Capita Business Services Limited

Integra Finance Management Solution

Integra is a Cloud-hosted suite of integrated business process-oriented software modules, creating a tailored finance and procurement solution to aligns to customer requirements. Should integrated HR/Payroll functionality be required as part of a longer-term back office roadmap, the scope of Integra can be extended to provide a complete ERP solution.


  • Secure, scalable and proven cloud-hosted solution via Microsoft Azure
  • Full financial control. Empowers rapid, confident decision-making and future planning
  • Comprehensive Business Intelligence and Reporting suite
  • Reduce administration costs, optimising processes through automation and self-service capability
  • Modular solution, allowing you to scale in-line with business requirements
  • Secure Cloud-based solution, access anywhere for full employee flexibility
  • Established low risk delivery implementation, with seamless transition into service
  • Integration with further systems to provide an end-to-end ERP solution
  • Dedicated Service Delivery Manager
  • UK based Help Desk and Customer Support team


  • Lower total cost of ownership, improved operational efficiency
  • Scalable, future-proof platform which aligns with growth of your organisation
  • Configurable reporting suite, access to information when and where required
  • Greater efficiencies through standardised processes
  • User adoption and acceptance through simple intuitive design
  • Improved supply chain and catalogue management
  • Seamless integration to third party systems to maximise ROI
  • Enhanced performance and resilience to ensure business continuity
  • Low risk delivery and implementation, reduced administrative overheads
  • Access to Integra User Group and sector-specific Special Interest Groups


£22.00 per user per month

  • Education pricing available

Service documents

G-Cloud 11


Capita Business Services Limited

Capita Business Services Ltd


Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Hybrid cloud
Service constraints There are no service constraints.
System requirements
  • Compatible web browser, in support by the vendor
  • Compatible Operating System in support by the vendor

User support

User support
Email or online ticketing support Email or online ticketing
Support response times The service desk operates Monday to Friday 08:00 – 18:00 (excluding English public holidays).

Level | Initial Response time | Target Response Time
P1 1 Hour 1 Day
P2 4 Hours 2 Days
P3 4 Hours 10 Days
P4 4 Hours 20 Days

24 hour and weekend support can be provided at an extra cost.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels As a hosted solution, we provide our Gold service level as default, which includes, full database management, a dedicated DBA, Real time database alerts, quarterly service review process, backup & recovery, service management, monthly statistics, real time system alerts & fix, access to system administrator (Mon - Fri: 08:00 - 18:00), security management, yearly product upgrade, cloud managed 'DR on demand' solution, point of time restore, annual DR test, DR management.

A service delivery manager will be assigned to you that will provide you with updates, upgrades and patches to both the underlying infrastructure components as well as the Integra application itself, ensuring that the you will not need to be concerned with any of the technical operations of the solution. This gives our customers peace of mind when it comes to the upkeep and maintenance of the system.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Capita advocate a Train the Trainer approach with key staff being trained on the system during the implementation stage. These staff then cascade the necessary training to the various users within the organisation.

In addition, training material is provided in electronic format, context sensitive help is available throughout the solution and when launched will produce help relevant to the screen on which the user invoked help.

Field level tool tips can also be customised on a per implementation basis to be relevant to your organisation and policies.

Capita are happy to work with you to develop a training plan to meet your training requirements.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats Microsoft office
End-of-contract data extraction Capita will agree an off-boarding plan with the customer detailing the tasks, responsibilities and timescales. As standard the off-boarding process will include a standard data extract taken and passed securely back to the customer and/or controlled destruction of the data that has been held on the system. All customer user accounts will also be removed from the service.

Where customers do not require consultancy services to off-board and would instead prefer to extract the data themselves to not incur additional charges, this can be achieved by the use of the solution’s standard extraction tools to export the data into industry standard formats such as xml and csv.
End-of-contract process In the event of the termination of a contract it is imperative that the customer can continue to carry out the vital tasks that our solution has provided for, such as continuing to pay suppliers and allowing orders to be made. Capita are committed to ensure that during a decommission, a professional services consultant is provided to ensure a smooth transition away from our solution to an alternative systems supplier.

We understand that, as part of an exit strategy, expert knowledge may be required to extract data from Integra in agreed formats to be imported in to another solution. Whilst this is not included as part of the commercial contract, Capita provide this service on a Time and Materials basis using the agreed rate card provided.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Integra Mobile provides a secure, quick and simple way to allow users to access key functions on the go by providing a secure online gateway which a user’s mobile/smartphone can connect to through their device’s Mobile Internet or Wi-Fi. As the vast majority of devices are connected at most times, remote/travelling users will be able to quickly review and approve key items even when on the move.

Integra Mobile currently includes Order Approval, Invoice Approval, and Expense Claim Entry, Enquiry, and Approval.
Service interface No
What users can and can't do using the API Integra is also fully capable of supporting APIs/Web Services, such as for instance connecting to an external system using RESTful API to pull or inject data, and we are would happy welcome to discussing these interface approaches further where required.
API documentation No
API sandbox or test environment No
Customisation available Yes
Description of customisation Admin users of the solution can amend and customise individual user access permissions within the solution. Including menu / program access permissions.

