reading the WSP Information Security Policy and ensuring that its provisions are carried out.

A management framework has been established to initiate and control the implementation of information security within the Company. A corporate Information Security Review Forum (ISRF) was therefore created, with members drawn from IT, Audit, HR and the major divisions of the Company.

WSP standards and procedures are continually developed to ensure compliance with current legislation and industry standards.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Technology and process changes are approved and prioritised by the Development team before work commences. For each change, WSP perform an impact analysis on the IT environment and an assessment of security risks. Affected stakeholders are notified of significant changes and any action required on their part.

Changes are subject to testing and QA cycles prior to deployment to a production environment. All code changes require strict guidelines for initiation, development, testing and approval.

Lattice documentation and configuration management systems are updated to reflect its current state and configuration. Information is maintained in accordance with security and privacy guidelines.
Vulnerability management type Undisclosed
Vulnerability management approach Our infrastructure is secured using cloud services and data is encrypted at rest and in transit with Authentication, Auditing and Access Controls. Data cleansing and psuedoanonymisation is conducted where required. External tools are used to scan infrastucuture and applications regularly for vulnerabilities, including developer commits. We use error tracing services against live websites to proactively check against security issues and errors, monitoring live feeds for suppliers, all underpinned by appropriate alerting in real-time. When a vulnerability is found, we register it as a P1 and promptly develop and release a fix as a matter of urgency.
Protective monitoring type Undisclosed
Protective monitoring approach . Inbuilt monitoring and logging for the entire platform, providing visibility and an understanding of who is accessing our system in real-time.

. Proactive alerting and monitoring systems provides root cause analysis.

. Adherence to KPIs for security and up-time - alerts are triggered when performance is outside of baseline

. WSP team identify resources and respond according to agreed SLAs
Incident management type Undisclosed
Incident management approach The Incident Management process for Lattice describes the activities that take place to resolve incidents within the service management web portal. Interactions which are determined to be anything other than an incident are outside the scope of this process.

An incident is reported to the service management web portal, a reference number assigned and the issue is then triaged by the support team. It is then categorised and prioritised according to agreed SLAs .

Incident reports are provided by email.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £5000 per licence per year
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Terms and conditions pdf document: Modern Slavery statement
Service documents
Return to top ↑