TARANTO SYSTEMS LIMITED

Taranto

The Taranto notice processing system combines over twenty-years of market experience and parking sector expertise, with a cutting-edge, future-proof, fully web-enabled application.

Taranto has been developed to drive efficiencies through on-street and back-office processes; as well as transferring parking administration to the customer through self-serve functionality.

Features

• Automated Progression
• Automated Correspondence
• Real-time Ticketing
• SSRS Reporting
• Web-enabled Solution
• Integrated Self-serve Functionality
• Environmental Enforcement
• Clamping and Removal
• Clean Air Zone Enforcement
• Blue Badge Management

Benefits

• Immediate PCN progression from Android app to back-office solution
• Multi-functional application; manage PCNs, FPNs, Permits and more
• Real-time GPS tracking, fault-reporting, clamping and removal management
• Intelligent deployment through location tools, real-time geolocation and historic reporting
• Automatic allocation of incoming correspondence and work through Workflow
• Completely customisable solution with focus on user empowerment
• Totally web-enabled access without the need of third-party software
• Customisable levels of user-access to specific functionality for every user
• Automatic report and system dashboard distribution
• Branded and customisable web-portals for PCNs, Permits, Suspensions and Issue-Reporting

£2,000 to £200,000 a licence a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris.murphy@tarantosystems.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

342557571234466

Contact

Chris Murphy
07969 430632
chris.murphy@tarantosystems.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: The Taranto Mobile enforcement application is used via a handheld device running Android OS. However, the software is device agnostic, meaning that it is compatible with a wide-range of hardware, providing the version of Android OS is higher than 5.1 (this last supported version may be updated throughout the life of the framework).
• System requirements:
  • Modern web-browser to access back-office solution (Edge, Chrome, Safari, etc.)
  • Handheld device running Android 5.1 or higher to use app

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: When an issue is raised by the user, one of our support engineers will assign the issue a severity level. Once we have agreed the severity level with the user, our team will aim to respond within the timeframes of the agreed SLA.; ; We have standard support hours (8:30am-5:30pm) however, we also have the platform to provide an ‘out of hours’ support facility through a staffed support service, which is available 24 hours a day, 7 days a week (excluding bank holidays).
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: We offer a “standard” support package covering hours (8:30am-5:30pm), but we have the platform to provide an ‘out of hours’ support facility through a staffed support service, which is available 24 hours a day, 7 days a week (excluding bank holidays). We are of course happy to discuss the optional enhanced service.; ; Our Support team is split across our Liverpool and London offices. The team consists of an Service Delivery Director, who leads the function; a Service Delivery Manager, who manages the support engineers; and, a mixture of Senior Technical Engineers and Technical Engineers.; ; Each of our clients is assigned a team of engineers, who will be dedicated to their service; this will be true for the user's contract. We will are happy to discuss alternate support levels with customers as the contract matures.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We have years of experience in delivering Taranto system training for our new and existing users. We successfully deliver training to hundreds of users each year, offering a tailored and flexible approach to all our customers.; ; Our dedicated training team are responsible for working with the customers and our own project managers to ensure a smooth transition to Taranto - the user's understanding of the software is critical to the successful delivery of the project.; ; Interactive classroom sessions are used to deliver ‘train the trainer’ courses to the council’s trainers or to train users directly (depending on the client's preference), and covering all pertinent areas of the system to the user. Training can be delivered remotely if required / preferred; ; During go-live, floor-walkers will be available to support system users to ensure that there is a smooth transition from learning to practical use of the solution.; ; Following the classroom training, evaluation forms will be used to gather feedback from the council’s training experience. This will ensure a high level of quality is maintained and reflected in our training delivery. We can also deliver post go-live webinar sessions to pick up any residual queries relating to the functionality of the system.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users can extract their data from Taranto using the various data export and reporting available as part of the Taranto solution, however, we would expect to assist the client with this process, and can facilitate an open, transparent and easy exit strategy should a contract held between ourselves and the user come to an end.
• End-of-contract process: Users can expect us to act professionally in communicating with both themselves and the new provider, should a contract held between ourselves and a user come to an end, in a defined transition of responsibilities.; ; This will include an extract of data (in a suitably agreed format to protect our database IPR), decommissioning handheld hardware containing our software, exchanging database information if required (e.g., data dictionaries) and passing over all documentation stored upon TSL infrastructure.; ; Moreover, we will endeavour to facilitate transparency with the new provider in an effort to leave the user in an agreeable position following our tenure as supplier. We are happy to agree a plan for this before the award of the contract, or to agree a specific date timeline as part of the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Taranto solution is comprised of a handheld application that is used for PCN issuance (and much more) that communicates with a web-based, back-office solution. Portals are designed to work on mobile devices.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Taranto has an established existing suite of documented APIs that can be used in many different use-cases.; ; Taranto has been designed to make interfacing with third party applications as straightforward and as simple as possible - Taranto can provide a data source for the operation to utilise, either through the front-end, GUI based solution (the Taranto website used within the Back Office), or via an API that can enable two-way communication with Taranto to be easily accomplished. This versatility and transparency means that Taranto can easily communicate with multiple external systems in multiple ways concurrently, and can easily assist with the integration of disparate systems.; ; We provide our clients with full documentation of our APIs and we are happy for any third-party provider to develop against our system, so long as our IPR is not infringed or at risk.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Taranto is used in various different geographies and in numerous different environments, including both on street and off street.; ; The system can be configured to be used in accordance with a variety of different legislations including, but not limited to, Road Traffic Regulation (Special Events) Act 1994, London Local Authorities Acts 1996 to 2008, Traffic Management Act 2004, including those issued by CEOs, CCTV (Bus Lane, Camera Enforcement & Mobile Unit Enforcement, including all Moving Traffic Contraventions (incl. 2022)). The system is not limited to the listed legislations; rules can be amended (or just relaxed) through Taranto’s own configuration module to align with user policies.; ; Taranto Policy will allow the users to maintain its own, individual polices. By default, Taranto follows statutory rules for processing different PCNs through the required stages and at the correct timescales in line with legislative requirements). The module can be used by users with the correct access levels (definable by operation itself) to amend these rules, providing flexibility to easily respond to changes in legislation or policy, including prefix, progression paths, statutory documents, new schemes such as additional permit types, cancellation-codes, new locations, contraventions, permit types and logo alterations, and more.

