MRI Customer Portal (Resident or Tenant)
Our online portal is an interface between customers and their social or private landlord driving community engagement, providing self-service and delivering personalised content. You can share information and guides; offer forums; present statements, agreements and contracts; enable online payments; share real-time travel information and weather and much more.
Features
- Online customer portal reflecting your brand
- Software as a Service but with your choice of URL
- Designed for mobile, tablet and desktops
- Integrates via API with back office systems
- Online maintenance call logging with optional back office system integration
- Online customer forums with moderation options
- Integrates and links to payment gateways and Allpay
- Deliver offers and services online to customers
- Umbraco CMS templates and groups for easy content management
- Access to documents, such as agreements, online for your customers
Benefits
- Enables customers to self-serve delivering efficiency
- Gives greater transparency to customers
- Supports customer service by reducing demands on contact centre
- Enables staff to quickly update content to quickly reach customers
- Provides a single online location for customer interaction for convenience
- Encourages and promotes customer engagement
- Easy to manage and update content
- Personalised content for specific user groups for clarity and control
- Provide access to information and services on demand for customers
- Enables staff to deliver services quickly and more efficiently
Pricing
£10,000 an instance a year
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
3 4 4 3 3 6 9 6 8 7 5 5 4 3 6
Contact
MRI Software Limited
Claire Brown
Telephone: 020 3861 7100
Email: tenders@mrisoftware.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- Planned maintenance is typically scheduled outside of regular business hours.
- System requirements
- A current, supported web browser
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- MRI’s Global Client Support group will make every reasonable effort to ensure that submitted cases are assigned the proper level of Severity. Submitted cases will be responded to in the order in which they are received, with consideration given for higher Severity levels. Response Time is the time it takes before a Global Client Support agent makes initial contact with the individual who submitted case. Bundled Service (Normal Priority 6 Hours, Serious Priority 3 hours, Critical Priority Live Call Only) Concierge Standard (Normal Priority 4 Hours, Serious Priority 2 hours, Critical Priority Live Call Only)
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- We include support within our annual fee. Support includes a named Account Manager and a Client Support Helpdesk. The Client Support Helpdesk also serves as the contact for all cloud support requests for trained users. Cases and incidents can be recorded and viewed in the myMRI portal on a 24/7 basis. The myMRI Portal provides clients with information on support cases, regardless of whether a call is logged via a phone call or via the portal. Various information, documentation, forums and resources are also available on the portal.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- As an end user online portal, the site is very intuitive and designed to follow web site conventions so end user training is not usually required other than providing general 'getting started' information via email, newsletters or at resident or tenant forums. Engage will provide guidance on the content of these as part of your onboarding. We can deliver training if required and this can be scoped and quoted to meet your requirements. We will provide up to four content management training sessions which are typically delivered online as they do not take long as the system is not complex to use. On site training can also be offered at a standard daily rate for the trainer plus expenses. We provide a user guide in a PDF format to those who undertake the content management training. This guide also covers some administration tasks.
- Service documentation
- Yes
- Documentation formats
-
- ODF
- Other
- Other documentation formats
- Microsoft Word
- End-of-contract data extraction
- At the end of the service, we can extract any data required and issue it to the client using an agreed secure method.
- End-of-contract process
- At the end of the contract, the service is ceased and, if requested, customer data is returned. The portal is then decommissioned.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- We design our portals as 'mobile first' so the services offered are the same on mobile or desktop. Our portals are tested on mobiles so that visually and functionally the portals are attractive and easy to use on both smaller mobile screens and larger monitors.
- Service interface
- No
- User support accessibility
- None or don’t know
- API
- Yes
- What users can and can't do using the API
- Our API is designed to enable our portals to interface with your back office systems such as your housing management system. This enables specific data and documents, such as contracts and statements, to be securely shared with your customers. The API is also used for tasks such as progressing applicants through the application process in your back office system or for logging and sharing status updates for maintenance requests. It is also used to enable charges to be presented for online payments and related receipting. Our implementation includes a scoping phase where we scope the API requirements and will work with your IT and application teams to review these and manage and deliver any agreed changes.
