COACHSCANNER LIMITED

WeDRT - Flexible Supply Platform

WeDRT's Flexible Supply Platform is a software solution for local authorities, government and businesses to easily and efficiently implement Demand Responsive Transport services.

The software hosts a network of DRT enabled, fully compliant local vehicle operators which can be dispatched both on 'Core' long-term duties and 'Flexible' ad hoc duties.

Features

• Fully compliant with Public Contracts Regulations 2015 (Section 4).
• Flexible procurement for vehicles/drivers in response to varying demand.
• In-platform tender application creation process with customisable stages.
• Vehicle operator quality of service monitoring.
• Vehicle operator compliance monitoring and contract management.
• Implement flexible supply from a DPS.
• Implement flexible supply through frameworks and associated mini-competitions.
• Large database of local and national suppliers.
• In-platform purchase order and invoice management process.
• Customisable realtime email notifications of all relevant in-platform activity.

Benefits

• Cost savings from reduction in over-supply of vehicles (flexible supply).
• Cost savings from increased competition and bidding among local operators.
• Improved quality-of-service from peak demand facilitation & tracked supplier performance.
• Reduced time evaluating tender applications from built-in forms creator.
• Increased funds apportioned to local vehicle operators with flexible supply.
• Fully managed DRT service and support from experienced team.
• In-platform supplier compliance document repository and contract management.
• Large network of local suppliers to quickly facilitate flexible services.
• Avoidance of costs associated with monitoring, scaling and re-tendering.
• Option to automate flexible supply in response to client-defined parameters.

£1,000 a licence a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dan@wemove.io. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

370237121453919

Contact

Daniel Mould
07920064378
dan@wemove.io

Service scope

• Software add-on or extension: No
• Cloud deployment model: Hybrid cloud
• Service constraints: Planned maintenance periods lasting up to a number of hours may be required - these would be communicated well in advance to users and scheduled for times where the system is unlikely to be in use.
• System requirements: Modern web browser to access all platform features.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We aim to respond to questions received prior to 4pm the same working day; questions received on the weekend may be attended the same day depending on criticality, but in less urgent cases responses may be sent on the following Monday.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Web chat is accessible in-platform with accessibility features: screen reader support, colour contrast, keyboard navigation
• Web chat accessibility testing: Testing to be completed
• Onsite support: Onsite support
• Support levels: Support regarding both general use of the system and potential errors or clarifications is provided. In context, additional support may be provided in cases where vehicle suppliers may cancel a transport service at short notice (e.g. due to vehicle break down) and we would endeavour to find a replacement through direct dialling suppliers in addition to re-opening bidding for the transport service on the platform. ; ; Ongoing support regarding general use of the system is provided at an additional cost depending on number of users and required response time. Onsite support may also be provided at an additional cost subject to client requirements. A given technical account manager would be assigned to each client.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Onsite training is provided for local authorities and online demo calls can be arranged for both general platform usage and for instructions on how to perform specific actions.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users can extract their data at the end of contracts by email request.
• End-of-contract process: All relevant off-boarding procedures are included in the price of the service at the end of a contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The service interface is manifested as a web application with custom views for each user type. Local authorities will be able to create new transport quotes where on-platform moderated bidding will commence among vehicle suppliers, and view live services and data thereto related in the form of visualised transport schedules. Vehicle suppliers will be able to track and manage their vehicle fleet data, upload relevant compliance documents and view/bid on relevant transport quotes.
• Accessibility standards: None or don’t know
• Description of accessibility: The service is currently accessible via keyboard and mouse in modern web browsers. We aim to develop more accessibility features (e.g. voice login and in-platform actions) in future.
• Accessibility testing: Interface testing with users of assistive technology is currently in our technical roadmap and we aim to conduct this in future following the implementation of our core feature set.
• API: No
• Customisation available: Yes
• Description of customisation: Local authorities will be able to build and customise application form content, and any scoring therefor, for various stages of tenders or flexible contract competitions. Additionally, local authorities will be able to customise the parameter values indicating when flexible supply may need to be revised (either up or down), which subsequently controls when they receive notifications on this.; ; Suppliers will be able to customise data recorded for their fleet(s) of vehicles as appropriate.

Scaling

• Independence of resources: Compute resource within our cloud infrastructure is automatically scaled up when necessary at times where demand increases significantly.

Analytics

• Service usage metrics: Yes
• Metrics types: Local authorities will be able to view regularly updated metrics relating to their transport services and the reputability of vehicle suppliers. Regarding live demand responsive transport (DRT) services, metrics include: unfulfilled rider requests, average rider waiting times and idle vehicle durations. Regarding vehicle supplier reputability, metrics include: scheduled service cancellation rate and quality of service ratings applied by local authorities.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Through the platform, local authorities will be able to export their live transport service schedule data and data relating to the drivers and vehicles registered for the transport services.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee 99.5% uptime by default; this can be raised but subject to additional costs in required infrastructural resources. Should the guaranteed uptime not be upheld in any event, we would aim to hold discussions with clients to understand the impact of the disproportionate outage and provide reimbursement accordingly.
• Approach to resilience: Our entire infrastructure is managed by a third party on AWS with robust resiliency measures in place. Details are available on request.
• Outage reporting: Services outages are reported internally through a dashboard and email alerts to relevant staff internally and to affected clients.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: For full platform administration, only senior personnel accounts are capable of performing all platform actions - these would include actions on behalf of any other users and deletion of any vehicle supplier accounts in the case of illegitimate registration. Specific account manager users will be restricted to perform actions on behalf of their assigned client accounts.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: A third party service managing our infrastructure employs their own security governance policy.
• Information security policies and processes: Our information security policies are updated in alignment with our third party infrastructure management service provider. Up to date policies are available upon request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Servers and infrastructure are tracked through implementation as Infrastructure as a Code (Terraform) in CVS (GitHub). The application is tracked via GitHub and changes are actioned through a CI/CD pipeline (GitHub Actions).; ; Additionally, automation testing, unit testing, and release versioning are all practised.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We receive regular dependency vulnerabilities notifications via Github Dependabot - these are resolved and patches are deployed according to the threat risk and impact priority. There is a 2 weeks cycle for regular priority vulnerabilities and few hours cycle for critical priority vulnerabilities.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: A third party security testing company is used to identify potential compromises. As with vulnerabilities, compromises are resolved and patches are deployed according to the threat risk and impact priority. There is a 2 weeks cycle for regular priority and few hours cycle for critical priority. Additionally, frameworks in use in the application codebase provide implicit monitoring protection from compromises.
• Incident management type: Supplier-defined controls
• Incident management approach: Infrastructure checks are run and open ports, TLS certificates and more are monitored on a daily basis. The platform also has a bespoke major recovery plan document detailing steps to recover from critical incidents within a few hours.; ; Users can submit incidents through the support channel within the platform.; ; Incident reports are accumulated into single bi-weekly DevOps reports, which are shared with relevant stakeholders internally.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our flexible supply capability can reduce the number of Core Vehicles on the road, replaced by flexibly sourced Flexible Vehicles, thereby reducing dead mileage and CO2 emissions.

  Equal opportunity

  We empower smaller operators to engage with DRT schemes where before they didn't have the economic resources to join as a Core operator.

  Wellbeing

  Our expert call centre ensures that passengers always have a support line for any troubles they may be facing pre, during or post trip. This enables vulnerable passengers to feel more safe using the service.

Pricing

• Price: £1,000 a licence a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dan@wemove.io. Tell them what format you need. It will help if you say what assistive technology you use.