Castle Computer Services Ltd

Expense Cloud Solution

Our mobile technology allows expenses to be entered and authorised from any location with real time policy validation and workflow rules. Users can photograph their receipts and record audio narratives to explain their claims and managers can authorise and reject claims in real time while on the go.


  • Mobile, smartphone and tablet devices to enter and approve expenses
  • Digital images of receipts uploaded from mobile or desktop.
  • Easy import and analysis of employee credit card expenditure
  • Ensure compliance with taxation legislation and corporate expenses policy
  • We integrate with all major finance, accounting and payroll systems
  • Sophisticated reporting reviewing expenditure in summary or detail form
  • Sophisticated rules for authorisation based on expenditure limits
  • Customisable options to tailor the system to suit your requirements


  • Simple and intuitive interface means no end user training
  • Use pre configured templates and be ready to start immediately.
  • Customisation options to suit organisational requirements.
  • Cloud ready accessibility on Mobile, Tablet and Desktop.


£5 to £18 per user per month

Service documents

G-Cloud 11


Castle Computer Services Ltd

Paul Sutherland

01698 844600

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Due to tight integration with finance systems this can be used as an add-on service
Cloud deployment model Private cloud
Service constraints Periodically, typically once per quarter the system will be taken down outside of normal working hours for updates and general maintenance. We provide at least 7 days notice of this.
System requirements
  • SQL 2008 or 2008R2 or 2012 or 2014, 2016
  • Windows 7 or Windows 8 or Windows 10
  • .NET Version 4.5 (Appropriate 32 bit or 64 bit version
  • MS Exchange 2010, 2013, 2016
  • IIS Version 7
  • Crystal Runtime Version 13.0.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times SLA response within one working hour
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels At the heart of our offering is a group of experienced and highly skilled application specialists, systems architects and support staff who are responsible for delivering all aspects of our Professional Services. Our architects and application consultants use their real world experiences and industry best practices to reduce the time, scope and cost risks associated with project implementations. Please see our support service document for more information.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started As part of our implementation service we offer both onsite and remote training. In addition we provide help manuals and can optionally produce training videos for clients.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction All data is held in a SQL database and can be extracted by the client as required. In addition clients can also use the applications inbuild reports in perpetuity.
End-of-contract process At the end of the contract all data is backed up and provided to the client for their own archival and reporting requirements. Our contract includes software access and support. However it does not include the cost of additional consultancy services that may optionally be required by the client.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Our mobile service is accessed via a Mobile App available on Android and iOS. It is designed primarily for the entry and authorisation of expenses.
Customisation available Yes
Description of customisation Yes, expense@work can be configured to suit the exact requirements of the client. Forms, reports, workflow and validation rules can all be configured by our engineers as part of the implementation.


Independence of resources Yes, each organisations data is held in a separate database and virtual machine to ensure that there is no impact from usage of other customers and users.


Service usage metrics No


Supplier type Reseller providing extra support
Organisation whose services are being resold Systems@work

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Data can be exported via SQL or via the inbuilt reporting tools. Data can be exported in a variety of formats including CSV, XML, XLS.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • XLS
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • XLS

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks IPsec or TLS VPN gateway
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Using Microsoft Azure we guarantee 99% availability and refund clients via service credits if this is not achieved.
Approach to resilience This information is available on request from systems@work and Microsoft.
Outage reporting Outages are advised via email alerts, social media and via the website.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Access is restricted using Login Credentials associated with Access Profiles which govern availability to functionality.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Security accreditation handled by the Microsoft Azure Platform.

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards CSA CCM version 3.0
Information security policies and processes This information is not available at the moment.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All system changes have to formally documented, fully regression tested to ensure no application conflicts.

Changes applied to a test environment first

Customer UAT is required before transfer to a live system
Vulnerability management type Supplier-defined controls
Vulnerability management approach We regularly carry out tests to ensure that code injections and other similar attacks (OWASP A1, A2 and A5 classes). In addition we use 3rd parties to test and ensure no access to restricted information using direct object and URL references (A4 and A8). We also use Microsoft Azure to ensure security compliance.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We regularly carry out tests to ensure that code injections and other similar attacks (OWASP A1,
A2 and A5 classes). In addition we use 3rd parties to test and ensure no access to restricted information using direct object and URL
references (A4 and A8). We also use Microsoft Azure to ensure security compliance.
Incident management type Supplier-defined controls
Incident management approach All incidents have to be reported via the helpdesk support line.
By email to
Through the systems@work Support Portal

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £5 to £18 per user per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Organisations can try our software on a 7 day trial. All functionality is included in the trial.
Link to free trial

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