MRI Software Limited

MRI Income Analytics

Income Analytics is a cloud-based solution for improving income collection, maximising arrears reduction and sustaining tenancies. Using smart predictive algorithms and AI machine learning, identify which accounts in arrears will pay without intervention and prioritise higher risk tenancies, enabling you to work more effectively and reduce officer caseload.

Features

• Simple integration with any Housing Management system
• Intuitive mobile-responsive interface supporting mobile working
• Daily data updates
• Automatic removal of “technical arrears” and cases requiring no action
• Performance dashboards and reporting suite
• Temporarily suspend accounts from your Actioned List
• Universal credit compatible
• Bulk, automated processing of low-risk cases
• Automated SMS / emails
• Artificial Intelligence “Machine Learning” arrears prediction

Benefits

• Cloud based as standard
• Easy to deploy and use, works on any device
• Maximise Income Management team productivity
• Reduced cases/caseload by removing technical arrears
• Focuses effort and resource on cases most needing help
• Earlier intervention with daily processing as standard
• Reduced letter costs/environmental impact.
• Negate impact of Universal Credit/Cost of Living challenges
• Increases income collection and reduces arrears
• Helps sustain tenancies and identify arrears before they happen

£22,628 an instance a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@mrisoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

147549652913520

Contact

Claire Brown
020 3861 7100
tenders@mrisoftware.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Planned maintenance is typically scheduled outside of regular business hours.; ; The mobile solution is available on Android, iOS and Windows devices
• System requirements:
  • Microsoft supported versions of their Internet Explorer/Edge browsers
  • Current versions of Chrome
  • Current versions of Safari
  • Current versions of Firefox
  • Microsoft SQL 2012 or later
  • Windows Server 2012 or later

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: MRI’s Global Client Support group will make every reasonable effort to ensure that submitted cases are assigned the proper level of Severity. Submitted cases will be responded to in the order in which they are received, with consideration given for higher Severity levels. Response Time is the time it takes before a Global Client Support agent makes initial contact with the individual who submitted case. Bundled Service (Normal Priority 6 Hours, Serious Priority 3 hours, Critical Priority Live Call Only)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We include support within our annual fee. Support includes a named Account Manager and a Client Support Helpdesk. The Client Support Helpdesk also serves as the contact for all cloud support requests for trained users. Cases and incidents can be recorded and viewed in the myMRI portal on a 24/7 basis. The myMRI Portal provides clients with information on support cases, regardless of whether a call is logged via a phone call or via the portal. Various information, documentation, forums and resources are also available on the portal.; ; Depending on the need of the customer. We offer technical services both remote and onsite if required and also implementation/configuration services at the prevailing day rate.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide extensive training for all users so that they are able to start working with the system.
• Service documentation: Yes
• Documentation formats: Other
• Other documentation formats: Word docs
• End-of-contract data extraction: A snapshot of the housing system is taken in place of data export (this can be made available at time of contract termination agreement over SFTP (PGP / SSH).
• End-of-contract process: The data will be provided in a predetermined format. If there are requirements which are different from our standard approach, we can discuss these with Clients to draw up an appropriate exit plan.; ; The initial de-commissioning (powering down of client-server images and movement to non-production storage) takes place on the agreed date (e.g. contract end date) with permanent de-commissioning taking place one month after the initial de-commissioning date (backups removed, and server images purged).

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Full functionality is available on all devices although a tablet is the smallest screen size on which practical operation is sensible
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The application user interfaces are designed with untrained users in mind and provide a consistent approach to usability for all. We observe all usability standards and design for ease of use.
• Accessibility standards: None or don’t know
• Description of accessibility: We are committed to providing solutions that are accessible to the widest possible audience, regardless of technology or ability.
• Accessibility testing: None
• API: No
• Customisation available: No

Scaling

• Independence of resources: Cloud services are monitored and alerts sent to required teams, to track and ensure appropriate service levels are in place

