COMPASS INFORMATICS UK LIMITED

Compass Pavement Management Solution: Roads Management & Survey

The Pavement Management Solution focuses on the management of information and actions relating to the road pavement, including the recording and monitoring of road condition and maintenance programmes.

Features

• Ensuring political accountability for decisions affecting the assets
• Reducing time in the field delivering true labour cost savings
• Automating integration of data collected in the field
• Desktop analysis and reporting tools
• CLOUD hosted
• Hardware and software configured to meet client’s requirements

Benefits

• Allows the user to optimise their working day
• Allows decision makers rapid access to data
• Usable and understandable data formats
• Enables effective planning of road management
• Effective management of work tasks at local and national level
• Web based access to data and services for data modelling
• Based on best practice .Net and CLOUD technology

£50,000 a licence

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@compassinformatics.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

414191457104224

Contact

Phil Baldacchino-Steward
+44 1937 833933
sales@compassinformatics.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: There are currently no service constraints, the service provided is a 24 x 7 x 365 service. Deployable on AWS or Azure for specific organisation instances.
• System requirements: None

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Support is based on P1 to P5 SLAs, with varying times out of hours and weekends.; User can manage status and priority of support tickets
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support levels Compass Informatics will provide a 9.00 am - 5.00 pm live help desk. The call centre can be reached by direct phone, email, Twitter. A full ticketing system is used to provide an expert service. For technical issues Compass provides a support service for problem logging, analysis and resolution. This is largely driven via email and web, and we currently utilise the leading ZenDesk platform. We operate Customer and User agreements and an SLA. This SLA template will be modified to reflect your specific requirements. Access to Technical Support includes: ; • Problem Analysis ; • Defect work around, reporting, and tracking ; • Problem Escalation where necessary ; • Product software fixes / upgrades, and assistance ; • Migration path information ; • Assistance with licensing ; • Assistance in transferring licenses to another platform Support methods include: ; • Web-based ticketing system with associated knowledge base ; • Dedicated support email or direct to appointed team member; • Telephone including phone conferencing ; • Remote access to servers to diagnose and fix issues ; • Screen sharing via Lync, RSupport, WebEx, or similar
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Requirements and gap analysis Roads network check and integration Mobile apps suite assessment and deployment User accounts and permissions setup Training delivery Support activation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Subject to data protection and the account holders permission, account details can be extracted and delivered to a nominated officer of the client.
• End-of-contract process: On termination of the Agreement, Compass Informatics can provide - subject to mutual agreement - for the transfer of all data, including customer End User data, and / or information received and processed for the duration of the Agreement to you. Subject always to Data Protection requirements as per best practice.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: A suite of data capture apps are provided specifically for data capture in field.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: Web browser interface including digital mapping. Also mobile apps for asset data capture and condition assessment.
• Accessibility standards: None or don’t know
• Description of accessibility: Note the system is heavily map-based.
• Accessibility testing: There are known constraints in use of digital mapping.
• API: Yes
• What users can and can't do using the API: OGC data web services can be provided and consumed.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: A requirements specification process is undertaken, and thereafter full configuration and customisation of features is feasible - including web functions, and mobile apps.

Scaling

• Independence of resources: Compass utilises Microsoft Azure hosting at a data centre in Ireland. Each customer utilising specific independent areas, therefore guaranteeing service up time, speed and capability.

Analytics

• Service usage metrics: Yes
• Metrics types: User accounts and usage levels e.g. km surveyed; Support tickets reporting; Others by agreement.
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Audit data is stored in Azure File Storage. Data can be downloaded and analysed using the tool Azure Storage Explorer. Dashboard reports are available using an Excel spreadsheet.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: “Deployment Minutes” is the total number of minutes that the Pavement and Asset Management Solution has been set to running in Microsoft Azure during a month. Deployment Minutes is measured from when the App was initiated an action that would result in running the App to the time Customer initiated an action that would result in stopping or deleting the App. “Maximum Available Minutes” is the sum of all Deployment Minutes across all Apps deployed by Customer in a given Microsoft Azure subscription during a month. Downtime: The total accumulated Deployment Minutes, deployed by Customer in a given Microsoft Azure subscription, during which the App is unavailable. A minute is considered unavailable for a given App when there is no connectivity between the App and Microsoft’s Internet gateway. Monthly Up time Percentage: The Monthly Up time Percentage is calculated using the following formula: Monthly Up time % = (Maximum Available Minutes-Downtime)/(Maximum Available Minutes) x 100 Service Credit MONTHLY UPTIME PERCENTAGE SERVICE CREDIT < 99.95% 10% < 99% 25%
• Approach to resilience: No matter how well engineered the physical infrastructure, service incidents do occur. We accept the three laws of operations – servers will fail, software will have bugs, and humans will make errors. Using Microsoft Azure, we employ sophisticated software-defined service instrumentation and monitoring that integrates at the component or server level, the datacentre edge, our network backbone, Internet exchange sites, and at the real or simulated user level, providing visibility when a service disruption is occurring and pinpointing its cause. More importantly, we are continuously investing in developing greater application resiliency in our software so it will instantly recognise a disruption and gracefully fail over to a different set of servers or even a different datacentre, without interrupting the availability of the service.
• Outage reporting: A public dashboard is available 24 x 7 x 365 enabling you to check for outages.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Restriction to management interfaces and support channels are provided through administrative restrictions both within GoParkit and Microsoft Azure.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Approachable
• ISO/IEC 27001 accreditation date: 30/07/2021
• What the ISO/IEC 27001 doesn’t cover: The certification covers information security in the provision of software services including, systems development, data analytics, combining geographical information systems (GIS), location technologies data analytics and field computing systems - all other activities are NOT covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Compass Informatics have established an Information Security Governance Group at a senior level within the organisation hierarchy. This Group includes representation from those responsible for key services, representatives of those responsible for other information assets and those responsible for implementing the information security policy. The team: ; • Review the ISMS and play a role in its continual improvement ; • Co-ordination of cross-organisational controls and conflict resolution • Provide regular performance reports ; • Provide advice and expert assistance, including risk assessments.
• Information security policies and processes: Compass Informatics have established an Information Security Governance Group at a senior level within the organisation hierarchy. This Group includes representation from those responsible for key services, representatives of those responsible for other information assets and those responsible for implementing the information security policy. The team: ; • Review the ISMS and play a role in its continual improvement ; • Co-ordination of cross-organisational controls and conflict resolution ; • Provide regular performance reports ; • Provide advice and expert assistance, including risk assessments.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Compass Informatics applies Kanban to its configuration and change management and incorporates elements of SCRUM.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Compass Informatics perform vulnerability assessments of their entire portfolio on an on-going basis. New vulnerabilities are reported and if required we release software updates. A regular assessment regime is essential to ensure that we are aware of the risks that are present.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Protective monitoring approach Processes are monitored through the Microsoft Azure protective monitoring tool, if compromises are suspected they are dealt with automatically, with threats being quarantined for further investigation and fix. Most incidents are dealt with automatically with no interruption to service levels.
• Incident management type: Supplier-defined controls
• Incident management approach: Microsoft Azure provides online tools for checking status of service.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Compass Informatics are committed to fighting climate change. We operate in line with an Environmental Social and Governance policy which has been derived between the business units with the support of the wider Tracsis group.

Pricing

• Price: £50,000 a licence
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@compassinformatics.com. Tell them what format you need. It will help if you say what assistive technology you use.