TEAM (Energy Auditing Agency Ltd)

Sigma Energy Management Software

Provision of Sigma Software as a Service. Sigma energy and carbon management software enables recording of utility bills (EDI/paper), meter data and related building data to validate bills, analyse and report on costs, consumption and emissions from individual meters to entire estates. It includes advanced and flexible reporting capabilities.

Features

  • Central utilities database storing cost and consumption in one place
  • Automated Industry leading Bill Validation Tools (EDI & Paper)
  • Automated loading of periodic (Half hourly) data from any source
  • Reporting of cost, consumption and emissions at all levels
  • Advanced analysis and reporting through embedded BI tools
  • Ability to create your own reports and dashboards
  • Automated Integration with Accounts Payable and Accounts Receivable systems
  • Data monitoring tools to manage gaps, overdue and unexpected data
  • Exception reporting
  • Tenant Billing

Benefits

  • Save money by maximising cost recovery opportunities from billing errors
  • Save time through extensive system automation
  • Drive down energy costs through better understanding of your usage
  • Meet compliance obligations by reporting through a common utilities database
  • Save time and effort through automated links to Accounts systems
  • Make life easier by working from anywhere
  • Effective collaboration through sharing information across multiple parties
  • Efficient working through guaranteed system availability and SLA's
  • IT Reassurance through automated backups and seamless upgrades
  • Data security assurance through Cyber Essentials Plus and ISO27001

Pricing

£1,995 to £20,000 a licence a year

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pmorrell@teamenergy.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

8 8 5 1 3 5 8 5 7 8 0 5 2 7 4

Contact

TEAM (Energy Auditing Agency Ltd) Pete Morrell
Telephone: 07739575869
Email: pmorrell@teamenergy.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
You will need access to the Internet, and a minimum 2Mbit broadband Internet connection, to be able to use the service.

Planned maintenance will be advised in advance, giving notice by email and through notices placed on the Customer Help Centre portal.

Emergency maintenance will be advised by email as required, with updates provided via the Customer Help Centre Portal.
System requirements
  • Access to Sigma is via any supported web browser
  • No additional software or firewall permissions are required
  • Access is via a publicly available URL
  • A minimum 2Mbit internet broadband connection

User support

Email or online ticketing support
Email or online ticketing
Support response times
Support Helpdesk operates 8am to 6pm Monday to Fridays (excl Bank Holidays). All calls or emails received undergo triage and are categorised by severity into Urgent, High, Normal and Low. First response is 10 mins from receipt for urgent and 20 mins for all other categories. We have stated SLA's, per category of severity, for a) implementation of a workaround, b) notification of problem resolution timescale and c) problem resolution.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Helpdesk: Available between 8am to 6pm Monday to Friday (excluding Public Holidays) manned by specialist staff.

Online User Manual: A fully searchable online help library is available, with material updated as capability is changed or added.

Support Help Centre: A secure online facility, available 24/7, to submit requests, track progress, participate in the discussion community, access the latest TEAM news etc. View and subscribe to Hosted Services platform announcements covering Updates and Upgrades to the platform.

Online Training Academy: Provides customers with the opportunity to train or refresh their Sigma knowledge, at their own pace. Courses are delivered one step at a time and are accessible on mobile, tablet and desktop to provide flexibility of learning.

Software Improvements: TEAM software improvements are provided at no extra charge to ensure customers benefit from regular updates to maintain compatibility with billing and data formats, new features, improved security etc.

Webinars: Webinars are provided on new and updated software. Webinars are available to join live or to download later through the Support Help Centre.

Hosted Support: A fully secure hosted service is provided, supported by specialist IT team. Includes regular backups, DR and IT support.

All costs are included within SaaS fees
Support available to third parties
Yes

Onboarding and offboarding

Getting started
TEAM provide an on-boarding consultancy service aimed at understanding our customers estate and reporting requirements. We then use that to help design the optimum database structure, which may then be built by the customer or by TEAM staff as required. This is all managed by our dedicated Customer Success team, who oversee on-boarding until handover. At that point, our Support Help Desk team provide application support going forward.

