Agile Applications Limited

Agile SaaS: Planning

Agile Planning, our intuitive solution for all aspects of planning (including County and National Parks), provides powerful document/communication management with business intelligence for real-time insight. Flexible features include process-based workflow, online submissions and integrated GIS, integration with Microsoft suite, Land Charges, Building Control, Environmental Health, Licensing and offline mobile access.


  • Intuitive, easy-to-use setup
  • Online submissions – pre-applications, enforcements and Planning Portal 1APP submissions
  • Fast application validation process
  • Full application details, diary and workflow regardless of location
  • Process-driven workflow
  • Diary integrated with MS Outlook for task allocation/tracking
  • Integrated, intuitive GIS
  • Standard templates and reports plus real-time management reporting
  • Powerful enquiry functions for filtering/sorting vast volumes of data
  • Document imaging for retrieval and archiving


  • Facilitates public self-service - intuitive Citizen Portal for online submissions
  • Keeps up with changes in legislation
  • Add new modules when business requirements change
  • Adapts to new working styles e.g. shared services
  • Access full functionality for remote working
  • Share business intelligence with cross-platform reporting
  • View applications/geo locations in context for improved decision making
  • Identifies and tracks revenue sources through effective legal agreement monitoring
  • Take action on the move with Agile@WORK
  • New users can be up and running in minimal time


£25 to £100 per user per month

  • Free trial available

Service documents


G-Cloud 11

Service ID

8 0 5 5 6 7 0 8 4 7 3 2 6 6 8


Agile Applications Limited

Jared Crane

0330 100 3675

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Agile SaaS: Planning is a comprehensive system which can be implemented "standalone" or as an element in Agile Applications' Built Environment Suite (which provides Building Control and Local Land Charges as well as Planning functionality).
Cloud deployment model Private cloud
Service constraints No
System requirements HTML 5 Browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times We commit to response times in our SLA. Response time is dependent on urgency/prioritisation. System down response time is 1 hour, next level of priority response time 4 or 8 hours, with a two working days response time for enquiries or less urgent calls. The helpdesk system sends an acknowledgement email within 5 minutes when a call is logged.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels We offer 3 levels of support: • Our standard service is available from 9.00am to 5.30pm Monday to Friday (excluding public holidays) and is included in our price. • Extended cover is available from 8.00am to 8.00pm Monday to Friday (excluding public holidays) at an additional charge. • 24 hours a day cover for critical applications is available at additional charge.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Agile Applications provides full project management and implementation services working in partnership with your IT and Project staff (with full ongoing support services thereafter). Agile's implementation package includes:

• Project Management (onsite / remote) throughout the process
• Data Migration
• Configuration consultancy
• Training needs analysis, delivery and associated documentation (onsite / remote)
• Onsite support during and immediately following “go live”.

Training is provided to ‘Super Users’ (System Admins) and ‘End Users’ by our Business Consultants and Training team. We provide user guides for our software (which also has inbuilt help for end users).

Post implementation, we provide:

• Onsite support on request • Account Management throughout the term of our agreement • Help desk service with option for extended cover • Support via remote dial up to the client’s system.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Agile Applications will provide an extract from the data as an export in CSV format for testing purposes. Following written sign off from the customer, the final data export will then be produced in CSV format as standard. This is charged at £5,000. Data export in formats other than CSV is by negotiation at our SFIA published rates.
End-of-contract process When the contract expires naturally, we will let the customer know that the exit process is underway. The process is managed via a plan delivered by a nominated Agile Project Manager working in partnership with the customer’s nominated transition manager. We expect to deliver customer data within 10 working days' notice of termination. We will provide an extract from the data as an export in CSV format for testing purposes. Following written sign off from the customer, the final data export will be produced in CSV format as standard (with other formats by negotiation). All related customer specific material is securely deleted from the hosted environment. Data is kept until full validation and sign-off by the customer. Beyond a data retention period of (a number of days agreed as per the contract) after the project work has been completed, this data will be securely deleted. The charge for this service is £5,000. However, if the customer chooses to terminate ahead of the normal contract expiry date, there may be additional Services costs associated with the off-boarding process.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service In terms of Desktop and Mobile for public access (citizens) the service and features are the same, although the user experience varies for some components and pages. For example tables with several columns would need horizontal scroll to view all the data on a mobile or smaller screen devices.
Service interface Yes
Description of service interface The Citizen Portal is designed to provide straightforward, intuitive access to public users of the Agile SaaS service.
Accessibility standards WCAG 2.1 AA or EN 301 549
Accessibility testing The Portal supports the assistive technology features provided by the browsers listed.
What users can and can't do using the API Our APIs are accessible via RESTful communications with payload and data provided via JSON data format enabling integration with compatible third-party applications.
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment No
Customisation available Yes
Description of customisation The solution is highly configurable including letter templates, emails and web content, information access (which can be set down to individual field level) and processes such as letter production. Our process-based workflow is also fully configurable by each application type. All changes can be made by the customer without assistance or charge from Agile once they have had the required training.


