Integra Finance Management Solution
Integra is a Cloud-hosted suite of integrated business process-oriented software modules, creating a tailored finance and procurement solution to aligns to customer requirements. Should integrated HR/Payroll functionality be required as part of a longer-term back office roadmap, the scope of Integra can be extended to provide a complete ERP solution.
- Secure, scalable and proven cloud-hosted solution via Microsoft Azure
- Full financial control. Empowers rapid, confident decision-making and future planning
- Comprehensive Business Intelligence and Reporting suite
- Reduce administration costs, optimising processes through automation and self-service capability
- Modular solution, allowing you to scale in-line with business requirements
- Secure Cloud-based solution, access anywhere for full employee flexibility
- Established low risk delivery implementation, with seamless transition into service
- Integration with further systems to provide an end-to-end ERP solution
- Dedicated Service Delivery Manager
- UK based Help Desk and Customer Support team
- Lower total cost of ownership, improved operational efficiency
- Scalable, future-proof platform which aligns with growth of your organisation
- Configurable reporting suite, access to information when and where required
- Greater efficiencies through standardised processes
- User adoption and acceptance through simple intuitive design
- Improved supply chain and catalogue management
- Seamless integration to third party systems to maximise ROI
- Enhanced performance and resilience to ensure business continuity
- Low risk delivery and implementation, reduced administrative overheads
- Access to Integra User Group and sector-specific Special Interest Groups
£22.00 per user per month
- Education pricing available
- Pricing document
- Skills Framework for the Information Age rate card
- Service definition document
- Terms and conditions
- Modern Slavery statement
Capita Business Services Limited
Capita Business Services Ltd
|Software add-on or extension||No|
|Cloud deployment model||
|Service constraints||There are no service constraints.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
The service desk operates Monday to Friday 08:00 – 18:00 (excluding English public holidays).
Level | Initial Response time | Target Response Time
P1 1 Hour 1 Day
P2 4 Hours 2 Days
P3 4 Hours 10 Days
P4 4 Hours 20 Days
24 hour and weekend support can be provided at an extra cost.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
As a hosted solution, we provide our Gold service level as default, which includes, full database management, a dedicated DBA, Real time database alerts, quarterly service review process, backup & recovery, service management, monthly statistics, real time system alerts & fix, access to system administrator (Mon - Fri: 08:00 - 18:00), security management, yearly product upgrade, cloud managed 'DR on demand' solution, point of time restore, annual DR test, DR management.
A service delivery manager will be assigned to you that will provide you with updates, upgrades and patches to both the underlying infrastructure components as well as the Integra application itself, ensuring that the you will not need to be concerned with any of the technical operations of the solution. This gives our customers peace of mind when it comes to the upkeep and maintenance of the system.
|Support available to third parties||Yes|
Onboarding and offboarding
Capita advocate a Train the Trainer approach with key staff being trained on the system during the implementation stage. These staff then cascade the necessary training to the various users within the organisation.
In addition, training material is provided in electronic format, context sensitive help is available throughout the solution and when launched will produce help relevant to the screen on which the user invoked help.
Field level tool tips can also be customised on a per implementation basis to be relevant to your organisation and policies.
Capita are happy to work with you to develop a training plan to meet your training requirements.
|Other documentation formats||Microsoft office|
|End-of-contract data extraction||
Capita will agree an off-boarding plan with the customer detailing the tasks, responsibilities and timescales. As standard the off-boarding process will include a standard data extract taken and passed securely back to the customer and/or controlled destruction of the data that has been held on the system. All customer user accounts will also be removed from the service.
Where customers do not require consultancy services to off-board and would instead prefer to extract the data themselves to not incur additional charges, this can be achieved by the use of the solution’s standard extraction tools to export the data into industry standard formats such as xml and csv.
In the event of the termination of a contract it is imperative that the customer can continue to carry out the vital tasks that our solution has provided for, such as continuing to pay suppliers and allowing orders to be made. Capita are committed to ensure that during a decommission, a professional services consultant is provided to ensure a smooth transition away from our solution to an alternative systems supplier.
We understand that, as part of an exit strategy, expert knowledge may be required to extract data from Integra in agreed formats to be imported in to another solution. Whilst this is not included as part of the commercial contract, Capita provide this service on a Time and Materials basis using the agreed rate card provided.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||
Integra Mobile provides a secure, quick and simple way to allow users to access key functions on the go by providing a secure online gateway which a user’s mobile/smartphone can connect to through their device’s Mobile Internet or Wi-Fi. As the vast majority of devices are connected at most times, remote/travelling users will be able to quickly review and approve key items even when on the move.
Integra Mobile currently includes Order Approval, Invoice Approval, and Expense Claim Entry, Enquiry, and Approval.
|What users can and can't do using the API||Integra is also fully capable of supporting APIs/Web Services, such as for instance connecting to an external system using RESTful API to pull or inject data, and we are would happy welcome to discussing these interface approaches further where required.|
|API sandbox or test environment||No|
|Description of customisation||
Admin users of the solution can amend and customise individual user access permissions within the solution. Including menu / program access permissions.
