Self-Service Automated Guidance System
Our system allows institutions to answer questions raised by their customers or employees in an automated manner. Customers interact with our engine in free text and receive a response which is approved by the institution and auditable. Our system captures interaction data and connects to CRM systems through APIs.
- natural language virtual interface with customers and employees
- data classification
- self-service automated advice/guidance portal
- API integration with CRM
- multiple languages
- ability to add links, pictures, videos, tutorials
- real-time customer interaction reporting
- auditable system
- integration of multiple internal departments workflows and external pertners
- automate call centre interaction with customers
- automate interaction with employees
- full control of content, self-service immediate amendment and roll-out
- capture all interaction with customers/employees in customised report
- data can be captured anonymously while retaining full analytics benefit
- classify data to be used with other intelligent systems
- virtual call centre: reduce costs, increase accuracy
£100000 per unit
- Education pricing available
- Free trial available
7 0 2 2 6 6 1 9 2 6 6 6 0 3 2
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Service constraints||Our system is a white-label cloud based system. It can be licensed as a standalone system without connecting to a CRM. It is designed to connect to other systems through APIs. The time and effort required to roll-out CRM integration depends on each institution's existing systems and workflows.|
|Email or online ticketing support||Yes, at extra cost|
|Support response times||Support can be provided as per the customer's request. It will be priced separately.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), 7 days a week|
|Web chat support||Yes, at an extra cost|
|Web chat support availability||24 hours, 7 days a week|
|Web chat support accessibility standard||None or don’t know|
|How the web chat support is accessible||Our system has 2 categories of users: the Institution (Expert Users) and its customers (Customer User). The Expert User will have a dedicated relationship manager included. If Customer User technical webchat is required, this can be provided at an additional cost.|
|Web chat accessibility testing||To be provided upon request.|
|Onsite support||Yes, at extra cost|
1- FAQs and documentation - Free of Charge
2- relationship manager - included in price
3- technical account manager - Variable depending on requirements
4- cloud support engineer - Variable depending on requirements
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||We provide on-site training, Video tutorials and user documentation.|
|End-of-contract data extraction||Customer information can be extracted in JSON or CSV. Know-how can be extracted in JSON. We provide the data models for each.|
|End-of-contract process||Data extraction and Cloud sanitisation are at an extra cost as these vary depending on the customer's requirements.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||No functionality or features differences. Only lay-out and design differences.|
|Description of service interface||Service can be accessed on a standalone URL and through APIs|
|Accessibility standards||None or don’t know|
|Description of accessibility||General interface|
|What users can and can't do using the API||
User Categories: Our system has 2 categories of users: Institutional User and Customer/Employee User. The Institutional User is divided into 2 types: Admin User and Expert User.
Admin User: Can create know-how 'flows' which look like decision trees using drag/drop and free text features. Can create/amend/delete/share/print/export flows. Is the only User that can 'publish' flows. Only published flows are visible to Customer/Employee Users. Can create/delete/change permissions of other users. Can test flows and amend them simultaneously. Can amend language to be shown to customers throughout the application such as disclaimers, pop-ups etc. Has access to customised Management Information Dashboard and analytics reports. Has a customised 'feedback' interface which allows him/her to interact with the intelligent NLP engine.
Expert User: same rights as Admin User except MI, ability to publish flows, ability to amend language relating to certain customer information. Has no 'feedback' interaction with the intelligent NLP engine.
Customer User: Interacts with the engine through an NLP 'search' feature. The customer interaction is a mixture of free text and predefined questions and answers (yes/no, more/less, 100/1000, choose one of the following). The customer receives a tailored response to his/her journey which downloadable and connects him/her to follow-up information and actions.
|API documentation formats||Open API (also known as Swagger)|
|API sandbox or test environment||Yes|
|Description of customisation||
Institutional Users have full control of the content/know-how they develop into our system. They develop their flows and what they would like their customers to see. This is a plug-and-play solution through free text and drag-and-drop. They can develop the know-how in any language (including non-latin languages such as mandarin or arabic). They can create links, upload videos and photos.
All other features can be customised/tailored based on requirements of the client. To be agreed on a case-by-case basis.
|Independence of resources||The current architecture of the system is designed around the assumption that there are 1000 active users accessing the system simultaneously. User queries pass through load balancer and onto a Kubernetes cluster that manages the query based on micro-services. The system has been tested to handle these levels of demand, ensuring that the user response times for each query is the same. Further work is being done to improve and greatly scale this through the use of messaging queues (Kafka in particular). Additionally, the application stack has been designed to easily enable vertical and horizontal scaling if need be.|
|Service usage metrics||Yes|
|Metrics types||Our system includes a 'Reports' section which provides analytics on customer interaction with the system. Our system captures every interaction by Customer/Employee Users with the system. Tailored reports can be provided which show the 'top 10 flows' that Customer/Employee Users interacted with, times of interaction, drop-off points, duration of interaction, exact words that were used etc...|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Other|
|Other data at rest protection approach||
We use Google Cloud or AWS depending on our customer's preference. Encryption is by default in both instances.
