G-Cloud 11 services are suspended on Digital Marketplace

If you have an ongoing procurement on G-Cloud 11, you must complete it by 18 December 2020. Existing contracts with Civica UK Limited are still valid.
Civica UK Limited

Civica MultiVue Enrich

MultiVue Enrich offers incremental capability building on Civica MultiVue to ensure internal data can be verified against external reference data sources. This ensures you can trust the accuracy of your data and distribute your single view of the customer across your organisation with confidence.

Features

  • Incorporate external business data
  • Broad range of social demographic data for record enrichment
  • Append additional data to records, Grid References, UPRN's etc.
  • Enhance data quality
  • Cloud-based solution

Benefits

  • Create a single customer view across the organisation
  • Maintain high quality validated records
  • Verify against external reference data sources
  • Augment internal records with additional external data.

Pricing

£2,080 a unit a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at g-cloud@civica.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 11

Service ID

8 8 5 8 3 0 4 5 7 8 0 8 4 4 2

Contact

Civica UK Limited Civica UK Limited
Telephone: +44 (0) 3333 214 914
Email: g-cloud@civica.co.uk

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
This is an add on to the MultiVue for BI/Analytics or MultiVue for Customer Service or Multivue CRM Embed with Dynamics 365.
Cloud deployment model
Public cloud
Service constraints
None
System requirements
Requires a SQL Server or Oracle staging environment

User support

Email or online ticketing support
Email or online ticketing
Support response times
Civica undertakes to use all reasonable endeavors to respond in accordance with the following:-

• Priority 1 – Target response time one hour
• Priority 2 – Target response time four hours
• Priority 3 – Target response time four hours
• Priority 4 – Same day response
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support levels offered are as follows:

Standard - 9am to 5pm, Monday to Friday.

Bronze - Standard support plus 3 consulting days for annual health check (or other consulting services). Additional cost: on application

Silver - Standard support extended between 8.00am to 6.00pm, Monday to Friday. Cost on application.

Gold - 24 x 7 support, for Priority One incidents, with others handled under the terms of Standard support. Additional cost subject to further agreement.

Platinum - Full 24 x 7 support for all incidents. Additional cost subject to further agreement
Support available to third parties
Yes

Onboarding and offboarding

Getting started
There are a number of stages involved in the implementation of MultiVue for Customer services, these are listed below:

[Bulk Loading]source system data, analysing & cleansing.

[Matching]. Identifies matches ranging from definite to probable to unlikely, with a score indicating the confidence of each match.

[Merging]. Creating a confidence level for matches. Matches scoring above a confidence score agreed with the customer are then merged to create a ‘golden record’.

[Keeping in-sync]. Create integrations to keep MultiVue synchronised with the source systems. This integration would handle instances where new customers are added to a system, or when existing customer details are amended.

[Testing & Go-live]. Civica would undertake a rigorous testing phase, prior to the system being made available for User Acceptance Testing. Our Consultants will then migrate the environment to Production.

[Business as usual]. Configuration of out of the box reports for Data Stewards.

[Training & documentation (on-site)]. Civica offer a comprehensive training program for Technical System Administrators and Data Stewards.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Civica would work with customers to determine the most appropriate means of exporting data, dependent on the capabilities and integration standards offered by source systems as well as the frequency with which data is updated. MultiVue is not prescriptive as to the format and minimum data set for any such external system data source load.
End-of-contract process
In order to ensure that a smooth and effective handover is possible at the end of the contract or on early termination, a framework needs to be agreed prior to the contract commencement that provides both parties with a clear indication of the areas for which they will be responsible when the contract ceases.
To provide both parties with the necessary assurance that a successful handover can be achieved within the provisions of the contract, this framework should identify all of the main areas in which detailed arrangements need to be made in advance of the contract commencement. Should there be any areas where it is not possible to agree in advance, as some issues will be dependent on the circumstances at the time, these will need to be agreed following notification of termination.
Civica’s price contains provision for discharging these responsibilities comprehensively in the event of the termination/expiry of the contract.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None
Service interface
No
API
Yes
What users can and can't do using the API
MultiVue provides both synchronous and asynchronous methods for connecting to data sources or an Enterprise Service Bus (ESB). Typically, MultiVue is connected to an ESB through the XML Message Queuing technology that is intrinsic to the MultiVue platform. The message queue technology in MultiVue provides guaranteed message delivery and ensures data integrity throughout the life-cycle of any data. The data governance policies that have been identified and agreed by the key data stakeholders will be modeled and configured within MultiVue, allowing data to flow bi-directionally to and from source systems and/or an ESB. The validated data held within MultiVue will then be published as a set of services allowing both data sources and other connected applications to leverage the data held within the MultiVue to allow the organisational data held to truly be treated as an asset. The introduction of the MDM functionality as services, that are consumable from all aspects of the organisation, allow the implementation of MultiVue to support a prioritised list of source systems as well as integration with external partner agencies and their data sources in the future.
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Our implementation approach is highly collaborative and based on providing training and knowledge transfer during implementation to empower customers to fully support their own environment, including self-sufficiency to be able to carry out their own data integrations into the MultiVue technology in the future. This reduces total cost of ownership over time. MultiVue is a COTS application which can be implemented and integrated rapidly. It is a standards based, flexible technology, such that additional source systems and changes to data definitions can be accommodated with limited technical effort. Full training and knowledge transfer on these tasks would be delivered during an implementation project. MultiVue is designed to be configurable for a number of uses based on its flexible model and Civica’s approach to data integration. The product provides intuitive user-interface screens to configure the system and these are aimed at the relevant user-group for that particular feature. Administrators have full control over configuration of the following: • Security, access credentials, auditing controls etc. Information Workers / Data Stewards can configure: • Matching rules, merging thresholds, report distribution etc. Developers can configure: • MultiVue services, data adaptor, messaging infrastructure etc. All of these components can be reused.

