TEAM (Energy Auditing Agency Ltd)

Sigma Energy Management Software

Provision of Sigma Software as a Service. Sigma energy and carbon management software enables recording of utility bills (EDI/paper), meter data and related building data to validate bills, analyse and report on costs, consumption and emissions from individual meters to entire estates. It includes advanced and flexible reporting capabilities.

Features

• Central utilities database storing cost and consumption in one place
• Automated Industry leading Bill Validation Tools (EDI & Paper)
• Automated loading of periodic (Half hourly) data from any source
• Reporting of cost, consumption and emissions at all levels
• Advanced analysis and reporting through embedded BI tools
• Ability to create your own reports and dashboards
• Automated Integration with Accounts Payable and Accounts Receivable systems
• Data monitoring tools to manage gaps, overdue and unexpected data
• Exception reporting
• Tenant Billing

Benefits

• Save money by maximising cost recovery opportunities from billing errors
• Save time through extensive system automation
• Drive down energy costs through better understanding of your usage
• Meet compliance obligations by reporting through a common utilities database
• Save time and effort through automated links to Accounts systems
• Make life easier by working from anywhere
• Effective collaboration through sharing information across multiple parties
• Efficient working through guaranteed system availability and SLA's
• IT Reassurance through automated backups and seamless upgrades
• Data security assurance through Cyber Essentials Plus and ISO27001

£1,995 to £20,000 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Framework

G-Cloud 12

Service ID

885135857805274

Contact

Pete Morrell
07739575869
pmorrell@teamenergy.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: You will need access to the Internet, and a minimum 2Mbit broadband Internet connection, to be able to use the service.; ; Planned maintenance will be advised in advance, giving notice by email and through notices placed on the Customer Help Centre portal.; ; Emergency maintenance will be advised by email as required, with updates provided via the Customer Help Centre Portal.
• System requirements:
  • Access to Sigma is via any supported web browser
  • No additional software or firewall permissions are required
  • Access is via a publicly available URL
  • A minimum 2Mbit internet broadband connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support Helpdesk operates 8am to 6pm Monday to Fridays (excl Bank Holidays). All calls or emails received undergo triage and are categorised by severity into Urgent, High, Normal and Low. First response is 10 mins from receipt for urgent and 20 mins for all other categories. We have stated SLA's, per category of severity, for a) implementation of a workaround, b) notification of problem resolution timescale and c) problem resolution.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Helpdesk: Available between 8am to 6pm Monday to Friday (excluding Public Holidays) manned by specialist staff.; ; Online User Manual: A fully searchable online help library is available, with material updated as capability is changed or added.; ; Support Help Centre: A secure online facility, available 24/7, to submit requests, track progress, participate in the discussion community, access the latest TEAM news etc. View and subscribe to Hosted Services platform announcements covering Updates and Upgrades to the platform. ; ; Online Training Academy: Provides customers with the opportunity to train or refresh their Sigma knowledge, at their own pace. Courses are delivered one step at a time and are accessible on mobile, tablet and desktop to provide flexibility of learning. ; ; Software Improvements: TEAM software improvements are provided at no extra charge to ensure customers benefit from regular updates to maintain compatibility with billing and data formats, new features, improved security etc.; ; Webinars: Webinars are provided on new and updated software. Webinars are available to join live or to download later through the Support Help Centre.; ; Hosted Support: A fully secure hosted service is provided, supported by specialist IT team. Includes regular backups, DR and IT support.; ; All costs are included within SaaS fees
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: TEAM provide an on-boarding consultancy service aimed at understanding our customers estate and reporting requirements. We then use that to help design the optimum database structure, which may then be built by the customer or by TEAM staff as required. This is all managed by our dedicated Customer Success team, who oversee on-boarding until handover. At that point, our Support Help Desk team provide application support going forward. ; ; Training is available on site from our dedicated software Trainer and also through various on line resources. ; ; E.g. User help is available from within the application, accessing our on line user manual. ; ; We run an on line Training Academy where users can access training courses on the application and upon other energy and utility industry topics. Each course has a test and certificate at the end.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: TEAM will take copies of user data and provide users with a complete set in easily readable csv file format at the end of any contract. This is a standard service included with all SaaS contracts.; ; In addition, at any time during the contract prior to the end date, users can use the data export and reporting facilities within Sigma to pull out their own data sets if required.
• End-of-contract process: Upon giving notice of the end of a contract, an off-boarding plan will be put in place.; This will include any specific off-boarding obligations agreed as part of the contract and will always include the provision of a complete set of data.; Within 30 days following the termination of the Agreement, and following receipt of any outstanding Charges, the Provider will securely send to the Customer, by an agreed method, an ASCII file of Customer data held on the Sigma Cloud database on the Termination date. The Customer data will be provided in the standard TEAM export format (copy of which is available upon demand). For the avoidance of doubt the Provider will not be obliged to adhere to bespoke extract formats or the population of additional 3rd party spreadsheets without prior agreement and additional Charges will apply

