Rosslyn Analytics

RAPid Document Management - Collaboration Room

RAPid Collaboration Room is a Document Management, Document Sharing and Collaboration application. Collaboration Room enables teams of people to work securely and efficiently together on a document or on project related documents. Incorporating social media, email, word, power point, and any other types of digital documents.

Features

• Multi-purpose portal for self- service document management
• Automated workflows to support your organisation’s unique business processes
• Creation of Team Rooms enabling real time document collaboration
• Document version control and revision management
• A centralised repository of document data and content
• Search, manage and validate all types of documents
• Document life-cycle management
• Document check in/check out
• Browser based document drag and drop with user defined folders.

Benefits

• Single document management repository for use across your organisation
• Enables collaboration and sharing across teams and organisations
• Reduce the total cost of document management
• Reduce workload and cycle times for managing the document processes
• Collaborate with external organisation via secure portal
• Mitigate risk via document notification alerts
• Role based access enables secure document access
• Metadata or full text search capabilities

£50,000 an instance a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Framework

G-Cloud 12

Service ID

770980791157867

Contact

Nick Baddeley; Sales Dept
0203 285 8008
nicholas.baddeley@rosslyndatatech.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: RAPid Supplier Information Management,; RAPid Contract Management
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: None
• System requirements: If using Internet Explorer, Versions 9+ supported

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Initial response is instantaneous - standard support hours are UK business hours. Extended 24/7 support is available at extra cost
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support Service is provided via our dedicated support team. Support is contactable by email, phone and via a dedicated web portal and is included in the service we provide to our Clients. Support queries are ticketed, logged and tracked to resolution and the Client is kept informed as the query progresses. In addition, each Client is allocated a Client Success Manager to work closely with the users of the system to ensure that there is adequate training and ongoing user help to optimise the value from the RAPid Platform.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide onsite and online training. Product & user documentation is provided. Training videos are available.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: At end of contract, Rosslyn Analytics will return the users data back to them exactly as it was originally provided
• End-of-contract process: At contract end, Rosslyn will if requested either provide the clients data back to them exactly as it was received or destroy the client data. All user accounts will be disabled and after an agreed period the client account will be deleted. This is all included in the contract price

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Reporting is designed to be "mobile aware", the contents of the reports are the same but are displayed in a mobile friendly manner
• Service interface: No
• API: Yes
• What users can and can't do using the API: Using the API users can content enable Line of Business applications and web portals for both internal and end customer facing documents.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Client Administrators can set and customise many aspects of the RAPid Platform including creating other Client Admins & Users and can allocate applications on the platform to them. ; ; Rosslyn also provide customisation of the RAPid solution to meet clients specific needs eg workflow, case management, web portals and integration.

Scaling

• Independence of resources: Rosslyn leverage the Microsoft Azure platform to ensure that scaling both for storage and compute resources are not determining factors

Analytics

• Service usage metrics: Yes
• Metrics types: Rosslyns RAPid Platform has a user activity dashboard which is refreshed once per day.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Metadata from the RAPid platform can be exported as a .csv file. Once the user has selected the data they would like to export, then there is a button to enable export of the selected data to the users computer.; ; Content can be downloaded by users in its native format.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Native format (eg pdf , Word, Excel...)
• Data import formats:
  • CSV
  • Other
• Other data import formats: Native format (eg pdf, Word, Excel...)

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Service availability via the Microsoft Azure platform is minimum 99.95%. Refunds are provided as per the buyers contract via a credit process.
• Approach to resilience: Rosslyn fully comply & align with Microsoft data centre "High Availability" standards. Further details available on request
• Outage reporting: Email alerts are provided by our Service Support team.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access restrictions are built into the RAPid platform and are managed via a the administrative interface
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QSL
• ISO/IEC 27001 accreditation date: 19/09/2019
• What the ISO/IEC 27001 doesn’t cover: NA
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: As Per Microsoft Azure
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: NA
• PCI certification: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Rosslyn follow best practices for information security policies as outlined in ISO 27001

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Rosslyn operate an Agile development lifecycle with 2 weekly sprints and monthly releases. These are managed and controlled through the Product Management team.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: The infrastructure and security team at Rosslyn continually monitor all company assets through dedicated monitoring tools both provided by Microsoft Azure as well as complementary solutions.; ; Patches to deal with vulnerabilities are deployed as soon as practicable depending on our assessment of the impact of the vulnerability on users and the RAPid service
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: This is aligned with industry best practices leveraging all available monitoring capabilities. ; ; Action is taken as swiftly as practicable considering as defined by Rosslyns infrastructure and security team
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: This is aligned with industry best practices leveraging all available monitoring capabilities. ; ; Action is taken as swiftly as practicable considering as defined by Rosslyns infrastructure and security team

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Pricing

• Price: £50,000 an instance a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF