COMPASS INFORMATICS UK LIMITED

Compass Analytics : Web GIS, Demographics, Routing & Infographics

Compass Analytics provides a solution to manage, visualise and explore spatial data. The map viewer based on Esri technology and as such leverages client's existing or new ArcGIS Online, ArcGIS Server licensing.

Features

• End-to-end Open Source map viewer
• Desktop analysis and reporting tools
• CLOUD hosted
• Hardware and software configured to meet clients requirements
• Data visualisation and exploration
• Component based solution; n-tier architecture, options per tier

Benefits

• Allows the user to optimise their working day
• Allows decision makers rapid access to data
• Usable and understandable data formats
• Web based access to data and services for data modelling
• Component based solution allows for flexibility in solution design
• Mobile responsive web design
• Available under open-source licensing, no ongoing subscription costs

£5,000 a licence

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@compassinformatics.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

174951018153618

Contact

Phil Baldacchino-Steward
08451259162
sales@compassinformatics.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: There are currently no service constraints, the service provided is a 24 x 7 x 365 service. Microsoft Azure hosting option.
• System requirements: None

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: SLA with response times operational. Reduced response times out of hours. Enhanced support by agreement.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support levels Compass Informatics will provide a 9 am-5 pm live help desk. The call centre can be reached by direct phone, email, Twitter. Our call centre agents are trained on the platform and in customer care. They offer friendly and patient customer care. For technical issues Compass provides a support service for problem logging, analysis and resolution. This is largely driven via email and web, and we currently utilise the leading ZenDesk platform. We operate Customer and User agreements and an SLA. This SLA template will be modified to reflect your specific requirements. Access to Technical Support includes: ; • Problem Analysis ; • Defect work around, reporting, and tracking ; • Problem Escalation where necessary; • Product software fixes / upgrades, and assistance ; • Migration path information Support methods include: ; • Web-based ticketing system with associated knowledge base ; • Dedicated support email or direct to appointed team member ; • Telephone including phone conferencing ; • Remote access to servers to diagnose and fix issues ; • Screen sharing via Lync, RSupport, WebEx, or similar
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We seek to add value to the social, economic and physical well-being of the community we serve by attracting, training and educating staff successfully and in accordance with our core values, so that they themselves, by virtue of that successful education and training, are in turn able to benefit your community. We believe that our customers should enjoy, benefit from, and achieve success as a result of the time they spend with us. We believe that all should contribute to improving the experience of our applications, treating all involved on an equal basis. We believe the implementation of any application supplied by Compass Informatics Limited should be positive. We recgonise and reward achievement, encouraging mutual respect between staff and customers. Compass Informatics has a structured approach to sponsorship and support of organisations that are associated or important to staff or client organisations. It would be the company’s pleasure to include your chosen organisations into the Compass programme.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Subject to data protection and the account holders permission, account details can be extracted and delivered to a nominated officer of the client.
• End-of-contract process: On termination of the Agreement, Compass Informatics shall provide for the transfer of all data, including customer End User data, and / or information received and processed for the duration of the Agreement to you.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The platform is mobile responsive, but given depth of data investigative tools it is better suited to tablet or desktop usage.
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: Yes
• What users can and can't do using the API: The platform leverages the Esri ArcGIS JavaScript API and can be extended through use of that API. OGC data services can be consumed or provided by the platform.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Full specification, configuration and customisation options and services are offered.

Scaling

• Independence of resources: Compass utilises Microsoft Azure hosting at a data centre in EU. Each customer utilising specific independent areas, therefore guaranteeing service up time, speed and capability.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Audit data is stored in Azure File Storage. Data can be downloaded and analysed using the tool Azure Storage Explorer. Dashboard reports are available using an Excel spreadsheet.
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Shapefile
  • OGC Web Services

