Systems & Partnerships
Here at Zoocha, quality is one of our four core values. Whether that be quality processes, quality products, quality services; we look to provide our clients with quality in whatever form of interaction they may have with us.
Quality, of course, is something that needs to be demonstrated rather than just talked about which is why wanted to achieved the ISO 9001:2015 accreditation.
This certification was achieved based around our existing project management methodology (largely scrum-based), and our tried and tested day-to-day processes - rather than anything developed and implemented for the purposes of achieving ISO 9001 status.
Our final audit took place in September 2017, and was formally recognised in November 2017. What we hope the ISO 9001 certification demonstrates to our clients is that we have the processes in place to deliver our best work consistently.
This ISO 9001 certification covers our design, development and maintenance services for Drupal applications, including cloud hosting, software and support.
As with the case of quality being one of our core values, and how we wanted to demonstrate that we had processes in place to ensure that clients always got our best work by achieving ISO 9001 certification, trust is also another of our core values. An important part of this trust is ensuring that our clients can be confident that we are looking after their data and systems in a responsible and secure manner.
Zoocha already adhere to the government-backed Cyber Essentials Plus scheme, so the next logical next step in demonstrating our security credentials and capability so to achieve ISO 27001 certification.
ISO 27001 is the international standard that describes best practice for an information security management system (ISMS) and is awarded following an independent, expert assessment by an accredited certification body (in our case, SOCOTEC) of whether your data is adequately protected.
We received our ISO 27001 certification in November 2017, following two audit phases over the summer of 2017.
For us, achieving ISO 27001 certification status signifies that we are actively following information security best practice, and that our clients can trust Zoocha to safely manage the security of their data. This is paramount in a climate where cyber security is a major concern to both consumers and organisations online, and where exploits and vulnerabilities are continually being unearthed.
Our ISO 27001 certification covers our design, development and maintenance services for Drupal applications, including cloud hosting, software and support.
Scrum Alliance - Certified ScrumMaster
Our Project Managers hold ScrumMaster Certifications by the Scrum Alliance certification body. Scrum is an Agile framework methodology that is ideally suited for completing complex projects. Scrum was originally designed for software development projects back in the early 1990's, but its approach works well for modern day web based application and platform development projects with non-trivial requirements.
ICO (Information Commissioners Office) Registered
"The Data Protection Act 1998 requires every organisation that processes personal information to register with the Information Commissioner’s Office (ICO), unless they are exempt."
Zoocha have been registered with the Information Commissioners Office as a Data Controller since January 2016.
Information Technology Infrastructure Library (ITIL)
In order to work and communicate effectively across a broad group of stakeholders within our larger, more institutional clients, it became apparent that we needed to deepen our understanding of the Information Technology Infrastructure Library (ITIL).
In early 2016, 3 of our team members achieved ITIL Foundation Certification, with further team members achieving the certification since. Our aim is for everyone at Zoocha who is working in a support or service function to become ITIL certified.
The ideas and language within ITIL has helped shape, and to a large part define our incident, change, service and support processes.
Cyber Essentials PLUS
Cyber Essentials PLUS is a UK Government scheme that aims to help you protect your organisation against a range of cyber attacks. This self-assessment accreditation was a useful exercise to go through ahead of our ISO27001:2013 journey.
Zoocha have been Cyber Essentials Certified since January 2016, and achieved the improved Cyber Essentials PLUS standard in October 2018.
Government baseline personnel security standard
The Government baseline personnel security standard (BPSS) can be described as the required level of screening for any individual who is working with, or on behalf of a UK government department, in order to provide a level of assurance as to those individuals honestly, integrity and trustworthiness.
BPSS checks were introduced in order to help mitigate the risk of identity fraud, illegal workers and to go someway towards protecting national security through reducing some of the risks associated with individuals working with potentially sensitive information. BPSS is now also becoming the standard level of screening that is expected in the energy, communications and financial services sectors.
The BPSS check consists of verifying the following four areas (RICE):
- Right to work: Nationality and Immigration Status (including an entitlement to undertake the work in question)
- Identity: ID Data check (electronic identity authentication- name, address, aliases, links, accounts, etc.)
- Criminal Records: Search for unspent convictions only (Basic Disclosure)
- Employment history check: Confirmation of past 3 years employment (minimum) history / activity
In addition to this, candidates are required to disclose any significant periods spent abroad (6 months or more in the past 3 years).
The full Zoocha team is BPSS cleared.
Commercial / Procurement
Zoocha have been part of the UK Government Digital Marketplace since G-Cloud 4. The current iteration of the framework is G-cloud 9 and buyers can use the Digital Marketplace to find and compare cloud hosting, software and support with this framework.