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||Users receive JSON files|
|Data export formats||Other|
|Other data export formats||JSON|
|Data import formats||Other|
|Other data import formats||Free text multimedia (MP4/PNG/JPEG)|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
Our system has different types of users and multiple features.
We use commercially reasonable efforts to make our services available for at least 99% of the time during any monthly billing cycle. If we do not meet the SLA commitments during a monthly billing cycle, we provide a Service Credit. Service Credits apply against future payments from the customer for the applicable service.
Service Credits apply differently to different types of services and users. They are calculated as a percentage of the total charges paid by a relevant customer.
Below is an indicative example of how Service Credits will apply.
- Service availability is less than 99.99% but equal to or greater than 99.0%: 10% Service Credit
- Service availability is less than 99.0% but equal to or greater than 95.0%: 30% Service Credit
- Service availability is Less than 95.0%: 100% Service Credit
|Approach to resilience||The system has been designed to be integrated deeply with the resiliency and scaling mechanisms of the given cloud provider. Load balancers have been used to monitor servers and distribute traffic to servers that can best handle requests, additional virtual machines are placed on standby and a robust storage solution has been implemented. For example, the GCPs “Autoscaler” feature has been used to provide a robust scaling mechanism to automatically configure, manage dependencies and start handling requests when there is added stress on the system. This is true for the databases as well through the use of GCPs “Cloud SQL” feature. Additionally, instance health checks are implemented to monitor, notify and automatically replace potentially unhealthy instances.|
|Outage reporting||Email alerts and dashboard|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Identity federation with existing provider (for example Google Apps)|
|Access restrictions in management interfaces and support channels||There is a roles based access control within the system. Therefore users who are not intended to access management interfaces cannot do so.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Identity federation with existing provider (for example Google Apps)|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||CSA CCM version 3.0|
|Information security policies and processes||
Our information security framework follows the below principles. We have a board level individual (Security Officer) who is responsible for Information Security. Escalation procedure includes reporting to our CEO and Security Officer.
1. Information is classified according to an appropriate level of confidentiality, integrity and availability and in accordance with relevant
legislative, regulatory and contractual requirements.
2. Persons with particular responsibilities for information must ensure the classification of that information, must handle that information in accordance with its classification level and must abide by any contractual requirements, policies, procedures or systems for meeting those responsibilities.
3. All users must handle information appropriately and in accordance with its classification level.
4. Information should be both secure and available to those with a legitimate need for access in accordance with its classification level.
5. Information is protected against unauthorised access and processed in accordance with its classification level.
6. Breaches are reported in accordance with policy.
7. Information security provision and the policies that guide it are regularly reviewed, including through the use of annual internal audits and penetration testing.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||At a technical level, configuration management is currently managed via a tool called Saltstack. It is supported by the cloud provider, GCP, and has a number of compliance policy profiles based on CIS. The tool enables continuous item-level policy checks to locate non-compliant sub-systems within the environment and, by way of automatic enforcement, fixes violations or kicks off the configured remediation workflows.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Vulnerabilities are detected via the Cloud Security Scanner tool that identifies risks in the App Engine, Compute Engine and Kubernetes Engine. Any vulnerability alarms raised are treated severe and resources are deployed to correct them as soon as possible. Any true positives and negatives are then assessed at once, and security patches are consequently deployed. Most patches are deployed within a day from the time of threat identification.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||The Cloud Security Scanner also identifies potential threat vectors. Any flags raised are assessed, depending on the potential severity of these flags, they are either addressed in consequent sprint or elevated to be addressed at once in accordance with customer SLA.|
|Incident management type||Supplier-defined controls|
|Incident management approach||Incidents are managed through the ITIL incident management workflow. Once identified, they are logged and categorised. Categories include hardware, software and security. These are then prioritised and then managed through response and diagnosis. Incidents are escalated in accordance with policy and then resolved. The problem and the course of action taken are then documented. Incidents can be reported via the platform.|
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£100000 per unit|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||The entire system is provided for a free trial period of 30 days. All features of the system can be viewed and tested. Customisation of features, integration with existing customer systems, branding and support are not included.|