Land Assembly Services Ltd

Land Assembly Solution

At Land Assembly Services we feel strongly about improving the Compulsory Purchase and Land Assembly processes. There are tremendous opportunities for improving how we work, communicate and share data. We provide a range of tools that will lead to the industry becoming more efficient and saving everyone time and money.


  • Comprehensive coverage of the end to end compulsory purchase process
  • Easy generation of the full range of process support documentation
  • Complete coverage of the data for legal estates and interests
  • Web based focused reporting tool
  • Comprehensive range of standard reports
  • Web based Search and Explore tool
  • Data indexing tool to optimise large data set performance
  • Data Transfer tool to seamlessly exchange data between parties
  • Data Transformation tool facilitates the transfer between different parties’ systems
  • Configurable web-based Data Capture tool


  • Improves productivity, reduces risk, cost and timescales.
  • Reduces the time needed to specify requirements
  • Reduced time equals reduced cost and shorter project timescales
  • Improved accuracy of definition of the project requirements reduces cost
  • Improved accuracy of cost estimates
  • Avoids overruns due to unspecified requirements therefore reduces risk
  • Removes the need for bespoke reports saving time and cost
  • Provides standard compliance and management evidence reports
  • Provides very high data assurance and quality
  • Links all data to the evidence provides full traceability


£12000 per instance per year

Service documents

G-Cloud 10


Land Assembly Services Ltd

Peter Blackaller


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints The solution is totally web-based, so all that is needed is a computer, (desktop, laptop or mobile device) that is connected to the internet and running an up to date browser.
The solution is available 24 by 7 by 365 except for brief periods of planned maintenance which normally occur monthly outside the normal UK working hours.
System requirements
  • Modern Web Browser
  • Internet Connection

User support

User support
Email or online ticketing support Email or online ticketing
Support response times The Support Service is available during UK office working hours (09:00 to 17:00), excluding UK Public Holidays.
The initial acknowledgement response will be with 4 working hours with a detailed response within 8 working hours. There is no access to the support service at weekends or outside UK office hours, although tickets can be logged.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels The support service may be accessed via the online service. Alternatively, a ticket can be raised via email. The Support Service is available during UK office working hours (09:00 to 17:00), excluding UK Public Holidays. The initial acknowledgement response will be with 4 working hours with a detailed response with 8 working hours.
The cost of the support service is included in the software licence fees.
LAS do not provide a technical account manager or cloud support engineer.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Onsite training, advice and guidance and on-going assistance is provided throughout the life of the project, along with a full set of user documentation including worked examples and case studies.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats DOCX
End-of-contract data extraction They have full access to their data throughout the life of the project and they can use the integral tools to extract the data at any time during the life of the project.
End-of-contract process As this is an online service based on a pay as you use model once the client decides to stop using the service, they can extract and delete their data and that's it. There are no additional costs to pay at the end of the project.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Different user interfaces are presented based on available screen real-estate. Total functionality is the same across all device types.
Accessibility standards None or don’t know
Description of accessibility The Land Assembly Solution has been designed to be as easy to use and intuitive as possible. At this stage of the development cycle, no specific accessibility features have been included.
Accessibility testing No testing has been performed at this stage.
What users can and can't do using the API Relevant services are available via discoverable web services. Some services accept configuration in the form of XML configuration conforming with a published schema.
API documentation Yes
API documentation formats
  • HTML
  • ODF
  • PDF
  • Other
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The following features can be customised by the user's super-users, via the use of the system tools;
- Total data flexibility
- Customised date schemas, ie add new sections and fields
- Base GIS mapping service used
- Report structure and content


Independence of resources Each user will be provided with an agreed level of data storage based upon the expected volume of their data, growth will be allowed for. The hosting service will be flexible so more resources will be available depending on current demand.


Service usage metrics Yes
Metrics types As the solution can be used on a pay as you use model, detailed usage metrics are available. This includes the volume and type of data utilised and the service options used.
Reporting types
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Using the user configurable tools that are used day to day while the solution is being used. The import and export of data is a key requirement of the solution, so this is integral to its use.
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network Via encrypted database connections

Availability and resilience

Availability and resilience
Guaranteed availability The service is hosted via a resilient commercial data centre. As the service is charged on a pay as you use basis, if the service is not available no charges are payable.
Approach to resilience The datacentre in use is resilient - details are available on request
Outage reporting Via email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Username or password
  • Other
Other user authentication Dependent upon configuration, but the following options exist:
- Password
- Software token (for users)
- Public key (for web services)
Access restrictions in management interfaces and support channels This is restricted according to user account roles and is password protected.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users receive audit information on a regular basis
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards CSA CCM version 3.0
Information security policies and processes • AUP (Acceptable Use Policy)
• Security Awareness
• Information Security
• Change Management
• Incident Response
• Remote Access
• Vendor Access
• Media destruction, Retention & Backups

The reporting structure is flat: compliance is via self-discipline, colleague interaction and external audit.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Each asset, be it a deployment package, some infrastructure or any other asset which may change state and influence the solution, is uniquely identified and catalogued. The catalogue contains the current configuration of the asset (the configuration storage mechanism will vary based on the asset type).
Change requests are necessary to change the state of an asset. Change requests are reviewed against procedures to prevent negative security impact.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach We use third-party vulnerability scanners to identify potential threats, plus manual checks against the registry of utilised third-party components.

All services are supplied via our BASE system, which orchestrates the execution of tightly defined modules. Each module is aware and catalogues both third-party software and services that it uses. The BASE system itself has a registry of allowed DLLs which may be loaded into its application domain and these map back to modules. This registry is checked regularly to see if there are any security vulnerabilities.

We have complete control over the speed of patching/fixes, depending on the severity.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Audit data about asset usage (be it memory, network, disk, file etc) is recorded at all tiers of the solution and is continually statistically analysed. Any deviation from statistical norms is flagged for inspection and results in either a change to the statistical model, or a change request to mitigate any potential risk being raised.

Also, as the BASE system’s script execution method performs similar statistical analysis of executed scripts.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Users have access to a self-service security management system, by which common processes may be performed for common events (e.g. deactivating a compromised user account administered by the reporting user). This is backed up by a helpline for non-standard events. Updates on progress are managed in the same way as our ticketing system.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £12000 per instance per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial If the client data conforms to the required standard then a completely free trial solution is available. If the client data is not in the required standard we will convert a sample subset at no cost. The length of the trail is typically three months, it could be longer.
Link to free trial Will be provided on request


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