Liberata UK Ltd

Capacitygrid Business Rates Review

Capacitygrid Business Rates Review has been delivered to over 90 local authorities providing a cost effective and comprehensive way of identifying both new Rateable Value and growth within your existing base and maximising business rates income ahead of Rates Retention.


  • Extraction of your Business Rates and Council Tax data
  • Multiple source data, matching, analysis and cleansing
  • Identification of hereditaments missing from your Business Rates list
  • Identification of growth within your existing base
  • Production and print and mail of review letters
  • Customer response capture
  • Valuation Office Report production
  • Exclusion process to allow exclusion of cases you know about
  • Real-time reporting and property inspections
  • Full provision of evidence to the Valuation Office


  • Fast identification of business rates growth in your area
  • Maximise revenue available
  • Risk-free approach with no investment or support costs
  • Full cleanse of your NDR base
  • Efficiency savings - free up valuable Council resources
  • Visibility of process, outcomes and ROI reporting
  • Fully Compliant with GDPR
  • Additional Contact information to use for billing
  • No conflict: we don't use Rating Agents to reduce RV
  • A positive impact on your collection rates


£7.50 to £10.00 a unit

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

8 3 0 2 4 8 4 7 1 9 3 0 6 2 9


Liberata UK Ltd G-Cloud Bid Administration
Telephone: 020 7378 3700

Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
System requirements
Modern web browsers with internet access

User support

Email or online ticketing support
Email or online ticketing
Support response times
We have dedicated Customer Support Managers for each account to provide immediate assistance during office hours 8.45-5.30 Monday to Friday
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Support levels
Dedicated Customer Support Manager for each account to provide immediate assistance. On-boarding and off-boarding assistance included and technical support also available at no extra cost.
Support available to third parties

Onboarding and offboarding

Getting started
Dedicated Customer Support Manager to guide through and track implementation. Full on-boarding documentation is also provided with user manuals for accessing the Service Cloud and training webinars where required.
Service documentation
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
All data is available to download in a number of different file formats and instructions are given as part of the on-boarding/off-boarding process.
End-of-contract process
User accounts are disabled and data removed in an agreed timescale. An end of review/off-boarding call will also be held with the buyer.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
Service interface
Customisation available
Description of customisation
Customisable webform and letters. The client can request amendments on the review specifications.


Independence of resources
Regular server capacity monitoring


Service usage metrics
Metrics types
A provision of reports available on the cloud highlighting the progress of the review,
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Application file download
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
24/7 accessibility, 99.75% availability over the review period
Approach to resilience
The solution is provided from a UK-hosted, dual datacentre, private cloud platform which supports SAN to SAN replication of data between the two sites. The platform is designed to give tolerance to single points of failure, and is supported by our 24x7 support organisation. Data can also be backed up locally to a virtual tape library, enabling rapid restore when required.
Outage reporting
Email notifications to users

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
User roles restrict access to specific functions with the application.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
IT hosting as that has been outsourced to a third party
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
• ISO20000 (IT Service Management)
• ISO22301 (Business Continuity)
• ISO27001 (Information Security)
• Cyber Essentials
Information security policies and processes
Liberata Acceptable Use Policy
Liberata Access Control Policy
Liberata Information Security Management Policy
Liberata Compliance Policy
Liberata Data & Asset Management Policy
Liberata Mobile Working Policy
Liberata Personnel Security Policy
Liberata Risk Management Policy
Liberata Incident Management Policy

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The Change Management process is aligned and certified to ISO20000 IT Service Management. A UKAS accredited body performs external audits to test the Policy/Procedural compliance of ISO20000.

A Change Advisory Board sets the requirements to which the life-cycle of change is managed.

CAB objectives:
Ensure that changes to the IT Infrastructure are assessed, prioritised and scheduled in a timely and cost effective way that maintains contractual client service levels;
Ensure Changes are reviewed throughout the Change Lifecycle;
Ensure appropriate resources are in place to meet clients’ business requirements;
Improve clients’ overall satisfaction with the services provided; and
Manage emergency change.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Regular scanning is in place to identify vulnerabilities and the required remediation implemented to a defined plan to comply with PSN and ISO27001.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Servers have security logs in Audit Collection Services, within Microsoft System Operations Manager.

Managed network devices have security logs shipped to Cisco Monitoring, Analysis and Response solution. 

Logs are retained for at least 6 months including:
User or process Unique ID; 
Date and time of event; 
Physical or logical address; 
Type of service executed;
Privileged command executions;
In-bound email traffic claiming origination from PSN addresses or from 'null' addresses;
Excessive outgoing web traffic;
Regular data exchanges with external addresses;
Log record changes.

We have a SyOPs document which details the frequency for manually validating access controls and firewalls logs, etc.
Incident management type
Supplier-defined controls
Incident management approach
Incidents are managed via the Service Desk with an incident management team responsible for coordinating and directing the response. Conforms to the requirements of ISO27001 and ISO20000.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£7.50 to £10.00 a unit
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.