There are around 20,000 cloud services on the Digital Marketplace who have all:
- confirmed information about their company and the way they work
- added information about the services that they offer
Digital Outcomes and Specialists 2
Zoocha are listing on Digital Outcomes and Specialists 2, a dynamic services procurement framework that enables public sector organisations to buy, design, build and deliver digital outcomes using an agile approach, by procuring the appropriate specialist resource or service to deliver agile software development.
Lot 1 (Digital Outcomes) includes:
- user experience and design
- performance analysis and data
- service delivery
- software development
- support and operations
- testing and auditing
- user research
Crown Commercial Service Provider
The Crown Commercial Service (CCS) provides commercial and procurement services to public sector organisations in the UK. By using CCS agreements, public sector buyers can access commonly used goods and services quickly and cost effectively, complying with all EU and UK procurement regulations.
Zoocha has been a CCS service provider since 2013. Our services can be procured through the G-cloud and Digital Outcomes and Specialists (DOS) frameworks.
Dynamic Purchasing System (DPS)
This Dynamic Purchasing System (DPS) is a platform for the provision of Digital Services to public sector organisations in Scotland, providing access to a range of digital skills, including cyber expertise, as well as supporting the delivery of agile projects.
The Digital Services on DPS are split into 3 lots:
- Lot 1 – Digital Projects
- Lot 2 – Digital Resources
- Lot 3 – Cyber Security Services
AWS has been our preferred hosting partner since 2010 when we launched one of our early websites on it. Since then we’ve evolved from launching a basic site on a single EC2 instance, to instinctively provisioning highly-available, resilient stacks using a the full suite of AWS services at our disposal. We are also avid attenders of AWS conferences, subscribe to the AWS blog, and organise regular knowledge share sessions. We therefore have a great deal of familiarity and exposure of AWS within the team. This knowledge has also remained in our team due to our exceptionally low staff turnover.
We have also started ratifying our partnership with AWS by building closer links with various contacts within AWS, and working with members of the AWS team on joint bids.
Within our team we currently have 1 team member who has achieved the "AWS Certified Solutions Architect - Associate" certification, and several more team members who are planning to organise their AWS certification exams in early 2018.
Nielson Norman Group (NN/g) UX Certification
Understanding how and why a page works, on every device, is at the very core of producing a successful design. At Zoocha we have in depth knowledge and experience in making designs that will work for you and your customers.
The Nielson Norman Group who are internationally recognised as thought leaders in the field of UX, with their widely published and often quoted principals of Jakob Nielsen, Don Norman and Bruce Tognazzini setting their standards and leading them.
The NN/g's training and UX Certification that we achieved gave us in-depth, targeted learning about the most important UX areas, effective UX techniques and about how to deliver consistent high quality UX output.
Acquia Community Partner
We have been working with Acquia since 2012 on a variety of projects, including our work with the Financial Conduct Authority, and Payment Systems Regulator.
We have strong experience across the team in setting up and maintaining websites on their platform using their product interfaces. In addition to this we are also capable of interacting with the Cloud API so that more granular control of their deployment processes and such can be achieved, such as integration with automated testing.
Acquia Certified Developers
In the same way that it can sometimes be difficult to give clients confidence in capability in relation to quality or security, without an ISO or equivalent certification, that same thinking often applies to programming / technical ability. Historically we've always pointed to number of years experience, successful projects delivered, academic qualifications from top universities, community contributions and such to demonstrate that we know what we are doing. However, this didn't give an accurate indication of how well we knew the "thing" that we were being asked to work on (Drupal).
Since we formed back in 2009, the growth in the number of agencies offering Drupal as a service, or even proclaiming to be out-and-out Drupal specialists has exponentially increased. With that, it has made it all the more difficult for clients that are new to Drupal to be able to disseminate where the true Drupal experience and talent can be found.
The certifications offered by Acquia offer some solution to this problem as they allow developers to take a 90 minute test under controlled examination conditions in order to ascertain the level that they are currently at.
In the last third of 2017, Zoocha started a programme which aimed to get all of our developers Acquia certified. Thus far we have achieved “Drupal Grand Master” status for 7 developers, and various other Drupal certifications across a great number of team members. Review the Acquia register to track our progress.
Zoocha are an Organisation level member of the Drupal Association. In addition to this, most team members are also Individual members of the Drupal Association.
The Drupal Association is dedicated to supporting Drupal along with its community. The Drupal Association helps the Drupal community with funding, infrastructure, education, promotion, distribution and online collaboration at Drupal.org.
Over the years we have supported the Drupal Association through our attendance at all European DrupalCon events since 2011, along with sponsoring them up to "Gold" level. On top of this, team members regularly attend UK based DrupalCamp events promoted by the Drupal Association, and offer up our office space for Drupal "code sprints".