Phoenix Software Ltd

AvePoint Citizen Services

AvePoint Citizen Services is a SaaS platform that makes it easy for governments of any size to digitise Citizen services, modernise their case management, improve customer satisfaction, streamline their operations and surface deep insights about their municipality.


  • Digitize Citizen Service Delivery with a SaaS Platform
  • 30 Out of the Box Services available
  • Rapid new Service Deployment
  • Citizen, Customer and Field Service Portals
  • Multiple communication channels supported
  • Web Hooks for Back Office System Integration
  • Connect to IoT Devices for predictive Maintenance
  • Powerful Service Analytics Dashboard
  • Capture Citizen feedback and sentiment


  • Rapid Solution deployment realising a quick return on investment
  • Increases Citizen Online engagement reducing service delivery cost
  • Digitise a mobile workforce to deliver services quicker
  • Improved business insight and transparency with Analytics Dashboards
  • Save time and Drive end to end delivery through automation
  • Increased Citizen Service Satisfaction


£10000 to £100000 per instance

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

9 1 3 2 3 0 8 6 0 3 8 1 4 3 6


Phoenix Software Ltd

Jonny Scott

01904 562200

Service scope

Service scope
Software add-on or extension Yes
What software services is the service an extension to AvePoint Citizen Services in an extention to Microsoft Dynamics 365 and Azure
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints N/A
System requirements Citzen Services is a SaaS service on Microsoft Azure

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Within 24 hours
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels AvePoint provides a Premier Support Service which includes 24 hours a day, 7 days a week, 365 days a year. Included within the support service are Hotfixes, Cumulative updates, Service Packs and Platform Upgrades. More information can be found at
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started AvePoint asists new customers in implementing the base solution with all default values. A full description is available in the Service Definition Document. In addition a User Guide is available and finally Professional Services can be purchased
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Customer data is primarily stored within the customer's Dynamics 365 CRM. The small amount of data stored in the Citizen Services Platform will be provided and/or removed on request.
End-of-contract process When the customer license expires, users will receive an error message when attempting to access the portals. Any customer data residing in the AvePoint Citizen Services platform is archived (or deleted on request).

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Mobile is for Citizen Portal only. No difference in service.
Service interface No
What users can and can't do using the API Developers can perform all operations described in Open311 Protocol documentation.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation "Users can customize Citizen Portal URL, home page banners/text, logos, images
help info, service requests, CSS, FAQ content, geographical boundary, IoT/AML ntegration, custom integrations using Open311 API and webhooks, e-mail notification contents.


Independence of resources Service leverages features of the Microsoft cloud to automatically scale to meet user demand.


Service usage metrics No


Supplier type Reseller (no extras)
Organisation whose services are being resold AvePoint

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Customer data is primarily stored within the customer's Dynamics 365 CRM. The small amount of data stored in the Citizen Services Platform will be provided and/or removed on request.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Private network or public sector network
Data protection within supplier network Other
Other protection within supplier network Service component runs in private Azure virtual network.

Availability and resilience

Availability and resilience
Guaranteed availability AvePoint guarantee 99.95% service availability
Approach to resilience Citizen Services is designed to auto scale based on performance and ensure resiliency within the application. Citizen Services is deployed in multiple Azure datacenters within the UK. In the event of a data center failure, core features service should continue.
Outage reporting The service will send email notifications and Azure monitoring function is used to monitor and crete report for outages.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication 2-factor authentication
Access restrictions in management interfaces and support channels Users are granted role based access control on different functions on the internal portal and field portal. External Support engineers can only access the customer portal after the user is invited and added as guest user to the customer's Azure Active Directory.
Access restriction testing frequency At least every 6 months
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users receive audit information on a regular basis
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 19/10/2016
What the ISO/IEC 27001 doesn’t cover N/a
ISO 28000:2007 certification Yes
Who accredited the ISO 28000:2007 BSI
ISO 28000:2007 accreditation date 16/10/2016
What the ISO 28000:2007 doesn’t cover N/a
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards AvePoint is currently undergoing Cloud Security Alliance certification for the service.
Information security policies and processes We have a wide range of InfoSec policies, from usage policies, to the minimization of access with the least privileged concept.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Test in one environment, pass QA, flip the node to production
Vulnerability management type Supplier-defined controls
Vulnerability management approach Every product release is tested for vulnerabilities with AppScan and validated against OWAS
Protective monitoring type Supplier-defined controls
Protective monitoring approach Azure has methods in place for network vulnerability scans as well as IDS.
Incident management type Supplier-defined controls
Incident management approach We strive for a prompt response to all incidents, whether it may be a simple user issue or a breach. Further information can be found in AvePoint MSLA and the Service Definition Document

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £10000 to £100000 per instance
Discount for educational organisations Yes
Free trial available Yes
Description of free trial 30 Day Free trial

Service documents

Return to top ↑