Scaling

• Independence of resources: The structure of the back-office database means that it is a highly robust and scalable solution. Taranto is used nationwide to process PCNs within a wide range of local authority and private company clients, and is deployed within some of the more strategically important and taxing operations in the UK. As such, we are confident about its ability to support the requirements of users, no matter how much their operation expands. Our hosted solution ensures that the demand of one client will not affect the performance of another.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Although direct database access is restricted, there are various options available to the user's System Administrators to export data from within the Taranto database. Taranto has specific functionality for this task called QueryBuilder which enables the user to construct database type queries to run against the database to export data. These can range from very simple to extremely complex queries.; ; Separate to QueryBuilder, Taranto has a varied suite reporting tools. All are included within the standard Taranto offer and no additional licences are required, meaning that each solution can be accessed by all users, dependent on permissions settings.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PDF
  • XLS
  • DOC
  • XML
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We are used to working to performance targets with associated service credit regimes. We hold current contracts for the largest and most complex enforcement operations in the UK, all of which have well-defined Key Performance Indicators and financial penalties for non-performance. We are comfortable with the addition of such targets in the user's contract and happy to discuss these further.
• Approach to resilience: We boast a strong track-record in service provision, with over 99% system uptime in the last two years. ; ; Taranto’s primary and fail-over services are both hosted in the Microsoft Azure Cloud, helping provide us and the council with peace of mind around data security and service uptime. We also employ robust testing processes to ensure data is backed up so that in the unlikely event of a system failure, the council can continue to undertake their business activities. ; ; TSL commissions all services in the Azure UK regions UK South and UK West. Azure utilises multiple datacentres in each region with various degrees of geographical separation, providing unrivalled resilience. All data held is only utilised for purposes specifically agreed with TSL’s clients as part of the provision of our services.; ; More information is available upon request.
• Outage reporting: We fully understand and appreciate the necessity of Taranto to remain active at all times, due to its inherent importance and business-critical function within the UK.; ; Taranto system outages are immediately dealt with as Priority 1 incidents,; ; We agree that availability and stability are key to customer experience and confidence in the product. Due to the monitoring, replication and failsafe measures within our hosted environment, we can provide a solution wherein the system can still be available even in the event of certain mechanisms failing, therefore avoiding unnecessary downtime for the user whilst the issues are resolved. This allows us to achieve and maintain an uptime of above 99%, and we have observed this amongst all existing clients hosted by ourselves.; ; Further, we do not believe in tiered levels of system availability – all clients who use the Taranto hosted solution are given our highest levels of system availability as standard.; ; Users are contacted if necessary, regarding system outages, however, it's more likely that users will contact us; issues will be dealt with via the escalation protocol followed and business continuity procedures that are in place.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
• Access restrictions in management interfaces and support channels: All management interfaces and support channels are subject to User Authentication. Sensitive data is encrypted through a carefully selected set of proven and robust industry standard delivery channels and encryption protocols, such as 128-bit encrypted password authentication for aspects of our external interfaces which are used by our third parties in accordance with the Data Protection Act. These services can also be made available over HTTPS for added security. All Taranto users have dedicated accounts for both the software solution itself (Taranto) and the online helpdesk solution (Freshdesk). Accounts can have varying user-access permissions.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 08/04/2024
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 19/06/2020
• CSA STAR certification level: Level 2: CSA STAR Attestation
• What the CSA STAR doesn’t cover: Microsoft hold the above certification for the datacentres that we commission to host Taranto for our clients.
