IDE International

PRIMED

An integrated governance platform. An easy and flexible solution for Compliance, Portfolio, Risk, Demand, Resource, Contract, Supplier Workflow and Document Management. NHS Change and Regulatory Governance. Integrated Government decision support.

Features

  • Portfolio Management
  • Compliance Management
  • Demand Management
  • Contract Management
  • Supplier Management
  • Resource Management
  • Governance Workflow Management
  • Asset Management
  • Business Process Management
  • Document Management

Benefits

  • Regulation Monitoring and Reporting,
  • Change Governance and Reporting
  • Resource Balancing
  • Demand Management
  • Change Control
  • Risk Analysis
  • Remediation Tracking

Pricing

£115 to £210 per user per month

Service documents

Framework

G-Cloud 11

Service ID

8 4 6 6 2 3 1 2 2 2 5 9 7 3 5

Contact

IDE International

Chris Whiteley

07895308016

chris.whiteley@ide-international.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
No specific constraints
System requirements
No specific requirements

User support

Email or online ticketing support
Email or online ticketing
Support response times
7am to 7pm weekdays

Weekend support id provided as an on-call service as standard for severity 1 issues
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
No
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support services are available on the cloud platform (no application feature support) from 7am to 7pm or 24 x 7.

A Technical Account manager will be provided for larger accounts. A cloud support engineer will be allocated to each individual ticket raised.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide the following:

Onsite Training
Web Training
User Documentation
Pre-defined templates
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
User are able to extract their data using:

1. Excel exports
2. Web Service extracts
End-of-contract process
At the end of the contract the instance is taken offline. There is no additional cost.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The mobile service is a responsive designed web page that re-renders the application screens onto target devices. This is suitable for tablets but not recommended for smaller mobile devices such as smart phones
Service interface
No
API
Yes
What users can and can't do using the API
A comprehensive SDK and Web service API set is available allowing for a majority of CRUD operations on the PRIMED platform. All services support authentication to ensure security.
Primed aims to be an open platform that allows 3rd PArty developers
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The service can be customised through the utilisation of templates that can configure the system including elements such as reference data, object types, status', roles, accessibility etc.

Administrators (those users with the administrator role) can easily configure the platform.

Scaling

Independence of resources
Each instance is dedicated to the purchaser and is scaled accordingly.

Analytics

Service usage metrics
Yes
Metrics types
We offer user based analytics to show utilisation of the service
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Users can export their data using:

1. Excel exports
2. Web Service Exports
Data export formats
  • CSV
  • Other
Other data export formats
  • Excel
  • XML (Web Service)
  • MPP (Where appropriate)
Data import formats
  • CSV
  • Other
Other data import formats
  • Excel
  • MPP
  • Web Service
  • Jira
  • MS Project Server

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
We provide the level of SLA's that our hosting providers (Azure, AWS, Oracle) provide. Refunds from the hosting provider will be passed to the client in full.
Approach to resilience
Available on request
Outage reporting
Email Alerts
Public Dashboard

Identity and authentication

User authentication needed
Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
All access to system functionality is controlled in two ways:

1. Access to the environment is controlled through user setup and authentication
2. Individual system functions are role based
3. Certain data element access is permission based.

These are all controlled through the same administration interface.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
We have our own in house framework in which the decisions made about security issues are aligned with the overall business strategy and the culture of our organisation and our clients needs. This varies depending on the domain and security requirements of our clients.
Information security policies and processes
We have adopted an Information Security Policy that complies with stringent legal requirements and provides the necessary assurance that data held and processed by our systems is treated with the highest appropriate standards to keep it safe. .
The detailed information security policies can be provided on request but in essence they are:
Making sure that only those who need access to data have that access.
Not storing information where it can be accidentally exposed or lost,Making sure that if data has to be transported it is done so securely using encrypted devices or channels.
Any breaches of these areas are reported directly to the CIO who will instigate a review of each case.
All staff are required to go through annual training and spot checks and audits are carried out to ensure policies are adhered to.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Provided on request
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Provided on request
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Provided on request
Incident management type
Supplier-defined controls
Incident management approach
We offer a fully web based incident management system where users can create their own incidents that our service agents will respond to.

There is an associated Knowledge Base and FAQ for common issues which both support agents and user have access to.

Incident reports can be provided to customers on request or on a requested cadence that can be agreed.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£115 to £210 per user per month
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