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: “Deployment Minutes” is the total number of minutes that the Open Source Map Viewer Solution has been set to be running in Microsoft Azure during a month. Deployment Minutes is measured from when the App was initiated an action that would result in running the App to the time the Customer initiated an action that would result in stopping or deleting the App. “Maximum Available Minutes” is the sum of all Deployment Minutes across all Apps deployed by Customer in a given Microsoft Azure subscription during a month. Downtime: The total accumulated Deployment Minutes, deployed by Customer in a given Microsoft Azure subscription, during which the App is unavailable. A minute is considered unavailable for a given App when there is no connectivity between the App and Microsoft’s Internet gateway. Monthly Up time Percentage: The Monthly Up time Percentage is calculated using the following formula: Monthly Up time % = (Maximum Available Minutes-Downtime)/(Maximum Available Minutes) x 100 Service Credit MONTHLY UPTIME PERCENTAGE SERVICE CREDIT < 99.95% 10% < 99% 25%
• Approach to resilience: No matter how well engineered the physical infrastructure, service incidents do occur. We accept the three laws of operations – servers will fail, software will have bugs, and humans will make errors. Using Microsoft Azure, we employ sophisticated software-defined service instrumentation and monitoring that integrates at the component or server level, the datacentre edge, our network backbone, Internet exchange sites, and at the real or simulated user level, providing visibility when a service disruption is occurring and pinpointing its cause. More importantly, we are continuously investing in developing greater application resiliency in our software so it will instantly recognise a disruption and gracefully fail over to a different set of servers or even a different datacentre, without interrupting the availability of the service.
• Outage reporting: A public dashboard is available 24 x 7 x 365 enabling you to check for outages.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Restriction to management interfaces and support channels are provided through administrative restrictions within Microsoft Azure.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Username or password
  • Other
• Description of management access authentication: Multi-factor authentification is an option

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Approachable
• ISO/IEC 27001 accreditation date: 30/07/2021
• What the ISO/IEC 27001 doesn’t cover: The certification covers information security in the provision of software services including, systems development, data analytics, combining geographical information systems (GIS), location technologies data analytics and field computing systems - all other activities are NOT covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Trustwave
• PCI DSS accreditation date: 2015 with annual renewal since then.
• What the PCI DSS doesn’t cover: PCI DSS certification relates to our overall data security, processes and infrastructure.
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Compass Informatics have established an Information Security Governance Group at a senior level within the organisation hierarchy. This Group includes representation from those responsible for key services, representatives of those responsible for other information assets and those responsible for implementing the information security policy. The team: ; • Review the ISMS and play a role in its continual improvement ; • Co-ordination of cross-organisational controls and conflict resolution • Provide regular performance reports ; • Provide advice and expert assistance, including risk assessments.
• Information security policies and processes: Compass Informatics have established an Information Security Governance Group at a senior level within the organisation hierarchy. This Group includes representation from those responsible for key services, representatives of those responsible for other information assets and those responsible for implementing the information security policy. The team: • Review the ISMS and play a role in its continual improvement • Co-ordination of cross-organisational controls and conflict resolution • Provide regular performance reports • Provide advice and expert assistance, including risk assessments.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Compass Informatics applies Kanban to its configuration and change management and incorporates elements of SCRUM. This blended approach is sometimes referred to a scrumban. This approach is an evolution of the SCRUM agile development methodology which provided a suitable starting point for the development team to follow a change management process.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Compass Informatics perform vulnerability assessments of their entire portfolio on a monthly basis. New vulnerabilities are reported and if required we release software updates. A regular assessment regime is essential to ensure that we are aware of the risks that are present.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Processes are monitored through the Microsoft Azure protective monitoring tool, if compromises are suspected they are dealt with automatically, with threats being quarantined for further investigation and fix. Most incidents are dealt with automatically with no interruption to service levels.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident management approach Microsoft Azure provide online tools for checking status of service.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Compass Informatics are committed to fighting climate change. We operate in line with an Environmental Social and Governance policy which has been derived between the business units with the support of the wider Tracsis group.

Pricing

• Price: £5,000 a licence
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@compassinformatics.com. Tell them what format you need. It will help if you say what assistive technology you use.