Users can customise their 'homepage' view to ensure ease of access to frequently used functions within the solution.

Reference files throughout allow an organisation to customise the solution to your exact requirements. Several reporting tools are provided again allowing you to create any reporting requirements not delivered within the standard reports provided.

Admin users can customise reference files and user management (add/remove/amend users). Users can customise the layout of their homepage, add their own personal favourites.


Independence of resources Microsoft Azure is resilient, scalable cloud platform and ensures high availability and reliability without any additional investment, management or concern by the council enabling IT resource to be devoted to the your other projects.

We recognise that you may change your shape/size and requirements over the term. We believe that both the topology and technologies used in the solution will provide you with the agility to respond to these changes – Integra can be easily scaled both horizontal, for example, adding more application servers into a load balance cluster and vertically such as, increasing CPU/ RAM on the application servers.


Service usage metrics Yes
Metrics types Dependent on the contract, reports are either provided on a monthly or quarterly basis. These reports include:

Incident/SLA Management,
Change Management,
Performance management,
Capacity Management,
Workload/Time Management
Reporting types Regular reports


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Download to variety of file formats including xls, xlsx, pdf, csv, txt and xml using the Integra Extraction profile generator.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • Text
  • XLS
  • XLSX
  • CSV
  • PDF
  • HTML
  • Native Application Reporting
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • Text

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability As an operational support system, the Service is designed to be available ‘24 x 7 x365/6’. Based on a 13 week rolling period (less any agreed requirement for planned service outages) the system is expected to be available for a minimum of 99.5% of core hours (09:00-18:00 Mon-Fri excluding Bank Holidays).
Approach to resilience Azure’s architecture involves the deployment of multiple data centres in each region with ultra-low latency interconnections and providing the capability to easily design the solution across all parts of the region.

Integra is deployed using a multi-tier architecture with different IP subnets and firewall controls separating the tiers.

Microsoft Azure will be delivered from UK locations (London and Cardiff) and the service will be managed by Capita’s UK teams. The Council will access the service using the internet with no specific infrastructure requirements.

Solution is monitored by Microsoft 24x7x365 and contain security teams in conjunction with the intrusion detection and prevention capabilities.

Azure Data Centres are built in a modular way, meaning that each data centre can be thought of as many smaller data centres built next to each other. This means that your data and system will be physically spread over different parts of the data centre, in turn meaning that even if an entire part of the data centre fails, you are unlikely to notice. Physically, all Azure data centres have multiple redundant power grid connections, multiple redundant internet connections, redundant backup generators, and batteries to ensure resilience and mitigation of a wide variety of risk.
Outage reporting Real time system alerts will notify your assigned Service Delivery Manager of any service outages. The Service Delivery Manager will then alert you of the outage via email. Update emails will be sent to notify you of progress in resolution, cause of the incident, and steps taken to rectify. In the case of a Major incident, a Major Incident report will also be provided within 48 hours of the incident.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Access details for client systems are held securely in our Customer Service software and access is restricted to only those staff that support the customers cloud based system. The support teams access the customer cloud based system via terminal services and each member of the support team has their own login credentials.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Evova/BM Trada
ISO/IEC 27001 accreditation date Since 2006
What the ISO/IEC 27001 doesn’t cover All activity is covered and included in the certificate scope
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Capita is committed to maintaining the highest risk management standards and ensuring compliance with legal and regulatory requirements. To this end, Capita has developed a policy portfolio, which includes a Cyber & Information Security Policy and associated standards, which must be adopted as the minimum requirements. Implementing a programme of internal information security audits provides assurances that the level of conformance with the Capita baseline Cyber & Information Security requirements are being continually assessed and any identified areas of non-conformance are being addressed by appropriate corrective actions/ risk management framework.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach ITIL based processes are followed.
- Full configuration management system tracking service components
- Full change advisory board
- All changes are assessed for risk and impact
- Includes dedicated test environments

Whilst we have our own controls for change management (in line with our ITIL-oriented service management processes) we will ensure that any upgrade process meets the requirement of your change management policies as well, including liaising with the relevant internal stakeholders to ensure the right people are aware of what is going to take place and when.
Vulnerability management type Supplier-defined controls
Vulnerability management approach - Internal QA and test process
- Test and deploy patches in accordance with severity
- Support regular independent penetration testing
- Active monitoring and management of network vulnerability and security threats.
- Relationships with key vendors to understand potential threats
Protective monitoring type Supplier-defined controls
Protective monitoring approach - Monitor entire environment both at infrastructure and software level
- Includes monitoring individual files and folder configuration changes automatically
- Dedicated personnel for monitoring and managing the environment
- Relationships with vendors
- ITIL - deploy emergency change control and emergency escalation processes
- Incidents will be triaged
- Remediation plan in case of security incident
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach - Fully ITIL based service desk management , includes a dedicated incident management process.
- Incident knowledge-based database, each with a predefined process for resolution
- phone, email, customer support portal as available contact methods to the service desk.
- Service delivery managers provide reports, in addition self service is available through the customer support portal

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)


Price £22.00 per user per month
Discount for educational organisations Yes
Free trial available No

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions pdf document: Modern Slavery statement
Service documents
Return to top ↑