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: There are standard reports as part of the system. Each can be run with a huge number of data filters and can be exported to Excel, PDF, CSV etc.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We use commercially reasonable efforts to ensure availability twenty -four (24) hours a day, seven (7) days a week, except for: (a) planned downtime (of which we provide adequate notice and will schedule to the extent practicable during the weekend hours), or (b) any unavailability caused by circumstances beyond our reasonable control, including without limitation, Force Majeure events or internet service provider failures or delays.
• Approach to resilience: Available on request.
• Outage reporting: The client support desk is used to manage client/support interaction for specific customer system issues. E-mail advisories are in place and used to alert multiple clients/contacts of unplanned outages.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: IA uses Auth0 as AaaS, thus the user authenticates with auth0 as the main login page, then is redirected to IA once successful.; - Access to IA infrastructure is locked down to MRI's IP, and specific users with specific keys. SSH keys must be used, these keys are stored on a server only accessible to authorised users who have 2 factor authentication. No keys are stored in the infrastructure itself.; - Access to management interfaces of third parties are locked down to specific users with 2 factor authentication where possible.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Data centre infrastructure and associated services are managed according to ISO 27001. The least privilege required for a role principle is followed in all areas, server access is restricted to only those employees who have reason to access it.
• Information security policies and processes: We have a documented Information Security Policies and a dedicated Information Security Team work under the direction of our Information Security Council, which is responsible for assessing information security policies, technologies, and strategies. The Information Security Council in conjunction with the Information Security Team evaluates the role, scope, and size of the Information Security Team annually, based on our company size, our client's industries and the sensitivity of the data we house for those clients.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Regular automated security testing, in house, and external penetration tested are performed on the application. Vulnerabilities are identified and rated as high/medium/low. ; High means that they present relatively medium likelihood, and high impact to the company if they were exploited.; Medium means that they present relatively low likelihood, and medium impact to the company if they were exploited.; Low means that they present relatively low likelihood, and low impact to the company if they were exploited.; Recommendations are given that high-risk issues are fixed within one month, medium-risk within six months, and low-risk within one year."
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Critical and Important updates are applied automatically upon release. Other updates are checked for relevance to software/operating system installation and are installed as part of the scheduled maintenance where relevant.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Protective monitoring and associated responses are managed according to ISO 27001:2013 controls and processes utilising a mixture of automated features at the security device level (e.g. automatic blocking based on severity/signatures) and manual interaction based on alerts (e.g. manual investigation of alert before intervention). Access to the application/infrastructure is restricted to authorised personnel.
• Incident management type: Supplier-defined controls
• Incident management approach: Comprehensive monitoring tools are used to highlight potential problems before they become an issue. A defined "Security Incident Management Policy" includes reporting mechanisms for both Information Technology and Physical Security incidents, incident logging, communication to internal and external parties, escalation, reporting, planning, implementation of preventative actions, securing / forensic evidence and continued improvement incident review.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  MRI is committed to managing environmental risks that are material to our business and to reducing our carbon footprint by enhancing the energy efficiency of our operations and reducing the amount of waste that our company produces. We do this by utilising some of our own solutions with sensors in our own offices to assess our space utilization, energy usage and setting a reduction plan. As well as improving our own position, we also look at ways to help our clients work towards using services that have less impact on our planet’s scarce resources. A good example is HomeSwapper, our national mutual exchange solution. HomeSwapper enables tenants to swap homes either locally or anywhere across the United Kingdom with another social housing tenant, often to reduce their commute to work or schools which has a direct impact on carbon emisisons in the region.

  Covid-19 recovery

  We have fully embraced hybrid working and have recently formalised our flexible working model and different types of flexibility offered to all employees. We believe flexible working benefits our employees and the business. Our solutions available on this framework are all available remotely allowing our clients employees, users and contractors as applicable to work from any location in accordance with your approved working practices to allow flexibility

  Tackling economic inequality

  Our employees are all contracted and salaried fairly, in line with the Living Wage standards. All of our employees are paid at least the minimum rates as stated under the current Living Wage. We do not employ anyone on zero hours contracts and have a strong commitment to regularly review salaries in line with our appraisal process. We have a number of apprentices in the business who we are supporting to complete degree level qualifications, who all receive above the apprentice minimum wage. We also offer a comprehensive benefits package for all our staff, which includes health and wellbeing support and access to private health care.

  Equal opportunity

  We work hard to ensure our employees have a voice. Our business has various committees in place, such as a Diversity, Equity and Inclusion Committee and Employee Resource Groups, such as Women & Allies and LGBTQIA+, which help us understand how employees feel about working at MRI and help us drive forward inclusive events. We have also very recently launched our first ERG – employee resource group for Women and Allies. As a business with over 250 employees in the UK we are required to produce a Gender Pay Gap report. We very much welcome this initiative and our reports are available publically on our website. This report shows the impact we have on reducing our Gender Pay Gap and also highlights the many initiatives we have underway to further reduce our gap. This includes the development of our Flexible Working and Inclusive Policies initiatives, educating our People, People Managers and Business Leaders and working with external partners to attract a diverse staffbase.

  Wellbeing

  Work hard, play hard. From the day we opened our doors, we set out to build flexible, game-changing solutions that would make people's lives better. We do this by providing our clients with solutions that enable them to provide better places to live, work, and do business. The only way to carry out that mission is to hire the best employees and keep them. We are dedicated to creating a working environment which supports and develops our staff. Some of the benefits that we offer are: Gym reimbursements, Medical assistance, including mental health tools, Flexible working opportunities, including hybrid working Employee engagement is key to MRI's success and we hold quarterly spirit weeks to both connect and enthuse our teams globally. These weeks are themed and where staff are encouraged to learn about different topics or take part in activities that they might not typically have time for. These include fitness sessions, cooking sessions, engagement with families for those working from home or targeting one big event where we can globally feel like we are one team with the same goal. We also carry out bi-annual employee engagement surveys to ensure employees can express their views.

Pricing

• Price: £22,628 an instance a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@mrisoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.