Geoxphere

Parish Online - Mapping Software

Parish Online is a cloud-based digital mapping service (or GIS) designed for town, parish and community councils.

View digital mapping data from a variety of sources to help understand your local area, and gives tools for creating your own mapping for asset management, neighbourhood plans, planning, and much more.

Features

• Easy-to-use mapping tools designed for local councils
• Editing and analysis tools for easy GIS data creation
• Unlimited users and usage
• Fast, high availability, and secure
• Asset management tools
• Analysis and administration tools
• Printing, annotation and search tools
• Ordnance Survey mapping and gazetteer built-in
• Mobile data capture

Benefits

• Store asset information securely and efficiently
• Get a better understanding of your local area
• Aligns with remote working policies
• Improve professionalism and organisation of Local Council
• Easily publish information to the public for channel shift

£30 to £3,000 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@geoxphere.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

104333738308877

Contact

Chris Mewse
02034114544
contact@geoxphere.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Service does not normally need planned downtime, but larger upgrades may require it.
• System requirements:
  • Web browser
  • Internet Connection
  • White-listing of URLs

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Typically within 1 hour within business hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Unlimited off-site support.; ; On-site support and consultancy rates available in Rate Card.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Off-site training, tutorial videos and knowledge base articles.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Not applicable.
• End-of-contract process: At the end of the contract, the service will expire.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile view focused on data capture
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Web-GIS interface for users and Admin interface for administrators
• Accessibility standards: None or don’t know
• Description of accessibility: Designed with WCAG principles at front of mind. No text-to-speech compatibility with map view text.
• Accessibility testing: Active engagement with users of assistive technologies to improve usability.
• API: No
• Customisation available: Yes
• Description of customisation: Branding and email configuration can be customised. Data and configuration of data can be customised.

Scaling

• Independence of resources: Nodes are load balanced to deal with high demands.

Analytics

• Service usage metrics: Yes
• Metrics types: Reporting panel to show user usage.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Export to WMS/WFS, shapefile, DXF, CSV, PDF, PNG or open source database export.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PostGIS
  • Shapefile
• Data import formats: Other
• Other data import formats:
  • Shapefile
  • Tab file
  • Open-source database import (manual)

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Geoxphere's SLA offer's 99.9% availability for its online services (with 99.999% up-time on data centre).; ; Full SLA documentation is available separately on request. If Geoxphere do not meet the guaranteed levels of availability then a percentage of the annual fee may be refunded, which will be agreed with the customer on a case by case basis. To date this has never been required.
• Approach to resilience: Our cloud software and services run on high availability virtualised servers.; ; Each hardware node gives a 99.999% up-time.; ; In turn, each component of our services operate in a load-balanced environment, giving resilience should one node fail.; ; We have active monitoring services in place that constantly assess web services and node performance. They automatically restart services should an issue be identified.; ; Should services fail and no automatic recovery is possible, the load balancer takes the affected node out of the loop and redirects to the functional nodes. Our technical team are immediately notified to prompt an action.; ; Off-site snapshots are taken regularly.
• Outage reporting: Email alerts are immediately issued to customer administrators to inform them of any interruption of service, along with a regular update regarding the repair & fix, letting them know that service is available again.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Admin Panel access is restricted by username and password given to a customer administrator.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We are building up our Information Security policies and processes and these will be provided to customers on request. Incident management forms part of the Security Incident Reporting Policy as part of the ISO27001 Information Security Management System.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our service is developed and maintained using a source control system and code repository.; ; Our service goes through beta testing before being made available to all.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our datacentre firewall detects and allows action to potential threats. These threats are assessed by our IT team and action is put into place.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Regular internal reports are carried out to assess for inappropriate use of the service. Action may involve closing of user or organisation accounts.
• Incident management type: Supplier-defined controls
• Incident management approach: We have a number of internal processes in place but are working towards recognised standards.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Geoxphere is committed to fighting climate change, both through our own internal operations, and how our services assist and promote our customers to do the same.; In practice, we ensure our utility plans contribute to 100% renewal sources, we use low/no carbon forms of transport wherever possible and ensure our supply chain is as low carbon as possible. ; We have committed to net zero by 2030 through the TechZero initiative, a scheme to help companies fight the climate crisis.; One of our key suppliers, AWS, has a Climate Pledge, their commitment to be net zero carbon by 2040.; We incentivise our staff and customers to reducing their carbon emissions through simple steps like conducting remote video calls instead of travelling.; We have a strict recycling policy.

  Covid-19 recovery

  Should employment of new staff be required as part of the contract then we will look to hire local to the customer, wherever possible. ; We have implemented a flexible hybrid working model which allows staff to decide if they visit the office on designated ‘office days’. ; The office has the ability for social distancing to be implemented.

  Tackling economic inequality

  We will support applicants to new roles financial support and active travel support to ensure they can reach their place of work easily and without financial burden. ; ; We have an active training programme and funding for training materials that allow staff to choose training programmes that they are interested in, to enhance their skills or pivot to new areas of business. ; ; We will always pay well-above the National Living Wage. ; ; We have a supply chain policy that ensures our suppliers also tackle inequality, tackle modern slavery and give opportunities to those in deprived areas. ; ; We ensure our supply chain is resilient from a capacity and cyber security perspective.

  Equal opportunity

  Discrimination has no place in this company. We will not tolerate discrimination from our customers or suppliers. Our company staff handbook has ethics and discrimination clauses. ; ; We provide training, where appropriate, to educate staff. ; ; We have signed up to the Disability Confident Scheme.

  Wellbeing

  We ensure our staff have a great work-life balance, and highlight where improvements can be made.; We have a sister company called Local Authority Technology CIC which has the sole purpose of providing high social value to our customers through the support of community events and underwriting costs of services.

Pricing

• Price: £30 to £3,000 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Full service, time-limited to 30 days
• Link to free trial: https://www.parish-online.co.uk/signup

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contact@geoxphere.com. Tell them what format you need. It will help if you say what assistive technology you use.