MRI Software Limited

MRI ManhattanONE

ManhattanONE is a fully integrated suite of real estate modules, designed to support all aspects of the real estate lifecycle. Including leasing & accounting, planned & reactive maintenance, space management & scheduling, sustainability and project management. ManhattanONE offers strategic and tactical solutions to help you understand Total Cost of Ownership/Operation/Occupancy.

Features

• Real-time Reporting Analytics & Dashboards
• Business Process Automation
• Remote Access/Browser Based
• Project, Transactions, Aquisitions & Disposals Management
• Property Management / Estate Management
• Planned and Reactive Facilities Management and Maintenance
• Document Managaement
• GIS Integration
• Energy Management & Sustainability
• FASB & IASB compliance accounting

Benefits

• Reduce Duplication & Errors associated with Real Estate Data
• Increase Efficiency of Real Estate Processes
• Improve Decision Making
• Faster Access to Reports & Underlying Data
• Improve Collaboration Between Stakeholders
• Reduce Operating Costs
• Improve Real Estate Performace
• Increase Real Estate Returns & Profitability
• Provide access to information and services on demand for customers
• Make Better Use of Real Estate & Human Resources

£35,000 an instance a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@mrisoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

290090163802847

Contact

Claire Brown
020 3861 7100
tenders@mrisoftware.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Planned maintenance is typically scheduled outside of regular business hours.
• System requirements: A current, supported web browser

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: MRI’s Global Client Support group will make every reasonable effort to ensure that submitted cases are assigned the proper level of Severity. Submitted cases will be responded to in the order in which they are received, with consideration given for higher Severity levels. Response Time is the time it takes before a Global Client Support agent makes initial contact with the individual who submitted case. ; Standard Service (Normal Priority - 6 Hours, Serious Priority - 3 hours, Critical Priority Live Call Only)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We include support within our annual fee. Support includes a named Account Manager and a Client Support Helpdesk. The Client Support Helpdesk also serves as the contact for all cloud support requests for trained users. Cases and incidents can be recorded and viewed in the online portal on a 24/7 basis. The Portal provides clients with information on support cases, regardless of whether a call is logged via a phone call or via the portal. Various information, documentation, forums and resources are also available on the portal.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: ManhattanONE is a comprehensive solution and we would not expect any customer to just get on with it. We would arrange a series of training workshops where we would walk through the customer's requirements and ensure that the Manhattan configuration meet those requirements. We would then arrange further training to ensure that client achieved their stated objectives.; ; Onsite training and comprehensive user documentation are available.
• Service documentation: Yes
• Documentation formats:
  • ODF
  • PDF
• End-of-contract data extraction: Any of the system reports and Grids can be run to transfer the data to for example to Excel. Alternatively, clients can request that data can be returned as a Microsoft SQL Server backup file. Various options are available for delivery of files (e.g. secure FTP)
• End-of-contract process: Following termination of the contract (for whatever reason), buyer shall certify that it has returned or destroyed all copies of the applicable software and confidential information of supplier and acknowledges that its rights to use the same are relinquished. Buyer shall use its commercially reasonable efforts to remove all buyer data from any software or SaaS service prior to termination of the contract. Buyer may engage supplier to assist buyer in removing such buyer data at supplier's then standard rates. If any buyer data remains in the software or SaaS service more than thirty (30) calendar days after the effective date of termination, supplier may, in its sole discretion and without notice, delete any and all buyer data.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: ManhattanONE includes a number of purpose-built tools that are designed for mobile use, these include Mobile Works Orders, Mobile Room and Desk Booking, and SpaceWalker a mobile office space utilisation survey tool.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: The ManhattanONE API test harness provides a structured environment for the setup and utilisation of the available APIs. These include a wide range of options for use throughout the application. In addition, ManhattanONE provides a configurable API platform, any of the ManhattanONE Grid Reports, either system or user-defined, can be used as an API framework for extracting or inserting data for the system in a controlled and structured way.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: ManhattanONE has the capability, if required, of being highly configured so each user only needs to see and access what is important for their role.; • The menu system is fully and individually configurable for each user or group of users, including the structure and content of the tree, the drop-downs and the user favourites.; • Each users Dashboard or Home screen is fully configurable.; • The way each user access their relevant options is configurable, be that via the tree, via tabs, via hyperlinks from the dashboard.; • All of the text, including menu options, screen headings, field labels are fully configurable to the language and terminology of the client.; • Fields may be turned on or off, may have their behaviour adjusted, may be made into look-ups, drill downs or made mandatory etc.; • The screen layout may be adjusted user the screen editor.; • New screens may be configured.; • Cross-form and in-form calculations may be defined.; • The central hierarchical structure and where data is located in it is fully configurable.; • The configuration work would be undertaken by the user's system admin or super user team – not IT professionals or the software supplier.

