ADB (UK) Limited

Contract+

Catalogue management to deliver high quality, validated catalogue and contract data directly to a procurement system/ERP

Features

  • Established and mature supplier database
  • Fully cloud based UK hosted
  • Large data pool of products, eClass, GTIN/GDSN, PPIB, etc.
  • Formatted data for automatic uploads/downloads
  • Data format to suit your requirement
  • Full audit trail
  • All catalogues undertake full procurement process
  • Market Testing

Benefits

  • Organisation specific pricing always up to date
  • All catalogues comply with current rules and regulations
  • Minimise invoice queries
  • Always buy at the best price available
  • All catalogues as contracts - no price lists
  • Meet Carter requirements

Pricing

£15000 to £100000 per unit

  • Education pricing available

Service documents

Framework

G-Cloud 11

Service ID

9 5 2 0 4 9 3 1 9 5 2 2 0 9 2

Contact

ADB (UK) Limited

Steven Quinn

01514829230

steve.quinn@adb.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
ECataloguing
Cloud deployment model
Public cloud
Service constraints
No
System requirements
Requires web browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
Monday to Friday 8.30am to 5.30pm
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
A dedicated account manager is provided, who will be the first point of contact and take overall responsibility for the customer’s account. This includes, but not limited to:

 Training requests
 Change requests and product feedback
 Reporting and reviewing service levels
 Bespoke reporting

Refer to Service Definition
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Our approach is to complete implementation in a timely and efficient manner, so that the customer retains momentum towards their desired goals. Typically we are able to complete implementation as follows:

Maximum implementation period: 5 working days

Includes: Portal set-up and branding, user set-up, supplier matching and initial training onsite, online and all documentation
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
We have experience migrating to third party solutions. We typically provide customer data in CSV or XLS formats, within 5 workings of it being request.

Refer to Service Definition.
End-of-contract process
Refer to Service Definition.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
No
API
Yes
What users can and can't do using the API
RESTful and SOAP
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Refer to Service Definition

Scaling

Independence of resources
UK hosted scalable on demand via contract with UK Fast

Analytics

Service usage metrics
Yes
Metrics types
Refer to Service Definition
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
CSV or XLS
Data export formats
  • CSV
  • Other
Other data export formats
XLS
Data import formats
  • CSV
  • Other
Other data import formats
XLS

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
 99% uptime at all times on Working Days (including outside of Working Hours);
 Downtime is recorded from the time the Incident is logged via the Help Desk;
 Downtime shall end when a resolution or suitable workaround is provided the satisfaction of the Customer;
 Downtime relating to failure of Customer infrastructure shall be disregarded;
 The Service availability percentage shall be calculated as (Working Hours in the Quarter/Downtime Hours in the Quarter) x 100

Refer to Service Definition
Approach to resilience
Available on request
Outage reporting
Email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
Access restrictions is covered within our Information Security Management process, available upon request.
Access restriction testing frequency
At least once a year
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
ISOQAR
ISO/IEC 27001 accreditation date
1 August 2017
What the ISO/IEC 27001 doesn’t cover
Not applicable
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
ISMS is the Information Security Management System, of which the Information Security Manual (‘the Manual’) and other supporting and related documentation are a part, and which has been designed in accordance with the specification contained within ISO27001.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
This is covered within our Information Security Management System, further information available upon request.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability management is covered in our Information Security Management process, available upon request.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Protective monitoring is covered within our Information Security Management process, available upon request.
Incident management type
Supplier-defined controls
Incident management approach
Incident management is covered within our Information Security Management process, available upon request.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£15000 to £100000 per unit
Discount for educational organisations
Yes
Free trial available
No

Service documents

Return to top ↑