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: TSL holds ISO27001 and ISO9001, the international standard for information security, for the provision of our IT services. This standard requires systematic examination of any risks to information security, with comprehensive policies to manage those risks put in place.; ; By continuously updating our data security policies we ensure that we are a proactive organisation, not a reactive one. As part of the certification, we maintain an Information Management System (IMS), with documented and evidenced processes to maintain the confidentiality, integrity, and availability of TSL and client data. Part of our IMS includes supplier management, and clauses in our supplier contracts to ensure that TSL and client data is only to be used for service delivery.; ; Security and information security from a key part of our approach of our financial and operational risk reporting mechanisms. Business and IT risks are tracked and reviewed as part of the management governance process. Quarterly ICT and Integrated Management System meetings are held with the directors and IT to review security related topics. ; ; Certification to ISO27001 demonstrates our commitment to ensure client’s information is kept secure and shows our ongoing commitment to delivering an exceptional service.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Should users wish for any bespoke changes to be made to the application (amending look and feel, or bespoke enhancements to pre-coded functionality) that are beyond user control, then these would need to be made by ourselves. Such changes must follow the agreed Change Control process; including assessment for potential security impact.; ; Once complete, we have a policy of making a new software release available once every four months; this includes both bug fixes and enhancements. As part of each upgrade, we provide software release notes and videos providing information on what fixes and functionality are available in each release.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We utilise Azure Security Centre for Pro-Active Security as a Service monitoring. This allows us to constantly monitor the security state of Azure resources containing user data, and provides various methods to facilitate a secure environment, alongside preventing unauthorised installations / access. We extend security and compliance monitoring on to the inside of the firewall to continually deliver monitoring, protection, and more, 24x7x365.; ; Should a vulnerability be discovered, the user is immediately notified. An initial mitigation would be implemented as soon as possible to minimise the negative effect of the vulnerability, until a patch is applied as a priority.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We will utilise the various and industry-standard monitoring tools available as part of Microsoft Azure. Azure security has defined requirements for active monitoring, and service teams configure active monitoring tools in accordance with these requirements. Active monitoring tools include the Microsoft Monitoring Agent (MMA) and System Centre Operations Manager. These tools are configured to provide time alerts to Azure security personnel in situations that require immediate action.
• Incident management type: Supplier-defined controls
• Incident management approach: We operate a management system which is compliant with the requirements of BS EN ISO 9001:2015. This is independently accredited by a UKAS recognised company. All key services delivered by us are covered by the requirements of this management system.; ; The Taranto Support team follows rigorous processes that are consistent with industry-standard IT service delivery standards such as Information Technology Infrastructure Library (ITIL) guidelines, and the key framework contained within our ISO 9001:2015 accredited Quality Management System.; ; Our support service can be accessed via telephone, email, or via an on-line, customer web-portal, the Freshdesk Incident Management Tool.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Working in an environmentally friendly way is a top priority for us and our parent company Trapeze. We aim to do this throughout every aspect of our business and are committed to continually improving and promoting sound environmental practice. We believe that taking this approach and embedding it in our ways of working helps support our clients in meeting their environmental objectives. ; ; As part of our long-term commitment to sustainability, we are reducing our environmental impacts – less energy and less waste, and this means reducing our carbon footprint – predominantly from business travel, which is our biggest environmental impact. ; ; We have also made attempts to offset our carbon footprint through introducing a tree-planting initiative. For every contract that we win, we plant 25 trees within the United Kingdom. So, by opting to use Taranto, customers will directly contribute to this initiative.; ; We are playing our part in offsetting our carbon emissions and contributing to climate positive projects globally, as well as reforestation projects here in the UK. We currently have 1,044 trees planted in any one of the many global projects run by our environmental partners, which means 76.8 tonnes of CO2 is also removed monthly. Trapeze Group also contributes to the UK tree reforestation scheme where 75 trees are planted every month either in Bath, Wales, or Aberdeen.; ; We have an Environmental and Carbon Management policy that is reviewed annually and contains our commitments to reduce waste, reduce consumption of materials and procure materials responsibilities, amongst other commitments.