Scaling

• Independence of resources: The application is horizontally scalable. Supplier monitors network, web, API, reporting and SQL load and flux in capacity as needed to accommodate growth in the environment. Cloud environments are monitored continuously and supplier will make adjustments to the application farms based on load criteria. Due to the unique and ever-changing needs of client it is not possible to outline any single solution that encompasses this aspect.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics of system uptime and number of logins within the system can be provided on request.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The ManhattanONE Reports although for the data to be exported to Excel & CSV, HTML pages and PDF.; The Open APIs although for data to be selected and then exported.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PDF
  • HTML
• Data import formats:
  • CSV
  • Other
• Other data import formats: Excel

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We use commercially reasonable efforts to ensure availability twenty -four (24) hours a day, seven (7) days a week, except for: (a) planned downtime (of which we provide adequate notice and will schedule to the extent practicable during the weekend hours), or (b) any unavailability caused by circumstances beyond our reasonable control, including without limitation, Force Majeure events or internet service provider failures or delays. We host our solution in a UK-based Tier 3 data centre that is designed to deliver high availability.
• Approach to resilience: Available on request
• Outage reporting: The Service is automatically monitored 24 hours a day/7 days a week by a specialist monitoring tools. This will generate a range of warnings and alerts which will be emailed to the constantly manned support desk. In the event of an incident that may affect performance or availability, the nominated contacts at each client will be contacted.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access to our systems and data is controlled through a formal process beginning with a formal notification from management. Each user is provided with a unique user ID for systems so that users can be linked to and made responsible for their actions. Access to is given through the provision of a unique account and complex password. The job function of the user decides the level of access the employee has to data. Vendor default accounts and passwords for our the systems are changed at the time of provisioning and unnecessary services and user/system accounts are disabled.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We have ISO27001 2013 certification and provide a dedicated security office to monitor, maintain and enhance all security policies and procedures.; ; All policies and procedures are available for all staff to review and consult and a yearly refresher and re-validation process is in place for all staff.; ; The solution is also audited to SOC 1 Type 2

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Elements of our ISO27001 certification cover configuration and change management processes
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We follow the ISO27001 standard and implement appropriate controls,
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: SIEM system is implemented to detect and analyse compromises and an incident management response procedure is also in place. The response will be risk based when a potential compromise is found.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incidents are managed according to ISO 27001:2013 ISMS controls and processes which includes a defined "Security Incident Management Policy" including reporting mechanisms for both Information Technology and Physical Security incidents, incident logging, communication to internal and external parties, escalation, reporting, planning, implementation of preventative actions, securing / forensic evidence and continued improvement / incident review

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  MRI is committed to managing environmental risks that are material to our business and to reducing our carbon footprint by enhancing the energy efficiency of our operations and reducing the amount of waste that our company produces. We do this by utilising some of our own solutions with sensors in our own offices to assess our space utilization, energy usage and setting a reduction plan. As well as improving our own position, we also look at ways to help our clients work towards using services that have less impact on our planet’s scarce resources. A good example is HomeSwapper, our national mutual exchange solution. HomeSwapper enables tenants to swap homes either locally or anywhere across the United Kingdom with another social housing tenant, often to reduce their commute to work or schools which has a direct impact on carbon emisisons in the region.

  Covid-19 recovery

  We have fully embraced hybrid working and have recently formalised our flexible working model and different types of flexibility offered to all employees. We believe flexible working benefits our employees and the business. Our solutions available on this framework are all available remotely allowing our clients employees, users and contractors as applicable to work from any location in accordance with your approved working practices to allow flexibility

  Tackling economic inequality

  Our employees are all contracted and salaried fairly, in line with the Living Wage standards. All of our employees are paid at least the minimum rates as stated under the current Living Wage. We do not employ anyone on zero hours contracts and have a strong commitment to regularly review salaries in line with our appraisal process. We have a number of apprentices in the business who we are supporting to complete degree level qualifications, who all receive above the apprentice minimum wage. We also offer a comprehensive benefits package for all our staff, which includes health and wellbeing support and access to private health care.

  Equal opportunity

  We work hard to ensure our employees have a voice. Our business has various committees in place, such as a Diversity, Equity and Inclusion Committee and Employee Resource Groups, such as Women & Allies and LGBTQIA+, which help us understand how employees feel about working at MRI and help us drive forward inclusive events. We have also very recently launched our first ERG – employee resource group for Women and Allies. As a business with over 250 employees in the UK we are required to produce a Gender Pay Gap report. We very much welcome this initiative and our reports are available publically on our website. This report shows the impact we have on reducing our Gender Pay Gap and also highlights the many initiatives we have underway to further reduce our gap. This includes the development of our Flexible Working and Inclusive Policies initiatives, educating our People, People Managers and Business Leaders and working with external partners to attract a diverse staffbase.

  Wellbeing

  Work hard, play hard. From the day we opened our doors, we set out to build flexible, game-changing solutions that would make people's lives better. We do this by providing our clients with solutions that enable them to provide better places to live, work, and do business. The only way to carry out that mission is to hire the best employees and keep them. We are dedicated to creating a working environment which supports and develops our staff. Some of the benefits that we offer are: Gym reimbursements, Medical assistance, including mental health tools, Flexible working opportunities, including hybrid working Employee engagement is key to MRI's success and we hold quarterly spirit weeks to both connect and enthuse our teams globally. These weeks are themed and where staff are encouraged to learn about different topics or take part in activities that they might not typically have time for. These include fitness sessions, cooking sessions, engagement with families for those working from home or targeting one big event where we can globally feel like we are one team with the same goal. We also carry out bi-annual employee engagement surveys to ensure employees can express their views.

Pricing

• Price: £35,000 an instance a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@mrisoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.