Agilisys Ltd

Agilisys Digital - MyAccount

Agilisys Digital is a customer experience platform enabling single-sign on MyAccount for citizens and CRM lite for officers, enabling channel-shift to deliver savings and seamless self-service across all digital channels. A low-risk, easy-to-implement, scalable platform encompassing all key council/public-sector transactional services with specific packages applicable to all public sector types.


  • ‘Next-generation CRM’ platform; avoiding CRM management and maintenance cost.
  • One integrated MyAccount solution for all services and channels.
  • Customer Golden-record/master data management and cleansing across all channels.
  • Customer insight: data gathered across all channels without integration.
  • Identity verification/authentication by using data from different integrated services.
  • Full range of out-of-the-box digital council services/web-behaviour toolkit.
  • Platform re-uses common data (e.g. pre-populated name and address).
  • ‘One-and-done’ secure pin-free service registration.
  • Federated ID management/single-sign-on enabling councils to leverage existing investments.
  • True end-to-end officer-free self-service through use of business rules/integration.


  • Increased channel-shift via single customer username/password accessing all digital-services.
  • Rapid deployment model for quick benefit realisation/ROI.
  • Removes manual data handling and re-keying, allowing value-add activity focus.
  • Free full back-office integration included, no hidden extras.
  • Website behaviour change toolkit including personalisation, Amazon-style recommendations, webchat.
  • Platform lifecycle Cost certainty (e.g. UI/UX, API and legislative changes).
  • New roadmap modules added every year (2017/18: single-view-of-debt, insight).
  • Transference of majority of technical risk (including free integration).
  • Removal of legacy systems, e.g. the CRM.
  • Low training costs for new CSO’s.


£25000.00 per licence per year

Service documents

G-Cloud 9


Agilisys Ltd

Darren London

07702 367779

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Community cloud
Service constraints Agilisys Digital is available based on 24/7/365 but with necessary planned maintenance. Our update service runs on a four-week cycle which will ensure that all the latest Critical and Security patches are tested before being installed on Production systems. The phase breakdown is as follows: Phase-1 Iaas Cloud Management Servers, Phase-2 Client Dev, Test and Train Servers, Phase-3 Client Pre-Production Servers, Phase-4 Client Production Servers.

Patches are scheduled to automatically download/install between 08:00 and 12:00 on a Saturday morning dependent upon the phase schedule. Five working-day’s notice is provided for scheduled maintenance, 24 hours for emergency maintenance.
System requirements
  • Agilisys digital requires a modern browser to be accessed.
  • We support all major browsers, current version minus two.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Agilisys provide third line support during normal service hours of 9am – 5pm, Monday to Friday, excluding bank holidays ("Normal Service Hours"). Responses are based on severity:
P1 - 1 hour first response
P2 - 4 hour first response
P3 - 12 hour first response
P4 - 24 hour first response
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels Agilisys provide third line support during normal service hours of 9am – 5pm, Monday to Friday, excluding bank holidays ("Normal Service Hours"). Responses are based on severity:
P1 - 1 hour first response - 1 working day resolution
P2 - 4 hour first response - 3 working days resolution
P3 - 12 hour first response - next release resolution
P4 - 24 hour first response - resolution prioritised on roadmap
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The process of on-boarding and off-boarding will be separately costed and agreed with the Council as part of the contract process based on modules purchased and level of complexity.
On-boarding can be delivered as quickly as a month, but typically takes 3 months to get up and running. Off-board typically takes 1 month, and includes the provision of a copy of all data stored within the Agilisys Digital platform at a price agreed at the time of off-boarding. Further detail of both is provided within our service definition.
In support of on-boarding and off-boarding, Agilisys can offer the following services:
• Channel migration and behavioural change
• Infrastructure design and implementation (including security)
• Project Management
• Change Management
• Business Process Re-engineering
• Implementation (covering design, build, testing and training)
• Deployment
• Hosting
• First line support
• Second line support
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction In the event that the customer should want to exit from this agreement, the following migration options will be available:
• The return of all stored & generated data and/or a list of the data available for extraction
• A price for the extraction of data or migration to another service
• Confirmation that Agilisys will destroy consumer data held from all computers, storage devices and storage media that are retained by Agilisys
• Any other specific charges that are applicable will be identified and agreed in line with rates published in our pricing
End-of-contract process After receipt of a notice of termination, Agilisys would deliver a draft Exit Plan which sets out Agilisys’ proposed methodology for achieving an orderly transition of Services from us to the Council and / or replacement supplier. The exit plan will contain:
• A named dedicated exit manager
• Documentation on how the Services will transfer to the Replacement Supplier and/or the Council, including details of the processes, documentation, data transfer, systems migration, security and the segregation of the Council's technology components from the technology components operated by Agilisys
• The return of all stored & generated data and/or a list of the data available for extraction
• A price for the extraction of data or migration to another service
• Confirmation that Agilisys will destroy consumer data held from all computers, storage devices and storage media that are retained by Agilisys
• Specific Charges that are applicable
• Provide a timetable and identify risks for the exit.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service There is no difference between Agilisys Digital on either mobile and desktop, as our solution is fully responsive and renders to suit any mobile, tablet or desktop device.
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing We test all elements of the platform internally to the standards set out as WCAG 2.0 AA compliant.
What users can and can't do using the API Agilisys Digital is an extensible platform that is agnostic to, but also fully integrated with your ICT estate, designed for citizens, businesses and visitors and enabling true seamless self-service across all channels.
The platform is made up of several components, one of which is acting as a front end to provide on-line forms with built in business rules, pre-validating and handling transfer of data from the citizen through to back office systems to avoid re-keying of data.
Another core component is our ‘connector catalogue’, which enables the platform to be integrated directly to back office systems. We have already integrated to a range of different back office systems, the list for which is always growing.
Alternatively, we can integrate using our Federated Identity Module via Single-Sign On (SSO). SSO uses is based on OpenID or OAuth and uses SAML to pass data securely through to third parties.
Agilisys Digital also has a list of RESTful APIs to enable third parties to integrate via the platform into the connector and then into the relevant back office. The connector catalogue of APIs therefore links the platform to back office APIs.
Further information can be found in our service definition.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The customer may customise the Agilisys Digital platform in determining which modules are included within the platform as well as which back offices or third parties to integrate with or single sign-on to.