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The desktop service via Web Browser provides the full range of functionality but some of the services are available for use on Mobile devices.; The Meter Read App is designed specifically for use on Android Mobile devices; The Energy Viewer, is designed for simple and easy access to key energy consumption data, tracking and meter reads.
• Service interface: No
• API: No
• Customisation available: Yes
• Description of customisation: The software is available as a core system plus optional modules.; The core service includes user ability to record details from utility bills, load half hourly meter data, enter self reads, store relevant building related data (floor areas, headcount, degree days etc), perform bill validation, perform monitoring and targeting, analysis of data and generation of reports plus creation of your own reports and dashboards. ; Option modules exist for:; - Handling and Importing of EDI or other electronic billing; - Facility to create files for loading bills etc into Accounts systems; - Tenant Billing Module; - Energy Viewer Simple Interface

Scaling

• Independence of resources: Customers are supported by the provisioning of individual databases. Our DBA's allocate resource to customers individual databases to ensure performance.

Analytics

• Service usage metrics: Yes
• Metrics types: Service Availability,; Rolling 12-month annual performance,; and where the service forms part of a wider Bureau service:; Customer Communication Performance Summary.; Database Health Checks,; Potential and Realised Savings,; Active Supply Points,; Bill Processing SLAs,; Report Production SLAs,; KPI Overview,; Outstanding Recovery Queries,; Recovery Query Categories,; Closed Recovery Queries,; Missing Bill Analysis,; Missing Read Analysis,
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2012
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Through the following means:; - Running of Standard reports and saving to Excel or PDF; - Sigma Energy Intelligence Reports and export to csv/excel, pdf; - Use of the channel export function (for exporting half hourly data); - The Data Edit Spreadsheet (for extracting system standing data in csv format); - Accounts Link (for creation of custom files containing billing and associated cost code data for automated loading into Accounting Systems)
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • .docx
  • .pdf
  • Text format
  • .xlxs
  • To Print
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Tradacoms file format 26 version 3
  • Various Supplier electronic billing formats (usually csv format)

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Availability; During Supported Hours (Mon - Fri 08:00 to 18:00) 99.5%; Last rolling 12 months was at 99.86%. ; ; Incident & Problem Management; Average Time to First Reply; • 30 minutes Resolution ; • P1 – ASAP; • P2 – 30 days; • P3 – 60 days; • P4 – 90 days; There are no service credits unless specifically agreed with the customer.
• Approach to resilience: Available on request
• Outage reporting: Via email alerts and our Support Help Centre Portal