- API documentation
- No
- API sandbox or test environment
- No
- Customisation available
- Yes
- Description of customisation
- Our portals are customisable to meet our customers requirements. The customisation options that we offer include: - Engage incorporating logos and brand imagery at setup - we incorporate brand colour schemes and fonts - sections may be activated or deactivated across the whole site or for specific groups through the CMS by client admins or us at any time - content is customisable and may include content such as images, formatted text, links and videos through the CMS by client admins or usat any time - End users can add an image to their profile
Scaling
- Independence of resources
- Our portals are designed to minimise the load on the system for any process or interaction and incorporate load balancing to evenly distribute traffic. We host on an easily scalable Microsoft Azure platform which is monitored 24x7x365 enabling us to manage capacity seamlessly in the background and our proactive monitoring ensures that we can respond to peaks in demand.
Analytics
- Service usage metrics
- Yes
- Metrics types
- We set up a Google Analytics code on the site and can provide basic usage statistics such as new enrolments. Further service metrics may be scoped and provided on request at additional cost.
- Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with SSAE-16 / ISAE 3402
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Minimal end user data is stored in the system and all may be removed using copy and paste from their user device from within the portal with minimal effort.
- Data export formats
- Other
- Other data export formats
-
- TXT
- JPEG;PNG;BMP
- Data import formats
- Other
- Other data import formats
-
- TXT
- JPEG;PNG;BMP
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- We use commercially reasonable efforts to ensure availability twenty -four (24) hours a day, seven (7) days a week, except for: (a) planned downtime (of which we provide adequate notice and will schedule to the extent practicable during the weekend hours), or (b) any unavailability caused by circumstances beyond our reasonable control, including without limitation, Force Majeure events or internet service provider failures or delays. We host our solution in a UK-based Tier 3 data centre that is designed to deliver high availability.
- Approach to resilience
- Available on request
- Outage reporting
- Salesforce support desk is used to manage customer / support interaction for specific customer system issues. E-mail advisories are in place and used to alert multiple customers / contacts of unplanned outages.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
- Access to our systems and data is controlled through a formal process beginning with a formal notification from management. Each user is provided with a unique user ID for systems so that users can be linked to and made responsible for their actions. Access to is given through the provision of a unique account and complex password. The job function of the user decides the level of access the employee has to data. Vendor default accounts and passwords for our the systems are changed at the time of provisioning and unnecessary services and user/system accounts are disabled.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- Public key authentication (including by TLS client certificate)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- Whilst our security governance is not certified to a standard, it is closely aligned to the ISO27001 and PCI standards.
- Information security policies and processes
- All staff are issued with our security policy when they join and confirm that they understand and will adhere to this. Our security policy is supported by processes and procedures such as our data breach reporting, new starters and leavers procedures. Our software development process incorporate privacy by design with security at the heart of everything that we do. All staff are trained on our security processes when they join and have regular refresher training. Our policies and processes are regularly reviewed by our operations managers and the outputs of these reviews are, in turn, reviewed with senior management. The focus of these reviews are the performance and ongoing applicability of our security management system.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Our planning processes ensure that all configuration changes are properly scoped and planned before implementation. Our design and development processes incorporate Privacy by Design and all changes are reviewed and approved prior to implementation. Our implementations are tracked and managed through our core line of business systems, including development tickets, code changes and deployments enabling us to control and manage work day to day and to support root cause analysis should issues arise.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Our systems are monitored and managed 24x7x365 enabling us to quickly respond to threats. Part of this management includes a review of potential threats, as advised by trusted security partners and resources. The built in patch management function of our monitoring platform deploys patches and updates in a controlled manner than standard tools such as Windows Update or WSUS. Typically, we review and release all critical and security updates on a monthly basis as they are released but in some instances release an update or patch outside of this cycle if there is a need to mitigate an immediate risk.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Potential compromises are identified through the monitoring of alerts automatically triggered with our NOC via systems monitoring tools or from tickets raised by individuals. All such threats are handled as potentially high impact so receive a prompt response. Our first response is to contain the threat, followed by more detailed root cause analyse and implementation of a permanent fix.