The platform includes a comprehensive set of business rules, which enable automation of tasks usually completed by officers. We accommodate flexibility in individual authority business processes by means of a Configuration engine which allows specific variations in these business rules, as well as help pages and supporting text.

The look and feel is also customised to fit within the customer's website, as platforms “shell” is taken from the main website Content Management System.


Independence of resources The architecture of Agilisys Digital is fully scalable and extensible.
To enable us to be confident that our solution will have no impact on performance, we have a componentised, multi layered, domain orientated architecture. Future flexibility, scalability and extensibility is at the heart of the architecture, and as such the solution has been designed to be highly scalable with an n-Tier architecture meaning significant digital adoption does not become an issue.


Service usage metrics Yes
Metrics types AD Insight offers a range of metrics and reports which can be used to highlight the use of the platform by customers and officers alike. The different dashboards currently available are:
Self Service – Offers an overview of self-service activity within a specific time frame and across a specified geographic location.
Customer Service - Provides a better understanding of agent activity and productivity over time, as well as a deeper understanding of the service areas and activities agents are facilitating citizens to complete. This can also be provided on a module by module basis.
Reporting types Real-time dashboards


Supplier type Reseller providing extra features and support
Organisation whose services are being resold TeamNetSol, BBITs, Zipporah, GOSS