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: An individual’s access rights are determined using the ISMS.; ; The service is operated in accordance with the TEAM Security Information Systems which provides the following risk management controls:; ; Control A8 – Asset management; Control A9 – Access Control; Access Control Policy ISMS-C_DOC_9.1.1; Access Control Rules & Rights ISMS-C_DOC_9.1.2; Individual User Agreement ISMS-C_DOC_9.2.1A; User Access Management ISMS-C_DOC_9.2.3; User Name Administration ISMS-C_DOC_9.2.3A; Wireless User Addendum ISMS-C_DOC_9.2.3B; Mobile Phone Addendum ISMS-C_DOC_9.2.3C; Secure Logon ISMS-C_DOC_9.4.2; Use of System Utilities ISMS-C_DOC_9.4.4; User Deletion Request ISMS-C_REC_9.2.1; User Replacement Password Requirement ISMS-C_REC_9.4.2
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LLoyds Register
• ISO/IEC 27001 accreditation date: 23/07/2019
• What the ISO/IEC 27001 doesn’t cover: The whole of TEAM operations are covered by either the Certificate covering TEAM based operations (Issued by Lloyds Register) and another Certificate covering the IBM Cloud facility (issued by Bureau Facilitas).
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: Yes
• Any other security certifications:
  • Cyber Essentials
  • Cyber Essentials Plus

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: TEAM have a documented Information Security Management Manual and System (ISMS) as set out within our Information Security Policy - copies of which can be provided upon demand.; ; The ISMS Management Engagement Framework drives policies and processes and is steered by the ISMS Committee who meet once a week. This comprises the CEO, Service Delivery Director, Solutions Delivery Director and Senior IT Operations personnel. ; ; The Board of Directors has ultimate authority over the information security policy and ISMS and approves and authorises all changes to the information security policy, the Statement of Applicability, the information security manual and any separate policy statements (tier 1 documents).; ; The Chief Information Security Officer (CISO) has lead executive authority for information security and works with the Information Security Committee to approve, authorise and issue all tier 2 documents.; ; The Information Security Manager and all Heads of Department approve and authorise tier 3 documents owned by individuals or entities in their areas of responsibility. Any information security documents personally owned by Heads of Department have to be approved and authorised by the Chief Information Security Officer (CISO).; ; Owners of information assets are responsible for the day-to-day protection of and operation of related security processes.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Configuration and change management are managed inline with our ITIL and ISO27001 framework.; ; IT Asset Inventory Management; Third party application AssetExplorer is deployed to helps to keep up-to-date information of all TEAM assets by periodically scanning the software, hardware & other ownership information.; ; Configuration Management Database (CMDB); CMDB lets us track and manage all our CIs in a single repository. ; ; In order to ensure the integrity of change to any TEAM supported CI change is managed under a Change Control process.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: QualysGuard (QG) Vulnerability Management is used by TEAM to automate the lifecycle of network auditing and vulnerability management including network discovery and mapping, asset prioritisation, vulnerability assessment reporting and remediation tracking. QG delivers continuous protection against the latest worms and security threats. ; QG provides comprehensive reports on vulnerabilities including severity levels, time to fix estimates and impact on business, trend analysis on security issues.; QG is a key source for potential threats notification.; Patches are based on our the risk assessment - including same day patching.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our hosted service provider IBM offers a complete array of Intrusion Protection Systems (IPS) and Intrusion Detection and Prevention Systems (IDPS) software for both the network and server/host level.; ; The IBM Cloud platform provides intrusion detection with a perimeter-level DataPower-based firewall. Logs from this firewall are consolidated within an IBM security information and event management (SIEM) tool.; ; Periodic scanning including OWASP-based vulnerability scans are performed by IBM against the platform endpoints. Real-time analysis at the HTTP level for OWASP issues such as SQL Injection or cross-site scripting (XSS) attacks is not provided at this time.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident are management as set out in our Information Security Management System.; ; All the Information security events will be notified and recorded according to Reporting an Information Security Weakness Event ISMS-C_DOC_16.1.2-3 - copy available on request.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Pricing

• Price: £1,995 to £20,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We can provide free trials upon agreement of the following:; - Duration of trial (usually 2 weeks); - Trial Objectives; - What a successful trial looks like; - What happens after a successful trial.; ; Initial guidance on navigation around the system (not full training).; Based upon using TEAM demo system.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF