Equine, Livestock and Companion Animal Enforcement Marketplace
Integrated with Equine Register services enables enforcement agencies (e.g. police, food crime unit, local authorities, trading standards) digitally exchange core system data and communicate with other operators to support imposition and investigation of fines or crimes. Can be used to collect on-the-spot fines and mark fines on an equine’s smartcard.
Features
- Whole herd multi species coverage
- Interoperable with other services and 3rd party systems
- Accessible via all common browsers and devices
- Provides connectivity for all enforcement bodies
- Combats criminal activity
- A single point of contact for all enforcement bodies
Benefits
- Reduces administration and time
- Safes costs
- Improves enforcement outcomes
- Secure protected environment
Pricing
£10,000 to £30,000 a licence a month
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
2 5 9 9 2 0 3 4 3 4 5 9 7 0 8
Contact
Equine Register Ltd
Stephanie Palmer
Telephone: 03330 100145
Email: stephanie.palmer@equineregister.co.uk
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Part of a single unified database. Connects to all Equine Register services including border controls, enforcement and animal identification databases. Can connect to 3rd party and government systems via API.
- Cloud deployment model
- Public cloud
- Service constraints
- None
- System requirements
-
- Accessible via most common browsers and devices
- Works on and offline
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Mon-Fri 9am - 5pm, typically responses within 2 hours. Critical issues within 1 hour. Out of hours and weekend service can be provided at an additional cost.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
- Undertaken by supplier
- Onsite support
- Yes, at extra cost
- Support levels
- The cost for support is included in the user license fee. We provide a technical account manager and cloud support engineer for our government contracts. Between Mon- Fri 9-5pm, our standard service levels are Severity 1 - Loss of Service, 99% events responded to within 2 hours. Severity 2 - Partial loss of service or impairment, 85% events responded to within 4 hours. Severity 3 - Potentially service affecting or non-service affecting non critical functionality, 75% events responded to within 8 hours.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- We provide documentation and live support through the onboarding process.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- We will extract the data for the client in downloadable CSV or SQL format.
- End-of-contract process
- At the end of the contract, user access to the services will be terminated. Any documentation that belongs to the user will be returned.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- All services can be accessed through common browsers and conform to GDS style, components and pattern. The service interface allows admin access to administer various features. The service interface is configurable to client requirements, user profile and user permissions.
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- Various tools and scanners are used to ensure compliance.
- API
- Yes
- What users can and can't do using the API
- The API allows permitted user organisations to add and amend records. Permitted users cannot access any other functionality using the API. Our technical team will work with clients and users to ensure that any API calls are set up correctly.
- API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- We work with clients to customise the front end of the service (IOS, Android and Web), the workflow, look and feel of the screens, documentation and integration with the clients systems. All customisation is carried out by Equine Register and would be supported by a defined and agreed statement of work.
Scaling
- Independence of resources
- Our services and applications are designed to scale automatically to ensure quality of service for all users, using a combination of load balancers, scalable resources an multiple failover and availability designs.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Metrics and format are agreed with the client/user on commencement of the contract.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
- Physical access control, complying with CSA CCM v3.0
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- We will export the data in a CSV or SQL accessible format
- Data export formats
-
- CSV
- Other
- Other data export formats
- SQL
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- Service available 24/7 at minimum 99% availability excluding planned outages. We will notify client of any core service non-availability within two hours of detection. if in any calendar month core service availability is below 99% for circumstances within our reasonable control a service credit based on a pro rata basis for the fees due in that month as follows >99% 10%, >95% 15%, > 90% 25%.
- Approach to resilience
- We work within the guidelines of ISO 27001. We have dedicated Dev OPs engineers responsible for software and infrastructure security. Our IT security checks is provided by a third party service. We are Cyber Essential certified and do regular penetration tests.
- Outage reporting
- Email alerts and phone
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- User ID determines what accessibility, functionality and permissions a user has. These are determined by the business rules which are agreed with the client/user upon set-up.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- Yes
- CSA STAR accreditation date
- AWS our cloud services provider is certified
- CSA STAR certification level
- Level 2: CSA STAR Attestation
- What the CSA STAR doesn’t cover
- Our services and data are stored within AWS
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- We work within the guidelines of ISO 27001. We have dedicated Dev OPs engineers responsible for software and infrastructure security. Our IT security checks is provided by a third party service. We are Cyber Essential certified and do regular penetration tests.
- Information security policies and processes
- We follow the policies defined in Cyber Essentials. The staff responsible for security report to the director responsible for governance. New employees are inducted in our security processes , our standards form part of employee contracts and staff handbook. Regular reviews and training is undertaken to ensure ongoing compliance.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Changes are assessed for potential security impact as part of our change request process. The testing cycle contains a set of security tests.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Threats are assessed by the security team, critical patches are applied as soon as possible. We gain information about potential threats from a variety of industry sources and databases as well as from our suppliers.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- We identify potential compromises using a combination of system controls, processes and tests carried out by independent companies. When a potential compromises is identified, a remediation plan is created and actioned and subsequently monitored. A resolution plan is created and actioned typically within hours of the compromise being identified. Resolution times vary according to the complexity of the issue . The resolution is monitored at the highest levels within the company.
- Incident management type
- Supplier-defined controls
- Incident management approach
- We have a defined recovery process for every component of our services and perform root cause analysis on every incident that interrupts service. Users can report incidents by contacting the customer services helpdesk or via web chat or email. Incidents reports are provided to clients as required with a follow up as appropriate.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
We recognise our need to help fight climate change. We have introduced hybrid working which significantly reduces the travel of our employees and has significantly reduced our use of electricity and heating in the office. The leased office premises operate a green energy policy and actively encourages the recycling of waste. We aim to use recycled products as much as we can in the office.Covid-19 recovery
We recognise the impact and concerns of our workforce as a result of Covid. We have taken measures;
• For those most vulnerable, we have identified those individuals and/or their family members who are at risk to allow them to change their place of work to home if they choose to do so
• To help physical and mental health of our employees, we have introduced hybrid working for all employees to allow them to work from home and only come to the office if required or if they wish to
• To manage cross contamination, we have maintained the position of social distancing in the office and a policy of work from home if someone has signs of any illness
• We are constantly reviewing our policies to ensure that we are taking the most appropriate measures to protect our staff and the business.Tackling economic inequality
We recognise that the digital technology sector is a high growth area. As a business we are experiencing significant rapid growth. Attracting and retaining the right staff is key for us. We also recognise the value of growing our own talent. As such this year we have introduced a pilot to help individual’s to re-skill in our sector and are actively talking with local education, community groups and the DIT on how we can do more.Equal opportunity
We operate an equal opportunities policy and do not prejudice against disabled or minority groups. Our office working policy and work environment and our pilot to re-skill individuals supports our aim to offer equal opportunities to all.Wellbeing
The physical and mental well-being of our staff is important to us. We have introduced this year a range of employee benefits paid for by the company that provides access to private medical health and other health services for both the employee and their families. This includes mental health support lines.
We have also increased the minimum holiday entitlement, given every member of staff an additional day’s holiday for their birthday and introduced a flexible holiday policy to allow staff to add or reduce their holiday allocation to suit their personal needs.
Pricing
- Price
- £10,000 to £30,000 a licence a month
- Discount for educational organisations
- No
- Free trial available
- No