Outsourced on-shore software development copy
Headforwards are an Agile outsource software development company based in Cornwall where quality of life means we can recruit and retain staff. Clients get dedicated teams with the right skills and people. This means higher quality teams, better knowledge retention, longer term focus and lower risk for the client.
Features
- Agile software development
- Artificial Intelligence and Machine Learning
- All software stacks including .net, React, Angular, Open Source
- Cloud architecture, micro services, containerisation
- DevOps approaches, including continuous delivery and automation
- Minimum Viable Product prototyping development
- API development and SOA
- Data Analytics systems development
- Agile and Digital Transformation
- Technical Consultancy
Benefits
- UK based on-shore development teams
- Continuity through dedicated teams of developers for each client
- Agile mindsets helping cultivate internal agile culture change
- Long term approach reduces overheads and costs
- Low staff attrition, better knowledge retention, higher quality outcomes
- Staff training programme and knowledge sharing activities
- Lower risk through collaborative working relationships
- Continuous Delivery creating more frequent software releases
- Transparency around contract and delivery approaches
- Improved productivity through Agile development processes
Pricing
£30,000 to £200,000 a person a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 11
Service ID
7 4 4 7 3 9 2 1 3 0 6 4 3 8 9
Contact
Headforwards
Andy Roberts
Telephone: 01209 311 151
Email: andy.roberts@headforwards.com
Service scope
- Software add-on or extension
- Yes
- What software services is the service an extension to
- Our software development teams can work with any other existing software systems.
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
- We develop long term project teams to enable a more cost effective service.
- System requirements
- None
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
- 1 hour is standard. At weekends we can arrange on call support.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- Clients have their own dedicated teams of developers who continually work with clients providing whatever services they need. We create a bespoke SLA around client needs.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- We work together with the client to design the most appropriate team to meet the client's objectives. We then recruit specific people into the roles allowing the client to approve each appointment. We help advise on the best product ownership approaches. Team members spend time onsite with the client to build relationships and understanding of requirements.
- Service documentation
- No
- End-of-contract data extraction
- All data is kept by the client on their infrastructure.
- End-of-contract process
- The team works collaboratively with the client's in-house team or new supplier to share knowledge over all areas of the software systems.
Using the service
- Web browser interface
- No
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- No
- API
- No
- Customisation available
- Yes
- Description of customisation
- Our software development teams are customised by co-creation with the client.
Scaling
- Independence of resources
- We provide dedicated software development teams that are not shared with other clients.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Na
- Data export formats
-
- CSV
- ODF
- Data import formats
-
- CSV
- ODF
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- We design a bespoke process for each client based on their need.
- Approach to resilience
- We work with clients to design resilience into their solutions as they are developed.
- Outage reporting
- We design a bespoke process for each client based on their need.
Identity and authentication
- User authentication needed
- No
- Access restrictions in management interfaces and support channels
- Na
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- We have an ISMS compliance roadmap that is built around other FCA regulated client requirements.
- Information security policies and processes
- We have internal policies governing all aspects of security. These are reviewed continually to ensure staff are adopting the policies. Compliance is assured through an inspection programme.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- We design a bespoke process for each client based on their need.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- We design a bespoke process for each client based on their need.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- We design a bespoke process for each client based on their need.
- Incident management type
- Supplier-defined controls
- Incident management approach
- We design a bespoke process for each client based on their need.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £30,000 to £200,000 a person a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Free workshop to identify client solution