Ideagen PLC

Ideagen Q-Pulse

Q-Pulse is an electronic quality management system that eliminates bureaucracy, provides accountability and streamlines business processes for regulatory compliance, safety management and risk management whilst delivering significant efficiency gains. Modular solutions: Document & Policy Management, Audit Management, CAPA Management, Training & Competence Management, Risk Management, Incident Management and Supplier Management.


  • Incidents Management system for reporting and analysis of incidents
  • Document Management to control policies, procedures and critical documentation
  • Audit Management covering planning and implementation to reporting and findings
  • CA/PA management to record and track corrective & preventive actions
  • Competence Management for staff training and qualification records
  • Asset integrity management for servicing, maintenance and safety of equipment
  • Supplier Management for vendor governance, performance and compliance
  • Customer Management for feedback and complaints, response time and relationships
  • Analysis for operational improvement
  • Extended reach through mobile working with native applications


  • Demonstration of compliance with regulations and standards
  • Reduced exposure to the risks of non-compliance
  • Protection of reputation and brand
  • Encouraging a culture of accountability, learning and reporting
  • Elimination of bureaucratic paper-based systems
  • Transforming business processes to improve productivity and efficiency
  • Operational excellence
  • Better operational decision making and oversight
  • Cost savings
  • Streamlined administration processes and an end to silos


£12300 per licence per year

  • Education pricing available

Service documents

G-Cloud 10


Ideagen PLC

Jen Pemberton

01629 699100

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints No
System requirements Reliable and fast internet connection

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Ideagen offers a 24/7 support service with 365 day availability. Support is available via telephone, email or through our Customer Portal website. Support covers "how to" and best practice questions, technical IT-type questions and also troubleshooting.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels We have a dedicated Ideagen Support Team that operates a risk-based triage process in order to prioritise all support requests. This is based on the impact to end users and also the severity of the issue as defined by the customer reporting the issue. This risk assessment will produce a priority level. Software issues (e.g. bugs, defects) are reviewed and verified by Ideagen’s Test and QA Teams. Once reviewed, the issue is given a severity which controls the time of a fix. Support is provided as part of annual maintenance cost.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Ideagen provide a number of options, ranging from a fully Project Managed project implementation plan delivered through our Professional Services, all supported by product user documentation, end user training and e-learning content.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction This would be managed through a data extraction/export service via our Technical Services Division
End-of-contract process Regardless of how any agreement ends, the data you store in the Software remains your data and you are entitled to extract it from the Software.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
Application to install Yes
Compatible operating systems Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Our Mobile app enables users to perform selected functionality across Documents, Auditing and Incident Reporting processes on Android and iOS devices
Accessibility standards None or don’t know
Description of accessibility Non text content has text alternatives; contrast; text resize (through browser); images of text; Keyboard, no keyboard trap; three flashes or below threshold; bypass blocks; page titled; Focus order; link purpose; multiple ways; headings and labels; Focus visible; on focus; on input; consistent navigation; consistent identification; error identification; labels or instructions; error suggestion.
Accessibility testing Interface testing is an integral part of product development. Interface testing with Users of Assistive technology is planned for future releases.
What users can and can't do using the API Web service APIs support SOAP, REST and JSON programming styles and allow for reading or creation of records in the Q-Pulse application
API documentation Yes
API documentation formats
  • HTML
  • ODF
  • Other
API sandbox or test environment No
Customisation available No


Independence of resources Offer dedicated server instance and provisioning management


Service usage metrics Yes
Metrics types Metrics types User Session logons/offs and availability
Reporting types Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach For large exports, SQL Server Management Studio (SSMS) ; however simple record(s) export options exist within the reporting functionality of the application (export to csv, pdf, xls etc..)
Data export formats
  • CSV
  • Other
Other data export formats XML
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Service credits are made available where Ideagen fall below specified availability standards. The “Monthly Uptime Percentage” for the Service is calculated by the following formula: (Service Minutes -Downtime) / (Service Minutes) x 100 where Downtime is measured in minutes; that is, for each month, Downtime is the sum of the length (in minutes) of each Incident that occurs during that month. If the Monthly Uptime Percentage falls below 99.7% for any given month, you may be eligible for the following Service Credit: Monthly Uptime Percentage < 99.7% Service credit of 10%. Monthly Uptime Percentage < 99.5% Service credit of 20%.
Approach to resilience Available on request
Outage reporting Private dashboard and email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Console access to infrastucture is restricted to a limited set of individuals/roles in Ideagen. Within the application itself, access is restrcited via proprietary security model defining user roles and permissions.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information No audit information available
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 United Registrar of Systems
ISO/IEC 27001 accreditation date 06/07/2016
What the ISO/IEC 27001 doesn’t cover Statement of applicability - All applied
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Under Ideagen's ISO 27001 accreditation, information security policies and processes are defined, approved by management, published and communicated to employees and relevant external parties. The Group Operations Director is the executive responsible for the overall direction of all security functions associated within IT applications, communications and computing services to ensure that information assets are adequately protected. An Information Security Manager, supported by an Information Security Group are further established roles. The assurance of the system is assessed and monitored by Internal ISMS Auditors .

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Ideagen Development group adheres to a documented SDLC from Design to Code to Test through to Release where all code changes are tracked and documented. Test strategies consider security aspects in both application and deployment activities.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Ideagen have implemented alerts from various hosted infrastructure resources. These alerts are the first sign that there may be an issue. Time to updates or patch is based on severity of issue, issues go through a risk-based triage process and are classified as a Priority 1 to Priority 4 based on the impact to end users and also the severity/urgency of the issue. Information from potential threats. Our infrastructure engineers have established links with infrastructure providers in keeping abreast with potential undesirable activity and threats.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Protective monitoring approach Infrastructure Engineers are responsible for the hosted infrastructure maintenance and are required to ensure appropriate monitoring alerts are configured correctly based on resource type. Monitoring Alerts are sent to an Incident Manager to alert the correct individual or team based on the alert type. Reporting of Incidents through our electronic management system. Time to respond is based on severity of issue, issues go through a risk-based triage process and are classified as a Priority 1 to Priority 4 based on the impact to end users and also the severity/urgency of the issue.
Incident management type Supplier-defined controls
Incident management approach Ideagen has an Incident management process in place, whereby all Employees and contractors using the organisation's information systems and services shall be required to note and report any observed or suspected information security weaknesses in systems or services. Reporting of Incidents is performed and reported upon via our electronic management system

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £12300 per licence per year
Discount for educational organisations Yes
Free trial available No


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