Deployed

Deployed Scoping Tool

An intelligent smart form determines the Scope of Work for a project. The tool then translates this input into a Statement of Work. This is the executable contract between the parties with a summary sheet to allow for quick review and decision making. A dashboard summarizes data on all SoWs.

Features

  • User-facing, Intelligent Smart Form
  • Risk Engine and Risk Rating
  • Statement of Work Generator
  • Pricing Engine
  • Man Power Planner
  • Dashboard

Benefits

  • Take Ownership of Scope Definition
  • Understand and Reduce Risk
  • Reduce Costs by Understanding the Breakdown and Requirements
  • Reduce Clutter such as Admin, Rework and Scope Creep
  • Safe time and SoW iterations
  • Standardised Design & Structure
  • Better Value for Money on People Related Contracts
  • Real-time Insights and Thoughtful Statistics
  • Enablement of Fasts and Powerful Decision-Making
  • Benchmarking and Negotiation Power

Pricing

£500 to £15000 per licence per month

  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

7 1 3 3 0 4 2 7 1 3 9 1 9 2 9

Contact

Deployed

Kayleigh Kuptz

07576828860

kayleigh@deployed.co

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
N/A
System requirements
To be able to use Microsoft Azure

User support

Email or online ticketing support
Email or online ticketing
Support response times
SLA times are different on weekends
User can manage status and priority of support tickets
No
Phone support
No
Web chat support
No
Onsite support
No
Support levels
We provide three levels of support:

P3 :72 hours with 8 hours initial response time
P2: 48 hours with 6 hours response time
P1: 24 hours with 3 hours response time

The price for the ticketing system is included in our subscription fee.
Support available to third parties
No

Onboarding and offboarding

Getting started
We have an initial assisted onboarding process which includes pre-loading of customer's data and policies which is coupled with organic training sessions.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
On exit, Deployed provides them with a zip file containing all relevant data.
End-of-contract process
At the time of signing the contract a comprehensive exit plan is agreed. This is bespoke to each client.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The mobile version provides a streamlined experience surfacing the most frequently used features of the product while the desktop version provides a full set of services including administration functions such as user management.The product is web-based and both versions are responsive and work on screens and devices of all types.
Service interface
No
API
No
Customisation available
Yes
Description of customisation
Users may customize the service via the SaaS tools provided. The product is web-based and customization options are mapped to various access levels. Only Deployed employees have super administrator status which allows them to override any user settings, however, clients are given the chance to self-service by logging into the portal as either administrators or managers and then by visiting the Settings screen.

Scaling

Independence of resources
Customer don't have their own tenant, however the system is highly scalable due to robust architecture choices such as being API-driven, being based on microservices and making use of massively scalable SaSS products on Microsoft Azure.

Analytics

Service usage metrics
Yes
Metrics types
Our clients can designate administrators within their group who have access to records of audited operations. This includes tracking data access and documents management as well as some general system usage statistics. Optionally, data could be surfaced via an API for extra cost.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
The SaSS product is web-based and offers many opportunities for data download and reporting. Each feature has their own means of exporting data such as download in various formats or emailing, to name a few.
Data export formats
CSV
Data import formats
  • CSV
  • Other
Other data import formats
PDF

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Any breached SLAs are judged on an case-by-case basis and refunds are worked out based on impact on any critical line of business operations or more serious problems such as potential data loss.
Approach to resilience
Resilience is leveraged via Microsoft Azure SaSS services. The specifics of the overall system resilience would be an amalgamation of all the different services used and can be provided upon request.
Outage reporting
Internally, visibility is given via monitoring tools dashboards and alerts. Notifications include emailing distribution lists, reporting to relevant Microsoft Team channels, automatic creation of ticket on the support team board. APIs are available including off-the-shelf metrics API from all the cloud products used.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
The product is a web-based SaSS secured by OpenId and OAuth 2.0 standards. Administrators within the customer's team are set up in the system as part of the on-boarding process and given privileges to access system settings for their organization including user management. All product features are governed by user claims. Internal tools and support channels are hosted on a completely separate system and hooked to a separate user store.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Data security and safeguarding is part of the on-boarding process for any employees. Company policies including directives on data security are always available, re-enforced via daily processes such as code reviews and standardization of tools and storage locations and then enforced during specific assignments or employee exit procedures.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Configuration management is for the most part code-driven and automated and therefore governed by code-reviewed approved actions. Change management processes are also enforced by code review and, where not applicable, manual changes accessible only to qualified staff members and properly documented.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability management is largely delegated to Microsoft Azure via strategic selection and leverage of services that offer off-the-shelf comprehensive security. Potential threats are identified via Microsoft feed notifications as well as subscription to different cyber security alert sources.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Potential compromises are surfaced either via pro-active analysis of monitoring tools dashboards and metrics or alerts received based on unusual activity or notifications from Microsoft Azure. Response is measured against the severity and credibility of the threat, however, all critical issues, specially security threats, are reacted to immediately 24/7.
Incident management type
Supplier-defined controls
Incident management approach
Incidents can be raised by a number of departments. Monitoring teams may raise incidents based on the dashboard metrics, QA teams may raise incidents based on routine smoke testing of the production environment and automation tests may raise tickets based on pre-determined rules and priority. Potential threats create tickets which are triaged by designated tech team members. Their priorities are automatically assigned where possible, such as, for instance, where an email subject is known and consistent.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£500 to £15000 per licence per month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
A Proof of Concept or Data Exchange

Service documents

Return to top ↑