House-on-the-Hill Software Ltd

SupportDesk Freedom of Information

SupportDesk Freedom of Information provides organisations with a scalable tool to enable the efficient, paperless processing of FOI Requests, and tracking of exemptions and outcomes. With MOJ recommended templates built-in as standard, SupportDesk FOI helps you to ensure compliance with government legislation in a streamlined process.

Features

  • Customer Self-Service Portal for logging FOI requests
  • Alerts to ensure adherence to government timescales
  • Send Automatic Emails to enquirer and FOI Helpdesk
  • Quick Calls templates for speedy submission of routine requests
  • Form Designer to customise specifically designed web-based FOI Request Forms
  • Customisable Dashboards for quick links and summaries
  • Managers can analyse performance metrics with the KPI Monitor
  • Easy to use reporting tool
  • MOJ recommended templates built-in as standard
  • Receive automatic warnings when an FOI request approaches a deadline

Benefits

  • Proactively manage all FOI requests, tracking exemptions and outcomes
  • Ensure compliance with government legislation
  • Easily log all requests in a streamlined paperless process
  • Keep end users in the loop with automatic email updates
  • Easily assess staff workloads
  • Make it yours with extensive personalisation capabilities
  • Quickly access summaries of EIR requests and DP requests
  • Give customers immediate access to Frequently Asked Questions
  • Mandatory fields and pre-configured dropdowns ensure accurate capture of data
  • Automatic recording of actions, emails and corespondence provide full audit

Pricing

£30 per licence per month

  • Minimum contract period: Other
  • Excluding VAT
  • Education pricing available
  • Trial option available

Service documents

G-Cloud 8

690315546755397

House-on-the-Hill Software Ltd

Trudy Broadhead

0161 427 8988

TrudyBroadhead@HOUSEONTHEHILL.COM

Support

Support
Name Content
Support service type
  • Service desk
  • Email
  • Phone
  • Live chat
Support accessible to any third-party suppliers No
Support availability UK Business Hours, 9-5 Monday - Friday except UK Public Holidays
Standard support response times First Response within 2 hours. Followed by priority based assessment. Personal response within 1 day
Incident escalation process available Yes

Open standards

Open standards
Name Content
Open standards supported and documented Yes

Onboarding and offboarding

Onboarding and offboarding
Name Content
Service onboarding process included Yes
Service offboarding process included Yes

Analytics

Analytics
Name Content
Real-time management information available Yes

Cloud features

Cloud features
Name Content
Elastic cloud approach supported No
Guaranteed resources defined Yes
Persistent storage supported Yes

Provisioning

Provisioning
Name Content
Self-service provisioning supported Yes
Service provisioning time 1 day
Service deprovisioning time 1 hour

Open source

Open source
Name Content
Open-source software used and supported No

Code libraries

Code libraries
Name Content
Languages your code libraries are written in
  • C
  • C++
  • C#
  • JavaScript
  • HTML

API access

API access
Name Content
API access available and supported Yes
API type RESTful

Networks and connectivity

Networks and connectivity
Name Content
Networks the service is directly connected to Internet

Access

Access
Name Content
Supported web browsers
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Offline working and syncing supported No
Supported devices
  • PC
  • Mac
  • Smartphone
  • Tablet

Certifications

Certifications
Name Content
Vendor certification(s) ISO27001:2013 certification

Identity standards

Identity standards
Name Content
Identity standards your service uses Windows Authentication

Data storage

Data storage
Name Content
Datacentres adhere to the EU code of conduct for energy-efficient datacentres Yes
User-defined data location No
Datacentre tier TIA-942 Tier 1
Backup, disaster recovery and resilience plan in place Yes
Data extraction/removal plan in place No

Data-in-transit protection

Data-in-transit protection
Name Content
Data protection between user device and service
  • TLS (HTTPS or VPN) version 1.2 or later
  • Legacy SSL or TLS (HTTPS or VPN)
Assured by independent validation of assertion

Asset protection and resilience

Asset protection and resilience
Name Content
Datacentre location
  • UK
  • EU
Assured by contractual commitment
Data management location UK, assured by contractual commitment
Legal jurisdiction of service provider UK, assured by contractual commitment
Datacentre protection Yes, assured by independent validation of assertion
Data-at-rest protection Secure containers, racks or cages
Secure data deletion Other erasure process, assured by independent validation of assertion
Service availability 99.99, assured by contractual commitment

Separation between consumers

Separation between consumers
Name Content
Cloud deployment model Private cloud
Type of consumer No other consumer, assured by independent validation of assertion
Services separation Yes
Services management separation Yes

Governance

Governance
Name Content
Governance framework Yes, assured by independent validation of assertion

Configuration and change management

Configuration and change management
Name Content
Change impact assessment Yes, assured by independent validation of assertion

Vulnerability management

Vulnerability management
Name Content
Vulnerability assessment Yes, assured by independent validation of assertion
Vulnerability monitoring Yes, assured by independent validation of assertion
Vulnerability mitigation prioritisation Yes, assured by independent validation of assertion
Vulnerability tracking Yes, assured by independent validation of assertion
Vulnerability mitigation timescales No

Event monitoring

Event monitoring
Name Content
Event monitoring Yes, assured by independent validation of assertion

Incident management

Incident management
Name Content
Incident management processes Yes, assured by independent validation of assertion
Consumer reporting of security incidents Yes, assured by independent validation of assertion
Security incident definition published No

Personnel security

Personnel security
Name Content
Personnel security checks Employment checks, assured by independent validation of assertion

Secure development

Secure development
Name Content
Secure development Yes, assured by independent validation of assertion
Secure design, coding, testing and deployment Yes, assured by independent validation of assertion
Software configuration management Yes, assured by independent validation of assertion

Supply-chain security

Supply-chain security
Name Content
Visibility of data shared with third-party suppliers Yes, assured by independent validation of assertion
Third-party supplier security requirements Yes, assured by independent validation of assertion
Third-party supplier risk assessment Yes, assured by independent validation of assertion
Third-party supplier compliance monitoring Yes, assured by independent validation of assertion

Authentication of consumers

Authentication of consumers
Name Content
User authentication and access management Yes, assured by independent validation of assertion
User access control through support channels Yes, assured by independent validation of assertion

Separation and access control within management interfaces

Separation and access control within management interfaces
Name Content
User access control within management interfaces Yes, assured by independent validation of assertion
Administrator permissions Yes

Identity and authentication

Identity and authentication
Name Content
Identity and authentication controls Username and strong password/passphrase enforcement, assured by independent testing of implementation

Secure service administration

Secure service administration
Name Content
Service management model Direct service management

Audit information provision to consumers

Audit information provision to consumers
Name Content
Audit information provided None

Secure use of the service by the customer

Secure use of the service by the customer
Name Content
Device access method Corporate/enterprise devices
Training Yes
Return to top ↑