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency Less than once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process No
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Data can be exported from the platform via Agilisys third line support, which will be priced based on the level of data required to be extracted or migrated to another service.
Data export formats
  • CSV
  • Other
Other data export formats Database back ups
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks IPsec or TLS VPN gateway
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Agilisys provide third line support during normal service hours of 9am – 5pm, Monday to Friday, excluding bank holidays ("Normal Service Hours"). Responses are based on severity:
P1 - 1 hour first response - 1 working day resolution
P2 - 4 hour first response - 3 working days resolution
P3 - 12 hour first response - next release resolution
P4 - 24 hour first response - resolution prioritised on roadmap
Agilisys Digital is hosted by Agilisys Cloud Services:
• Hosting: Availability of the service is 99.99%
• Availability refers to an access point on our cloud provider's backbone network. It does not apply to the portion of the circuit that does not transit the hosting provider's backbone network, as the contracting authority will be responsible for its own internet access, links, VPN etc.
• Downtime for is excluded from the calculation of Availability.
• This service provides a standard service level of 8 hours RTO (recovery time objective in which to restore service after a disaster) and 24 hours RPO (recovery point objective) though we will use all reasonable endeavours to recover to a point earlier than this.
Approach to resilience All data hosted by Agilisys or on behalf of Agilisys, including System data/databases, are backed up. Backups are stored off-site in a secure vault facility on tape for a period of up to 12 weeks for daily backup on a rolling basis, utilising industry standard backup application. In addition, Agilisys back up and retain for a period of three years, monthly backups for all database servers and can retrieve archived material and restore required files and data sets at the Council’s reasonable request within 48 hours.
All Agilisys data centres meet stringent industry standards and are designed within a multi-tiered approach to business continuity and disaster recovery. Primary data centres are geographically dispersed and connected via a highly resilient “ring” network topology through diverse network paths. Each data centre also houses identical core infrastructure to ensure access to service remains uninterrupted in the event of component, system or even entire datacentre failures. This provides primary and secondary access to services within a secure, robust environment for Agilisys and its customers. The data centre network is connected in a ring topology to ensure that the failure of any one data centre or network connection will not isolate any other facility.
Outage reporting Agilisys have a corporate approach to Business Continuity and disaster recovery. This details the key stakeholders, suppliers involved in all supply chain activities, support arrangements and contract information, including our off-site data storage service.
The Agilisys service delivery architecture and core infrastructure allows our clients to transparently connect to any Agilisys data centre for purposes of business continuity or disaster recovery.
This service provides a standard service level of 8 hours RTO (recovery time objective) and 24 hour RPO (recovery point objective), though we will use all reasonable endeavours to recover to a point earlier than this. We can tailor this to meet specific requirements which will be subject to a revision of contractual terms.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Management interfaces can only be accessed by designated super-users, who are appointed by the customer. Super-users have their own user and password to log in to this function.
Access restriction testing frequency At least once a year
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 SGS UK – UKAS accredited certification body
ISO/IEC 27001 accreditation date 24/03/2017
What the ISO/IEC 27001 doesn’t cover Our ISO 27001 certificate includes provision of services from Agilisys IaaS platform and Agilisys service centre. Following dependent processes are also audited as part of our ISO27001 certificate:
o COLT Data centre (ISO27001 certified)
o Physical and environment security of Agilisys London offices and Hafley court office
o Human resources security
o Supplier relationship
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes The Agilisys Digital platform is hosted an in IL2 compliant infrastructure using industry standard SSL (HTTPS); therefore, all the communication between the web browser and the server is encrypted and nothing is sent as ‘clear text’. Also the “no-cache” directives are passed to the web browsers by the server to disable the Council side caching of the portal pages. Data in transit over public or otherwise untrusted networks is appropriately encrypted (e.g., TLS, SSL, HTTPS, SFT, IPSec as appropriate) using protocols and products that are FIPS 140-2 compliant. For additional security, the Agilisys Digital Platform also logs out the user if there has been no activity for 15 minutes (configurable setting) and redirects the web browser to the log in screen.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All change requests (CRs) will be requested via the Agilisys Service desk or allocated Project Manager. All CRs will be recorded in the Service Desk tool with unique identity number / code with details like the start date, expected completion date, estimated hours, CR type, priority. The full mapped process can be found in our service definition.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Our three-tier infrastructure architecture provides protection against unauthorised access and malicious attack by isolating systems and groups of systems in security and functional zones and strictly controlling network communication between the various zones.
All components of the infrastructure will be monitored for signs of malicious attack, and event logs will be regularly reviewed for signs of suspicious behaviour. When incidents are detected, Agilisys will manage the incidents according to incident management procedures following industry best practices, taking into account the nature of systems and information affected by the incident.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Agilisys Digital uses a monitoring utility errors to be proactively corrected before they become an issue. This ensures that support teams can work to investigate problems before they are reported by the end user. In addition, our cloud infrastructure is managed by a 24x7 operations team, proactively monitoring the infrastructure, network and all services, with a supporting second data centre in the unlikely case of a service failure.
Incident management type Supplier-defined controls
Incident management approach The Agilisys Service Desk utilises an ITIL v3 aligned process set that integrates event management and Incident Management to maximise the availability of the environments. We process contacts via multiple access methods including telephony/web/email/self-service media.
We operate a global 24/7 Operations Centre, based in Rochdale and Mumbai, which provides complete monitoring ensuring infrastructure availability and performance is maintained. The monitoring solution used by Agilisys provides advanced features and alerting mechanisms on configured thresholds e.g.:
• System availability
• Network interface utilisation
• WAN utilisation
• Security log monitoring

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £25000.00 per licence per year
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