Experian

Experian Tracing Solutions for Police and Law Enforcement with Investigator Online

Investigator Online is a secure web service product to enable the Police and Law Enforcement agencies to investigate crime

Features

  • Allows flexible customer searching and tracing
  • View your customers full address history
  • Obtain telephone numbers for your customers
  • Identify deceased customers
  • Ability to review evidence supporting residency
  • Identifies connected individuals to the nominal
  • Our B2B and B2C solutions help government derisk digital services.

Benefits

  • Full financial information provided to assist with criminal investigation
  • Identifies Fraud
  • Links data connected to individuals
  • Trace individuals suspected
  • Speeds up criminal investigations
  • Risk-averse approach to data management

Pricing

£0.05 to £10.00 a unit

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at digitalmarketplace@experian.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

2 7 4 3 1 9 4 1 4 9 6 7 0 8 4

Contact

Experian Experian Public Sector
Telephone: +44 (0) 115 941 0888
Email: digitalmarketplace@experian.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
Available on Internet Explorer 10 and above.
System requirements
Internet explorer 10 and above

User support

Email or online ticketing support
Email or online ticketing
Support response times
To manage our client services effectively, and in line with ITIL best practices Experian has defined Service Levels across all core processes (incl. Incident, Service Request, Problem, Change Management etc.). Our Tiered Service Framework allows us to provide differing levels of service and support offerings to meet our client’s needs. The Service Tier selected will define the SLAs we work to. Engagement via a SPOC our Experian Service Desk will ensure all interactions are recorded and assessed against impact and severity before being assigned a "Priority".
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
We do offer (Incident Management) Support cover that extends beyond core hours for many products for P1 type incidents only. Extended support hours are offered; Mon-Fri: 08:00 -22:00 Sat – Sun: 08:00 -16:00 24x7 Experian provide a Self-Service Web Portal that gives our clients visibility to log tickets and review status.
Support available to third parties
No

Onboarding and offboarding

Getting started
User guides are available
There are help files on every page to guide users through each stage.
Free online webinars are available on a monthly basis.
Onsite training is available for all clients.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
There is no need to extract any data from any system at contract end.
End-of-contract process
Not applicable

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
Application to install
No
Designed for use on mobile devices
No
Service interface
No
User support accessibility
None or don’t know
API
No
Customisation available
No

Scaling

Independence of resources
In capacity planning, consideration is given to increased demand over time and fluctuating peaks and troughs in demand, identified through understanding concurrent users, types of users, types of activity undertaken, seasonal activity, etc. In this way, it is be possible to plan for capacity management rather than having to react, when unanticipated situations arise. In addition, database administrators continually monitor activity and performance and will take the steps necessary to ensure that the service received is of the highest possible quality.

Analytics

Service usage metrics
Yes
Metrics types
Standard MI usage reports are available upon request.
Case Management feature allows the user to retrieve, review and potentially reprocess previously input cases
Reporting types
• Regular reports
• Reports on request
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
This is included within the functionality of the online solution, with input records subsequently output, as specified by the user, once matching has taken place.
Data export formats
Other
Other data export formats
HTML
Data import formats
Other
Other data import formats
No data upload available.