- Incident management type
- Supplier-defined controls
- Incident management approach
- Our incident management processes are designed to align with ITIL recommended best practices. Due to the design of our product, no particular events are common but we do have pre-defined processes for incidents such as a site outage or compatibility issues with specific browsers. Users may report incidents via email, telephone or an online form may be delivered, if requested, within the portal. Incident reports are available on request for any incident and are provided by email.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
MRI is committed to managing environmental risks that are material to our business and to reducing our carbon footprint by enhancing the energy efficiency of our operations and reducing the amount of waste that our company produces. We do this by utilising some of our own solutions with sensors in our own offices to assess our space utilization, energy usage and setting a reduction plan. As well as improving our own position, we also look at ways to help our clients work towards using services that have less impact on our planet’s scarce resources. A good example is HomeSwapper, our national mutual exchange solution. HomeSwapper enables tenants to swap homes either locally or anywhere across the United Kingdom with another social housing tenant, often to reduce their commute to work or schools which has a direct impact on carbon emisisons in the region.Covid-19 recovery
We have fully embraced hybrid working and have recently formalised our flexible working model and different types of flexibility offered to all employees. We believe flexible working benefits our employees and the business. Our solutions available on this framework are all available remotely allowing our clients employees, users and contractors as applicable to work from any location in accordance with your approved working practices to allow flexibilityTackling economic inequality
Our employees are all contracted and salaried fairly, in line with the Living Wage standards. All of our employees are paid at least the minimum rates as stated under the current Living Wage. We do not employ anyone on zero hours contracts and have a strong commitment to regularly review salaries in line with our appraisal process. We have a number of apprentices in the business who we are supporting to complete degree level qualifications, who all receive above the apprentice minimum wage. We also offer a comprehensive benefits package for all our staff, which includes health and wellbeing support and access to private health care.Equal opportunity
We work hard to ensure our employees have a voice. Our business has various committees in place, such as a Diversity, Equity and Inclusion Committee and Employee Resource Groups, such as Women & Allies and LGBTQIA+, which help us understand how employees feel about working at MRI and help us drive forward inclusive events. We have also very recently launched our first ERG – employee resource group for Women and Allies. As a business with over 250 employees in the UK we are required to produce a Gender Pay Gap report. We very much welcome this initiative and our reports are available publically on our website. This report shows the impact we have on reducing our Gender Pay Gap and also highlights the many initiatives we have underway to further reduce our gap. This includes the development of our Flexible Working and Inclusive Policies initiatives, educating our People, People Managers and Business Leaders and working with external partners to attract a diverse staffbase.Wellbeing
Work hard, play hard. From the day we opened our doors, we set out to build flexible, game-changing solutions that would make people's lives better. We do this by providing our clients with solutions that enable them to provide better places to live, work, and do business. The only way to carry out that mission is to hire the best employees and keep them. We are dedicated to creating a working environment which supports and develops our staff. Some of the benefits that we offer are: Gym reimbursements, Medical assistance, including mental health tools, Flexible working opportunities, including hybrid working Employee engagement is key to MRI's success and we hold quarterly spirit weeks to both connect and enthuse our teams globally. These weeks are themed and where staff are encouraged to learn about different topics or take part in activities that they might not typically have time for. These include fitness sessions, cooking sessions, engagement with families for those working from home or targeting one big event where we can globally feel like we are one team with the same goal. We also carry out bi-annual employee engagement surveys to ensure employees can express their views.
Pricing
- Price
- £10,000 an instance a year
- Discount for educational organisations
- No
- Free trial available
- No