Training is available on site from our dedicated software Trainer and also through various on line resources.

E.g. User help is available from within the application, accessing our on line user manual.

We run an on line Training Academy where users can access training courses on the application and upon other energy and utility industry topics. Each course has a test and certificate at the end.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
TEAM will take copies of user data and provide users with a complete set in easily readable csv file format at the end of any contract. This is a standard service included with all SaaS contracts.

In addition, at any time during the contract prior to the end date, users can use the data export and reporting facilities within Sigma to pull out their own data sets if required.
End-of-contract process
Upon giving notice of the end of a contract, an off-boarding plan will be put in place.
This will include any specific off-boarding obligations agreed as part of the contract and will always include the provision of a complete set of data.
Within 30 days following the termination of the Agreement, and following receipt of any outstanding Charges, the Provider will securely send to the Customer, by an agreed method, an ASCII file of Customer data held on the Sigma Cloud database on the Termination date. The Customer data will be provided in the standard TEAM export format (copy of which is available upon demand). For the avoidance of doubt the Provider will not be obliged to adhere to bespoke extract formats or the population of additional 3rd party spreadsheets without prior agreement and additional Charges will apply

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The desktop service via Web Browser provides the full range of functionality but some of the services are available for use on Mobile devices.
The Meter Read App is designed specifically for use on Android Mobile devices
The Energy Viewer, is designed for simple and easy access to key energy consumption data, tracking and meter reads.
Service interface
No
API
No
Customisation available
Yes
Description of customisation
The software is available as a core system plus optional modules.
The core service includes user ability to record details from utility bills, load half hourly meter data, enter self reads, store relevant building related data (floor areas, headcount, degree days etc), perform bill validation, perform monitoring and targeting, analysis of data and generation of reports plus creation of your own reports and dashboards.
Option modules exist for:
- Handling and Importing of EDI or other electronic billing
- Facility to create files for loading bills etc into Accounts systems
- Tenant Billing Module
- Energy Viewer Simple Interface

Scaling

Independence of resources
Customers are supported by the provisioning of individual databases. Our DBA's allocate resource to customers individual databases to ensure performance.

Analytics

Service usage metrics
Yes
Metrics types
Service Availability,
Rolling 12-month annual performance,
and where the service forms part of a wider Bureau service:
Customer Communication Performance Summary.
Database Health Checks,
Potential and Realised Savings,
Active Supply Points,
Bill Processing SLAs,
Report Production SLAs,
KPI Overview,
Outstanding Recovery Queries,
Recovery Query Categories,
Closed Recovery Queries,
Missing Bill Analysis,
Missing Read Analysis,
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Through the following means:
- Running of Standard reports and saving to Excel or PDF
- Sigma Energy Intelligence Reports and export to csv/excel, pdf
- Use of the channel export function (for exporting half hourly data)
- The Data Edit Spreadsheet (for extracting system standing data in csv format)
- Accounts Link (for creation of custom files containing billing and associated cost code data for automated loading into Accounting Systems)
Data export formats
  • CSV
  • Other
Other data export formats
  • .docx
  • .pdf
  • Text format
  • .xlxs
  • To Print
Data import formats
  • CSV
  • Other
Other data import formats
  • Tradacoms file format 26 version 3
  • Various Supplier electronic billing formats (usually csv format)

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Availability
During Supported Hours (Mon - Fri 08:00 to 18:00) 99.5%
Last rolling 12 months was at 99.86%.

Incident & Problem Management
Average Time to First Reply
• 30 minutes Resolution
• P1 – ASAP
• P2 – 30 days
• P3 – 60 days
• P4 – 90 days
There are no service credits unless specifically agreed with the customer.
Approach to resilience
Available on request
Outage reporting
Via email alerts and our Support Help Centre Portal

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
An individual’s access rights are determined using the ISMS.