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Clients can select service offerings that best align to their business operations, and so we provide different options for availability, some are product specific. These options will be presented as scope is defined and a Service Offering Summary presented back to the client.
Approach to resilience
This information is available on request.
Outage reporting
Experian communicate progress on reported incidents only. Where a service outage is reported the impacted client is provided with a unique reference number for their incident, which ensures the client is included in communications relating to that outage, even where multiple clients are impacted.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Users have their access controlled using a user role and security group function.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
No audit information available
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
DNV GL Business Assurance Limited
ISO/IEC 27001 accreditation date
20/12/2016
What the ISO/IEC 27001 doesn’t cover
The following is covered by the scope of the certificate: the delivery and support of Experian IT infrastructure, operations, architecture and associated compliance and facilities management undertaken within the UK data centres.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Trustwave
PCI DSS accreditation date
28/10/2016
What the PCI DSS doesn’t cover
Not applicable
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Experian have a comprehensive Global Security Policy based on the ISO27001 standard which covers: Organisation and Management; Information Security; Asset Classification; Physical and Environmental Security; Communications and Operations Management; System Access; Systems Development and Maintenance; Compliance; Personnel and Provisioning; Business Continuity Management; Third Party Management. The policy is owned by Experian's Executive Risk Management Committee which is an executive level body, and which assumes ultimate responsibility for Experian's risk position. Information security is a key component of the risk management framework. Experian management supports security through leadership statements, actions and endorsement of the security policy and implementing / improving the controls specified in the policy. The policy is available to all Experian employees and contractors on the intranet. Changes to the policy are announced on the company's intranet and followed up with training and awareness programmes. New hires are required to undertake computer-based information security and data protection training, and this is repeated on at least an annual basis. Compliance to policy is overseen by internal audit.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Experian have a change management policy which is underpinned by processes and procedures based on ITIL best practice. This is a mature process. We use a service management tool that integrates change management, incident management, problem management, configuration management and knowledge management. Our change management policy, process and procedures are regularly audited by independent auditors. Formal risk analysis is employed using an approved information risk analysis methodology as a part of the project analysis phase for developments/changes. Security requirements for the system are identified and continue to be considered throughout the life of the product.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Servers and PCs are built to a documented secure standard, which includes anti-virus and malware defences. Information assets have a defined patching schedule, determined by the system's criticality and the level of threat the patch is mitigating. Experian actively monitors the threat environment and checks the effectiveness of security controls by reviewing both free and paid for sources of threat information, including; public information, major vendor feeds and also receiving information from specialist closed group mailing lists. The overall process is also plugged into an automated patch and fix strategy, underpinned with a technology infrastructure to deliver corrective updates.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Monitoring processes and tools are in place to manage alarms generated by security related alerts and these are fed into the incident management process. Experian has a formally documented risk based incident management process to respond to security violations, unusual or suspicious events and incidents. In the event an incident occurs a team of experts from all relevant areas of Experian are gathered to form an incident response team, who manage activities until resolution. The incident response team are available 24/7 to resolve any incident. Out of core hours the dedicated incident hotline is routed to the command centre.
Incident management type
Supplier-defined controls
Incident management approach
The incident management process incorporates a number of participants and contributors, including: Global Security Office - who facilitate and coordinate activities under the business security coordinator's guidance; Business Security Coordinator - a representative of the impacted business area, responsible for coordinating resolution activities; Incident Response Team (IRT) - IRT is made up of a membership that are empowered to make key decisions surrounding the actions to be taken to reduce impact, control actions, and impose corrective activities. A client report would be created, including: high level overview; facts; overview of events; actions taken.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

As an information services business, we have a relatively small environmental footprint compared to many other industries. The biggest impact from our controlled operations relates to greenhouse gas emissions from energy used to power, heat and cool our buildings and data centres, and from business travel (pre-Covid-19). Every year we reduce our carbon footprint, yet we want to take it further and accelerate our response to the climate change challenge
We’ve started our journey to becoming carbon neutral. Our global Corporate Responsibility team is engaging with various teams across the organisation to discuss carbon reduction initiatives and get a good understanding of what’s needed to achieve our target by 2030. This will allow us to develop a detailed Carbon Neutral Plan, including initiatives, targets, costings and timeframes, for agreement by end of November.
In March 2021, Experian became an official supporter of the Task Force on Climate-related Financial Disclosures (TCFD). We are committed to aligning our corporate reporting with the TCFD recommendations and early reporting on the majority of its requirements before it becomes mandatory for us in FY22.
Covid-19 recovery

Covid-19 recovery

We have focused on supporting our people, clients and consumers throughout the COVID-19 pandemic, using data as a force for good, helping to navigate the crisis.
We quickly transitioned the majority of our employees to work from home. We introduced flexible working and increased collaboration tools and support networks, such as mindfulness programmes, to help our people navigate the challenges of home working. Webinars and senior leadership vlogs helped us connect. Our employees around the world have shown incredible resilience, commitment and flexibility during the COVID-19 pandemic and this is reflected in our results.
We maintained operational capacity throughout the pandemic, we have kept the health and safety of our employees as the primary consideration of our pandemic response. Most of our employees are still working remotely. An effort is underway to determine our strategy for work arrangements in the future. We expect this to be guided by a consistent global framework and principles, with local flexibility around the approach to account for legal and cultural nuances.
We continue to take industry-leading positions designed to protect and educate consumers, as well as to promote the responsible reporting of data, with appropriate safeguards, in order to help the economic recovery from the crisis.
Tackling economic inequality