Users can customise their 'homepage' view to ensure ease of access to frequently used functions within the solution.
Reference files throughout allow an organisation to customise the solution to your exact requirements. Several reporting tools are provided again allowing you to create any reporting requirements not delivered within the standard reports provided.
Admin users can customise reference files and user management (add/remove/amend users). Users can customise the layout of their homepage, add their own personal favourites.
|Independence of resources||
Microsoft Azure is resilient, scalable cloud platform and ensures high availability and reliability without any additional investment, management or concern by the council enabling IT resource to be devoted to the your other projects.
We recognise that you may change your shape/size and requirements over the term. We believe that both the topology and technologies used in the solution will provide you with the agility to respond to these changes – Integra can be easily scaled both horizontal, for example, adding more application servers into a load balance cluster and vertically such as, increasing CPU/ RAM on the application servers.
|Service usage metrics||Yes|
Dependent on the contract, reports are either provided on a monthly or quarterly basis. These reports include:
|Reporting types||Regular reports|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Download to variety of file formats including xls, xlsx, pdf, csv, txt and xml using the Integra Extraction profile generator.|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||As an operational support system, the Service is designed to be available ‘24 x 7 x365/6’. Based on a 13 week rolling period (less any agreed requirement for planned service outages) the system is expected to be available for a minimum of 99.5% of core hours (09:00-18:00 Mon-Fri excluding Bank Holidays).|
|Approach to resilience||
Azure’s architecture involves the deployment of multiple data centres in each region with ultra-low latency interconnections and providing the capability to easily design the solution across all parts of the region.
Integra is deployed using a multi-tier architecture with different IP subnets and firewall controls separating the tiers.
Microsoft Azure will be delivered from UK locations (London and Cardiff) and the service will be managed by Capita’s UK teams. The Council will access the service using the internet with no specific infrastructure requirements.
Solution is monitored by Microsoft 24x7x365 and contain security teams in conjunction with the intrusion detection and prevention capabilities.
Azure Data Centres are built in a modular way, meaning that each data centre can be thought of as many smaller data centres built next to each other. This means that your data and system will be physically spread over different parts of the data centre, in turn meaning that even if an entire part of the data centre fails, you are unlikely to notice. Physically, all Azure data centres have multiple redundant power grid connections, multiple redundant internet connections, redundant backup generators, and batteries to ensure resilience and mitigation of a wide variety of risk.
|Outage reporting||Real time system alerts will notify your assigned Service Delivery Manager of any service outages. The Service Delivery Manager will then alert you of the outage via email. Update emails will be sent to notify you of progress in resolution, cause of the incident, and steps taken to rectify. In the case of a Major incident, a Major Incident report will also be provided within 48 hours of the incident.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Access details for client systems are held securely in our Customer Service software and access is restricted to only those staff that support the customers cloud based system. The support teams access the customer cloud based system via terminal services and each member of the support team has their own login credentials.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||Evova/BM Trada|
|ISO/IEC 27001 accreditation date||Since 2006|
|What the ISO/IEC 27001 doesn’t cover||All activity is covered and included in the certificate scope|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||Capita is committed to maintaining the highest risk management standards and ensuring compliance with legal and regulatory requirements. To this end, Capita has developed a policy portfolio, which includes a Cyber & Information Security Policy and associated standards, which must be adopted as the minimum requirements. Implementing a programme of internal information security audits provides assurances that the level of conformance with the Capita baseline Cyber & Information Security requirements are being continually assessed and any identified areas of non-conformance are being addressed by appropriate corrective actions/ risk management framework.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
ITIL based processes are followed.
- Full configuration management system tracking service components
- Full change advisory board
- All changes are assessed for risk and impact
- Includes dedicated test environments
Whilst we have our own controls for change management (in line with our ITIL-oriented service management processes) we will ensure that any upgrade process meets the requirement of your change management policies as well, including liaising with the relevant internal stakeholders to ensure the right people are aware of what is going to take place and when.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
- Internal QA and test process
- Test and deploy patches in accordance with severity
- Support regular independent penetration testing
- Active monitoring and management of network vulnerability and security threats.
- Relationships with key vendors to understand potential threats
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
- Monitor entire environment both at infrastructure and software level
- Includes monitoring individual files and folder configuration changes automatically
- Dedicated personnel for monitoring and managing the environment
- Relationships with vendors
- ITIL - deploy emergency change control and emergency escalation processes
- Incidents will be triaged
- Remediation plan in case of security incident
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
- Fully ITIL based service desk management , includes a dedicated incident management process.
- Incident knowledge-based database, each with a predefined process for resolution
- phone, email, customer support portal as available contact methods to the service desk.
- Service delivery managers provide reports, in addition self service is available through the customer support portal
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||Yes|
|Price||£22.00 per user per month|
|Discount for educational organisations||Yes|
|Free trial available||No|