Aqilla Limited

Aqilla Cloud Accounting for Public Sector

Aqilla is a flexible and scalable cloud based accounting solution providing a high level of functionality and delivering true value for money to the public sector.
Utilising an SQL database, it is designed to be accessible from any modern web browser and mobile device without the need for additional software.

Features

  • Combined ledger - All ledgers integrated for instant reconciliation
  • Project Accounting,Inventory control, Expense Management, TimeSheet Recording
  • Powerful integration with MS Excel
  • Graphical SQL query builder for comprehensive web based dashboards
  • Value based workflow
  • Full Purchase To Pay functionality
  • Custom fields enable detailed analysis
  • Comprehensive budgeting capabilities
  • Full commitment accounting
  • RESTful API enables easy integration with 3rd party software

Benefits

  • Scaleable to meet large data volumes
  • Fast and efficient on-demand analysis
  • Simplified period and year end procedures
  • Streamlines processes via integration
  • Fully integrated solution - no add on costs
  • Simple and flexible subscription model
  • Designed and developed as a fully cloud based service
  • Range of Agile implementation options available
  • Fully compliant with UK accounting and taxation legislation
  • Low cost yet highly functional solution

Pricing

£12 to £80 a licence a month

Service documents

Framework

G-Cloud 12

Service ID

7 1 2 7 3 4 6 3 6 0 2 3 7 9 8

Contact

Aqilla Limited Chris Tredwell
Telephone: 07946103991
Email: chris.tredwell@aqilla.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Excel add-in requires a locally installed version of Microsoft Excel
Sharperlight requires local installation of add-in under Microsoft Windows
System requirements
  • Active internet connection
  • Currently supported web browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
4 Hour Response but normally much quicker in practice
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support is available - via our helpdesk - between 9.00am and 5.00pm Monday to Friday every day except public holidays in England & Wales.

We encourage our clients to communicate with us by e-mail in the first instance and we find that most clients prefer to do so. We do of course accept phone calls to our help desk.

All support requests are logged in our CRM and acknowledged within 4 working hours - usually much sooner. According to our records 80% of support requests are resolved during the initial contact and within 4 hours - usually much sooner.

Support requests that need to be escalated from our help desk to second line support are categorised for impact and tracked in the JIRA issue management system and usually resolved within a few days.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Aqilla provides training as part of an Agile on-boarding process. We provide an option to deliver end-user training or train the trainer offerings that reduce cost.
Training can be delivered on a one to one or one to many basis.
Online tutorials are also offered as well as comprehensive online help.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Aqilla provides the facility to download all the necessary data to csv to make migration as simple as possible.
End-of-contract process
At the end of the contract customers can either elect to continue subscribing to the software or elect to migrate to a new platform. There is no charge for termination of the subscription and users are free to download their existing data for migration to the new system without any barriers. This process can be performed by the client but assistance is offered from Aqilla at our published consultancy rates.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Aqilla is 100% browser based. Mobile users access via device browser.
Service interface
No
API
Yes
What users can and can't do using the API
Users can Create, Retrieve, Update and Delete specific documents and reference data.
The API requires an API licence.
The API can be accessed via Java or XML document that authenticates with the Aqilla instance. The Java/XML document must have logic to capture exceptions in cases where an error message is issued by Aqilla.
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Customers can add large amounts of extensible analysis in the form of additional fields, dates and statistical data throughout the system.
The logo and identity can be can be tailored to suit individual organisational and departmental requirements.
Certain entities within the software can be renamed for example Project can be renamed to Cost Centre.

Scaling

Independence of resources
Our advanced, highly scaleable, multi-tenanted architecture is designed to provide automatic and efficient load balancing across all instances running on the Aqilla platform.
This is evidenced by our the 99.99968% platform availability as measured since 1st June 2008.

Analytics

Service usage metrics
Yes
Metrics types
Users and session validation
Average session time
Optionally users may choose to make use of the integral data audit function
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Aqilla has class-leading Microsoft Excel integration allowing information to be exported and modified using Excel.
Data can also be downloaded on-demand, to a local volume in CSV, Microsoft Excel or PDF format for import to other systems. Exported data can also be saved to other cloud storage services.
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
We do not offer guarantees but our service averages 99.99968% availability as measured since 1st June 2008.
The service is available 24 x 7 x 365.
Approach to resilience
Our data center has redundant capacity components and multiple independent distribution paths serving the computer equipment. Typically, only one distribution path serves the computer equipment at any time. The site is concurrently maintainable which means that each and every capacity component including elements which are part of the distribution path, can be removed/replaced/serviced on a planned basis without disrupting the ICT capabilities to the End-User. It has protection against most physical events.
Outage reporting
Public dashboard, twitter, and public website status announcements.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Access to the platform is only allowed by way of a 3 factor authenticated browser session or via an authenticated RESTful API session. No direct access to file tables is permitted under any circumstances. Each authenticated session is further governed by a set of configurable user roles and permissions.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Ultima Risk Management Ltd
PCI DSS accreditation date
April 16
What the PCI DSS doesn’t cover
None
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Aqilla constantly reviews its security policies and personnel profiles to ensure adequate security as a non-negotiable requirement of being in business.
Information security policies and processes
Restricted access to detailed technical data is by means of authenticated access to case management and software version control systems. Furthermore configuration control is limited by means of a unique token which is changed frequently and not made available to personnel outside the organisation.
All employees are subject to review in terms of ability and eligibility to work in a restricted environment such as public sector computing.
Regular risk management review exercises are undertaken in all operational areas.

Regular assessment of potential and known third party risks is subject to constant review by the Technical Director and the main Product Architect.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Aqilla utilises JIRA software from Atlassian to manage the entire development lifecycle including configuration, change management, version control, release management. The software is constantly under review to ensure the integrity of the single source code which is used by all customers.

Aqilla adopts a modern Agile development methodology using Scrum principles and as part of our Agile process detailed product specifications are produced and subject to constant review and iteration.

Aqilla also uses Confluence from Atlassian to share information across the development team to aid our Agile development.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Aqilla conducts constant and regular reviews of known and potential vulnerability threats and in-house vulnerability test are carried out by development team

Patches, once fully tested in a clean sandbox environment, which replicates the live platform, can be deployed within hours.
A range of sources including online materials, forums, news feeds and other publications are reviewed regularly to determine any potential threats.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
24 x 365 monitoring is undertaken using a range of tools including the likes of Zabix, Google Analytics and others.
In the first instance the relevant manager responsible for a particular client is contacted and any relevant issue is discussed along with any mitigating circumstances that might explain the matter coming to the attention of the monitoring systems.
If necessary the client is contacted immediately to further understand if there is any specific reason for the alert being generated.
Incident management type
Supplier-defined controls
Incident management approach
Not really relevant to a platform such as that used by Aqilla but all support queries and incidents when reported are fully documented in the case management section of our customer relationship management system which is constantly monitored and tracked, with alerts being provided to senior managers of the company.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£12 to £80 a licence a month
Discount for educational organisations
No
Free trial available
No

Service documents