Independence of resources Customer environments are segregated and continuously monitored for performance. Where appropriate, resource configuration is altered to provide the best possible performance levels.


Service usage metrics Yes
Metrics types Details on request.
Reporting types Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Other
Other data at rest protection approach Azure Storage Service Encryption for data at rest
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach The report writer solution provided will output any query straight to XML, Excel, CSV, word, HTML or PDF as required.
Data export formats
  • CSV
  • Other
Other data export formats XML
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks IPsec or TLS VPN gateway
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Data in transit between our APIs and back office applications (via browser based or 3rd party API communications) are encrypted with TLS v1.2 and HTTPS. Site to site or point to point communications take place via VPN connections authenticated with PSK with an IPSec tunnel.

Availability and resilience

Availability and resilience
Guaranteed availability The hosting provider's infrastructure is highly resilient. SLAs are subject to contract.
Approach to resilience Available on request.
Outage reporting Via email alerts.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels A user cannot access the system without a username, password etc. The system provides for varying levels of security (full access, view only or no access) at group or individual levels. These levels of security can be applied at module, screen, process or field levels to provide a totally configurable security regime which can be changed as and when required (by "Super Users" for example).
Access restriction testing frequency At least every 6 months
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 QMS International Ltd
ISO/IEC 27001 accreditation date 17th November 2015
What the ISO/IEC 27001 doesn’t cover N/a
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Our Information Security Management Policy (under ISO27001 certification) applies to all key areas and is subject to both internal and external audit. Policies include, but are not limited to:
• Access Control Policy
• Cryptographic Controls Policy
• Data Protection Policy
• Information Exchange Policy
• Information Sensitivity Policy
• Network Systems Monitoring Policy
• Remote Access and Mobile Computing Policy
• Security Incident Reporting Policy.

Policies are reviewed quarterly at meetings under the direction of a board representative and as required in response to any internal and external audit issues raised.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Configuration management on the VM servers used to deliver Agile SaaS is tracked (i.e. recorded, initialled and time stamped). All requested changes to the SaaS environment are submitted via a formal, documented process and the potential security/service impact is assessed. This includes careful consideration of notification, rollback and testing. Changes are deployed to QA for checking prior to approval and final release to staging and production.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Patch deployments are made to non-live systems and reviewed before being implemented on Live customer facing systems.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Resource usage and system functionality are periodically monitored. Patterns of usage that fall outside normal thresholds are flagged for investigation with the Infrastructure team for immediate investigation.
Incident management type Supplier-defined controls
Incident management approach Incidents are either raised internally by members of our support team or raised externally by customers via phone, email or directly in our service desk portal. Procedures for any recurring incidents are implemented immediately by the support team. Escalation can be either to a higher tier of the support team, with assistance from other teams including development or testing, or to any external supplier.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £25 to £100 per user per month
Discount for educational organisations No
Free trial available Yes
Description of free trial We offer a one week free trial for two customer nominated users in the final stages of procurement and prior to the signing of the G Cloud Call-Off Agreement. Short duration (typically 2 – 3 hours) “guided tours” are also available.

Service documents

Return to top ↑