Tackling economic inequality

We help millions of people and businesses around the world get fair and affordable access to essential services and we work hard to make sure our business has a positive impact on the world, never a negative one. Our responsibilities – to people, society and the environment – guide everything we do.
By collecting and analysing data, we help people and businesses build up a financial track record and gain access to essential, everyday services that have previously been out of reach. We’re also pioneering the use of alternative data, such as rental or utility payments, to help people with limited financial history build up and strengthen their credit profiles.
Our people’s talents and our business resources go beyond the workplace. We encourage our people to use their skills to benefit society: many volunteer their time and skills to support their communities and improve financial education.
We also help our people support local groups and charities by matching funding and giving donations.
At Experian we realise relationships with all our stakeholders are key to our success and sustainable business growth. We also recognise that we have an impact on and responsibilities for the society we trade within. We consider these responsibilities carefully and aim to have a positive impact wherever we can.
Experian has developed a set of CR principles, endorsed by our Management Committee, to guide and enhance the way we work with our customers (both clients and individual consumers), colleagues, suppliers and communities. As a company, we are committed to working by these principles and will regularly benchmark and assess our progress in each area and report through our parent company.
Please see a copy of Experian’s supply chain principles on the following link: https://www.experian.com/corporate/code-of-business-conduct
Equal opportunity

Equal opportunity

Each and every one of our people deserves to feel valued, represented, and that they belong at Experian. We have over 30 employee-led groups globally that play a huge part in creating inclusion and advocating on behalf of our people. These groups are not only a safe space for anyone who needs it, but also drive change and build awareness across Experian, raising the standard for everyone.
Experian are registered as ‘Disability Confident’ and are currently undertaking an assessment with the Business Disability Forum. Our top 3 areas for focus this year is in learning & development, communications and technology. Our ambition is to remove barriers for all employees with disabilities at Experian.
Experian recognises that equal opportunities are fundamental to the Company’s success and is committed to encouraging a working climate that respects and promotes equality. There is a publicised Equality, Diversity and Inclusion policy which sets out the Company and employee responsibilities for ensuring equality and embedding a culture and working environment that actively safeguards against discrimination and unfavourable treatment of people in all aspects of employment including recruitment, promotion and training opportunities. There is also a Dignity at Work policy which sets out Experian’s commitment to creating a work environment free of harassment and bullying, ensuring everyone is treated with dignity and respect. All of the policies are compliant with the requirements of the Equality Act 2010 and the relevant clauses of the HRA.
More information can be found in Experian’s Diversity, Equity and Inclusion Report 2021 here: https://www.experianplc.com/investors/reports/
Wellbeing

Wellbeing

Since the pandemic we have increased our focus on the health and well-being of our teams across the world. We quickly implemented regular pulse surveys so we could respond rapidly and ensure the right support was available. We emphasised mental health, reflecting the challenges people faced while working remotely. A response to the statement ‘I am feeling physically and mentally well’ was 75% favourable on average across five pulse surveys we ran during the year. We put in place a range of initiatives to support our teams, for example #ReachOut, which gave all employees access to resources to support their physical and mental health whenever they needed it.
Experian has an important role to play in helping everyone through these uncertain times. We recognise the significance of the role we play in the UK economy and we are committed to ensuring that our data services are being used to help, protecting vulnerable people, businesses and communities.
At Experian, we work to create a better tomorrow for consumers, for businesses, and for our communities. This ambition underpins our plans for our people – to ensure we have the best people, working in a high-performing and inclusive environment where they feel they can do their best work in support of our vision.
We help millions of people gain access to essential, everyday services by helping them make the most of their data by Improving financial identities and access to credit, providing credit and financial education and tackling unmanageable debt among vulnerable groups. We define our responsibility as playing an active part in social and economic regeneration in our communities, at a local, national and global level. And we have many motivations for this engagement.

Pricing

Price
£0.05 to £10.00 a unit
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at digitalmarketplace@experian.com. Tell them what format you need. It will help if you say what assistive technology you use.