XMA Limited

XMA Meeting Platform

The Meeting Platform is the latest advance in Cloud video meeting services, and with a simple to use portal and intelligent functionalities, it gives your organisation an impressive financial saving and competitive advantage.


  • User directory
  • Device directory
  • One button invite
  • Meeting analytics
  • HD audio and video
  • Wireless content and sharing
  • 20 participants allowed at any time
  • In call group chat
  • Instant one click message
  • Scheduled meetings


  • Increased ROI for all existing audio and video conferencing systems
  • Includes audio and web conferencing capability
  • Support for all formats of video conferencing devices
  • Secure connections from and to services such as Skype
  • Wireless content sharing including presentations
  • Ability to securely connect with multiple locations
  • Simple to use platform


£19.00 per user per month

Service documents

G-Cloud 9


XMA Limited

Nancy Clayton-Schofield

0115 846 4000


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Maintenance windows will adhere to the existing change management process within a 10 business day notification period. Emergency changes are managed as one off scenarios and each organisation will be notified by email in advance. Where possible maintenance will take place outside of core business hours.
System requirements
  • Compatible browser
  • Cmpatible OS
  • Audio and video enabled system

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Our average response time is 2 business hours.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Our support team is available for any complex queries that cannot be resolved by our helpdesk. Staff are fully trained engineers.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Orders are passed to our logistics team who arrange for the following:
Consultation to specify the use of the service for the customer
Deployment options
Organisation administration details
Individual user and device details
Theme colours branding and logos
Date of activation
Training delivery (where required)
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction There is no data that is extracted as part of the service
End-of-contract process 90 days prior to the end of service our customer service team contact the customer to inform them of termination date and any options to extend.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
  • Other
Designed for use on mobile devices Yes
Differences between the mobile and desktop service We provide the same level of functionality for mobile and desktop services
Accessibility standards None or don’t know
Description of accessibility The service is accessed from web browsers via a desktop or mobile device.
Accessibility testing Not applicable
Customisation available No


Independence of resources The services will not be affected by other users or capacity. We manage all capacity planning through ISO 27001 policies


Service usage metrics Yes
Metrics types We can provide a choice of service metrics generated as a report from our data or from the customer portal administrator interface
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Reseller providing extra support
Organisation whose services are being resold Questmark

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Our service desk can provide data on usage if required
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability 99.9% up time
Approach to resilience Available upon request
Outage reporting Email alerts
Tailored reporting dashboards

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Management interfaces have restricted access through our engineers. All data or customer information is subject to ISO 27001 policies
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Other

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 ACS registrars IMS UK/01/0138992653
ISO/IEC 27001 accreditation date 9/5/2013
What the ISO/IEC 27001 doesn’t cover Not applicable
ISO 28000:2007 certification Yes
Who accredited the ISO 28000:2007 CSA Star
ISO 28000:2007 accreditation date 27/1/2017
What the ISO 28000:2007 doesn’t cover Not applicable
CSA STAR certification Yes
CSA STAR accreditation date 27/1/2017
CSA STAR certification level Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover Not applicable
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We have a fully implemented, audited and certified Information Security Management System that complies to ISO 27001. All process management and policies are governed via the ISMS

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Our configuration and change management process is managed via ISO 27001 policies. We are also registered with the Cloud Security Alliance
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Our vulnerability management approach is managed via ISO 27001 policies. We are also registered with the Cloud Security Alliance
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach We deploy a protective monitoring solution governed by ISO 27001 policies. We are also registered with the Cloud Security Alliance
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach We manage incident management through ISO 27001 policies. We are also registered with the Cloud Security Alliance

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks Public Services Network (PSN)


Price £19.00 per user per month
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