Scaling

Independence of resources
Each MultiVue customer would have their own instance installed on the Microsoft Azure cloud infrastructure so that there are no performance implications from additional customers subscribing to the service.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
Never
Protecting data at rest
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach
Data can be encrypted at various levels using either our software or a 3rd party tool-set as dictated by customer requirements.
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Civica would work with customers to determine the most appropriate means of exporting data, dependent on the capabilities and integration standards offered by source systems as well as the frequency with which data is updated. MultiVue is not prescriptive as to the format and minimum data set for any such external system data source load
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • SQL Server
  • Oracle
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • SQL Server
  • Oracle

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
Other
Other protection within supplier network
Data is hosted within a Microsoft Azure environment and data can be optionally be encrypted at rest.

Availability and resilience

Guaranteed availability
Civica can support up to 99.99% availability depending on a customer's requirements. For continuous operation of MultiVue with high volume batch feeds or real-time trickle feeds there is a requirement for a high availability configuration. In these circumstances, multiple MultiVue instances can be installed and configured to provide fail-over and maintain workflow resilience. A single MultiVue instance is not a single process but a group of processes orchestrated to deliver the matching pipeline. This provides application level scalability where MultiVue services can be distributed across different servers in order to balance overall system load.
Approach to resilience
Civica utilise the Microsoft Azure datacentre which provides high levels of availability and resilience.
Outage reporting
MultiVue utilises a combination of tools within the Windows Framework to monitor performance. This includes the use of event logs and the use of performance monitor. MultiVue provides the capability to monitor and report on items such as batch load performance and completion, workflow execution statistics, data quality of master data and business process metrics via an HTML user interface.

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Other
Other user authentication
MultiVue utilises core Microsoft Windows Server and Microsoft Active Directory services in order to provide user and service authentication and authorisation. The configuration, management and revoking of user accounts is under the direct control of the IT administrators. All aspects of the solution honours strict role based access controls which can be used to restrict access to system features as well as data held within it. In addition, MultiVue uses Internet Information Server as the host for the user interface. This can be controlled with Microsoft configuration management tools to enforce IT policy and conform to any internal network restrictions.
Access restrictions in management interfaces and support channels
MultiVue has a built in role based authentication capability which can be integrated with 3rd party authentication mechanisms.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Other
Description of management access authentication
MultiVue utilises core Microsoft Windows Server and Microsoft Active Directory services in order to provide user and service authentication and authorisation. The configuration, management and revoking of user accounts is under the direct control of the IT administrators. All aspects of the solution honours strict role based access controls which can be used to restrict access to system features as well as data held within it. In addition, MultiVue uses Internet Information Server as the host for the user interface. This can be controlled with Microsoft configuration management tools to enforce IT policy and conform to any internal network restrictions.

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
ISOQAR
ISO/IEC 27001 accreditation date
06/12/2017
What the ISO/IEC 27001 doesn’t cover
NA
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Trustwave
PCI DSS accreditation date
01/08/2018
What the PCI DSS doesn’t cover
Our certification covers Civica Payments software only.
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials Plus
  • ISO 22301
  • PCI-DSS
  • DSTP (NHS Service Provider)

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials Plus
ISO22301
PCI-DSS
DSTP (NHS service provider)
Information security policies and processes
In order to provide a wide range of services to public and private sector organisations, Civica maintains an active information security programme. This programme requires regular internal and external audit inspection of both physical and logical data protection structures. The policies and procedures are aligned to ISO 27001 and Cyber Essentials Plus certifications.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Product enhancement requests are captured by the Product Management Team and then presented to our internal Product Review Board (PRB). Once the changes have been agreed and prioritised, they are passed to Product Development to add to a subsequent release. The customer will be notified at each stage of the process and provided a release schedule. Civica implement an Agile Development approach with tasks split into manageable iterations. Prior to the start of each iteration Civica determine what will be delivered within the development period and taken from the product roadmap.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
MultiVue logs key events to the Windows Event log which can be interrogated by IT monitoring tools to identify system warnings. MultiVue also retains an audit trail of key user events on interactions with the user interface. This includes logging in to the system, amendments to configuration and domain models as well as actions such as search, record manipulation and record viewing. Each event is timestamped using the Windows Server timestamp and meta data about the origin of the event, including the user, is retained.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
MultiVue logs key events to the Windows Event log which can be interrogated by IT monitoring tools to identify system warnings. MultiVue also retains an audit trail of key user events on interactions with the user interface. This includes logging in to the system, amendments to configuration and domain models as well as actions such as search, record manipulation and record viewing. Each event is timestamped using the Windows Server timestamp and meta data about the origin of the event, including the user, is retained.
Incident management type
Supplier-defined controls
Incident management approach
Any potential security incident will be logged and reported initially to a line manager. Depending upon the severity of the incident, it may be escalated to the Head of Technical Services and ultimately the Chief Executive Officer. Any direct impact on a customer or their data will be communicated immediately and an appropriate remedy agreed upon.
Monthly customer reports will detail incident information.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£2,080 a unit a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at g-cloud@civica.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.