The service is operated in accordance with the TEAM Security Information Systems which provides the following risk management controls:

Control A8 – Asset management
Control A9 – Access Control
Access Control Policy ISMS-C_DOC_9.1.1
Access Control Rules & Rights ISMS-C_DOC_9.1.2
Individual User Agreement ISMS-C_DOC_9.2.1A
User Access Management ISMS-C_DOC_9.2.3
User Name Administration ISMS-C_DOC_9.2.3A
Wireless User Addendum ISMS-C_DOC_9.2.3B
Mobile Phone Addendum ISMS-C_DOC_9.2.3C
Secure Logon ISMS-C_DOC_9.4.2
Use of System Utilities ISMS-C_DOC_9.4.4
User Deletion Request ISMS-C_REC_9.2.1
User Replacement Password Requirement ISMS-C_REC_9.4.2
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
LLoyds Register
ISO/IEC 27001 accreditation date
23/07/2019
What the ISO/IEC 27001 doesn’t cover
The whole of TEAM operations are covered by either the Certificate covering TEAM based operations (Issued by Lloyds Register) and another Certificate covering the IBM Cloud facility (issued by Bureau Facilitas).
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials
  • Cyber Essentials Plus

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials Plus
Information security policies and processes
TEAM have a documented Information Security Management Manual and System (ISMS) as set out within our Information Security Policy - copies of which can be provided upon demand.

The ISMS Management Engagement Framework drives policies and processes and is steered by the ISMS Committee who meet once a week. This comprises the CEO, Service Delivery Director, Solutions Delivery Director and Senior IT Operations personnel.

The Board of Directors has ultimate authority over the information security policy and ISMS and approves and authorises all changes to the information security policy, the Statement of Applicability, the information security manual and any separate policy statements (tier 1 documents).

The Chief Information Security Officer (CISO) has lead executive authority for information security and works with the Information Security Committee to approve, authorise and issue all tier 2 documents.

The Information Security Manager and all Heads of Department approve and authorise tier 3 documents owned by individuals or entities in their areas of responsibility. Any information security documents personally owned by Heads of Department have to be approved and authorised by the Chief Information Security Officer (CISO).

Owners of information assets are responsible for the day-to-day protection of and operation of related security processes.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Configuration and change management are managed inline with our ITIL and ISO27001 framework.

IT Asset Inventory Management
Third party application AssetExplorer is deployed to helps to keep up-to-date information of all TEAM assets by periodically scanning the software, hardware & other ownership information.

Configuration Management Database (CMDB)
CMDB lets us track and manage all our CIs in a single repository.

In order to ensure the integrity of change to any TEAM supported CI change is managed under a Change Control process.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
QualysGuard (QG) Vulnerability Management is used by TEAM to automate the lifecycle of network auditing and vulnerability management including network discovery and mapping, asset prioritisation, vulnerability assessment reporting and remediation tracking. QG delivers continuous protection against the latest worms and security threats.
QG provides comprehensive reports on vulnerabilities including severity levels, time to fix estimates and impact on business, trend analysis on security issues.
QG is a key source for potential threats notification.
Patches are based on our the risk assessment - including same day patching.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Our hosted service provider IBM offers a complete array of Intrusion Protection Systems (IPS) and Intrusion Detection and Prevention Systems (IDPS) software for both the network and server/host level.

The IBM Cloud platform provides intrusion detection with a perimeter-level DataPower-based firewall. Logs from this firewall are consolidated within an IBM security information and event management (SIEM) tool.

Periodic scanning including OWASP-based vulnerability scans are performed by IBM against the platform endpoints. Real-time analysis at the HTTP level for OWASP issues such as SQL Injection or cross-site scripting (XSS) attacks is not provided at this time.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Incident are management as set out in our Information Security Management System.

All the Information security events will be notified and recorded according to Reporting an Information Security Weakness Event ISMS-C_DOC_16.1.2-3 - copy available on request.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£1,995 to £20,000 a licence a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
We can provide free trials upon agreement of the following:
- Duration of trial (usually 2 weeks)
- Trial Objectives
- What a successful trial looks like
- What happens after a successful trial.

Initial guidance on navigation around the system (not full training).
Based upon using TEAM demo system.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pmorrell@teamenergy.com. Tell them what format you need. It will help if you say what assistive technology you use.