  Tackling economic inequality

  We regularly offer places to apprenticeships, graduates, and work placement staff. We systematically move these resources around our business departments, including setting specific training and development programmes, to enable them to gain rounded experience.; ; In the past three years we have employed three staff at apprenticeship level, three graduates, and one work placement member of staff. The majority of these have gone on to become permanent employees of our business. We consistently work with customers to ascertain whether employment opportunities for local people can be offered in this way. ; ; Employability support is achieved through Launchpad, our targeted programme to engage with schools to “engage, inspire, support and employ” 11 to 19-year-olds. Through talks, workshops, mentoring, and work experience placements, we help students to understand what a career in our industry would look like, and how their own skills and interests could help them progress. ; ; In 2022 we visited The Fallibroome Academy in Macclesfield (within Cheshire East, where Taranto is used). The purpose of our visit was to speak to Year 7 and A-Level I.T. students about the I.T. industry, how I.T. is used in business, the variety of I.T. careers, and the learning paths to get in the I.T. Industry.

  Equal opportunity

  TSL is committed to eliminating discrimination and encouraging diversity amongst our workforce. Our aim is that our workforce will be truly representative of all sections of society and each employee feels respected and able to give their best.; ; Employment conditions and basic practices are designed to create an open and inclusive workplace culture in which everyone feels valued. We want all employees to have the opportunity to maximize their potential and enhance their self-development and their contribution to the organisation. We are committed to providing a positive work environment, promoting equal opportunities in all aspects of ; employment and opposed to any form of discrimination or harassment.; ; To that end, we employ the use of an equality policy within our staff handbook that all staff are given a copy of when they start their career with TSL. The purpose of this policy is to provide equality and fairness for all in our employment, and not to discriminate because of age, disability, gender, reassignment, marriage and civil partnership, pregnancy and maternity, race, ethnic origin, colour, nationality, national origin, religion or belief, sex, and sexual orientation. We oppose all forms of unlawful and unfair discrimination.

  Wellbeing

  Employee wellbeing at TSL is of the utmost priority to our business. staff receive various benefits including health-care, unlimited mental health support, regular inter-office events, cycle to work, free fruit in the office, and much more.; ; We have a strong track-record of community engagement and fundraising by our local office, helping maintain wellbeing both in the business and the wider place. ; ; Our Liverpool office has a Charity Lead who promotes a variety of worthwhile voluntary and charitable activities – from organising a fundraiser, to taking part in sponsored runs, and serving breakfast for the homeless. ; ; We recognise that we have a civic responsibility to allow employees to take on volunteering duties on behalf of registered charities and organised volunteering events. Additionally, the individual skill development arising from these wider activities is fully acknowledged and supported. ; ; Additionally, each year, we commit to sponsoring a junior football team in one of the areas where we deliver Taranto. ; ; For 2021-2022 we sourced a club in Sefton, named Greenloons. The club was born through demand in the area, due to many existing teams being at maximum capacity. This scheme has given many children a home to play football where they may not have had the opportunity elsewhere, not only to learn football skills, but to grow in confidence within a fun and safe environment.; ; For the 22-23 season, Taranto has sponsored Hashtag United’s Under 10s Youth Team, representing an area touched by several of our clients as they play in a Junior Essex League.

Pricing

• Price: £2,000 to £200,000 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris.murphy@tarantosystems.com. Tell them what format you need. It will help if you say what assistive technology you use.