Traqplan limited

Traqplan Portfolio Management - Scheduling, Reporting, Dependencies, Risks and Assumption Management

Traqplan creates a plan-on-a-page for your portfolio of projects combining plans from multiple sources such as Microsoft Project. Traqplan is also popular for allowing non project people to create simple timelines for the portfolio plan-on-a-page.

Traqplan also manages portfolio risks, dependencies, issues and assumptions and can be integrated with P6.

Features

• Creates professional timelines with swimlanes across the portfilio.
• Track changes against a baseline for multiple views
• Establishes one source of truth for project planning.
• Create simple plans for non-project professionals.
• Centralises risks for easy management and tracking across diverse teams.
• Extremely simple user interface provides simpler alternative to MS Project.
• All data is encrypted at rest and in transit.
• Visually create milestones and activities plan on a page.
• Centrally capture and manage dependencies, issues and assumptions
• Dependency Management

Benefits

• Standardises the timeline view across the portfolio and department.
• Centralises the location of plans within the department.
• Establishes one source of truth.
• Reduces the learning curve for rapidly onboarding EO grade planners.
• Improves resilience within the planning team as staff move.
• Creates powerful rapid feedback loop between PMO and project teams.
• Reduces reporting burden on teams and enables faster reporting cycles.
• Removes human error within the PMO when updating plans.
• Centralised risk register helps standardise risk management across the department.
• Enables collaboration between colleagues working locally and overseas.

£15 to £150 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at colin@traqplan.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

429138464222888

Contact

Colin Ward
07825 883 159
colin@traqplan.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Microsoft Project
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: Requires google Chrome or Firefox web browser to run.
• System requirements: Requires software licences to be bought.

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: We offer different response times based on the criticality of the issue as identified in the support request. ; ; 1) Business Critical – Your normal service requires urgent support to perform essential duties. Response time within 2 hours.; ; 2) Material Fault - Interruption to normal service – You are still able to perform the majority of business functions. Response time 4 hours.; ; 3) Cosmetic Fault - 8 hours; ; 4) Change request - 8 hours; ; Standard hours for support are Monday - Friday, 0900 to 1700.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We offer one support structure which allows the user to purchase a "package" of days with volume discount; ; Support Package Costs: ; 2 days £1,500 per day; 5 days £1,250 per day; 10 days £1,000 per day; Additional support can be purchased in these multiples.; ; We also offer packages of classroom training specific to the traqplan software which can be more cost efficient for larger groups of people;; ; Prices for training courses;; 2 courses £1500 per course; 5 courses £1250 per course; 10 courses £1000 per course (covers 80 people); ; We appoint an account manager to a customer and an engineer is allocated depending on the nature of the enquiry.; Standard support is Monday to Friday, 0900 to 1700.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide training, access to video tutorials and documentation.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Powerpoint training material and user manual
• End-of-contract data extraction: The users can extract their data by requesting it via email.
• End-of-contract process: At the end of contract the user login access is removed, and the customer details are deleted. There is no additional cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: The interface to the service is via a web domain which provides login access. This login can be integrated with the customer secure services such as Okta , or via an OAuth2 provider. On logging in the user can access their organisation account. The service is only available through web browsers and the data and usage is not suitable for smaller screens such as smart phones or small laptop screens.
• Accessibility standards: None or don’t know
• Description of accessibility: All of our graphical elements have textual descriptions.; Our control buttons have text embedded in the button with tooltips and the menus are plain text.; Our application is not intended to generate a sensory experience.; We provide training material in video format with audio, however for accessibility this is also made available in written format (pdf) with textual descriptions.
• Accessibility testing: We have tested with an experienced user of JAWS (assistive technology for the visually impaired experienced). While the tool itself can read lists we were provided feedback that the nature of our application is extremely graphical and indeed the purpose of our application is to convert tabular textual data into graphics. The JAWS application works better with the raw data which we use as input, therefore users of assistive technology would read the raw source data we use as input which is readily available.
• API: No
• Customisation available: Yes
• Description of customisation: Administrators can add normal user accounts;; All users (both administrators and non-admin) can tailor the views they wish to create, and can save bespoke views of their plans and data. ; The type of customisation they can achieve includes completely designing their own views and saving multiple views, changing symbol colour , shape and text descriptions. They can change the plan activity bars colour, size and text descriptions. ; ; Customisation is all done view the web browser user interface graphical user interface.

Scaling

• Independence of resources: Traqplan is a Cloud Native architecture, consisting of containerised micro-services, and is designed for horizontal scaling. Resources can be scaled to meet demand.

Analytics

• Service usage metrics: Yes
• Metrics types: We can provide metrics on file upload data and time.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users export their data by printing it from within the application. This can be printed to hard copy or to pdf or softcopy using export function provided.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Pdf
  • Hard copy
  • Excel
  • Jpeg
  • Png
• Data import formats: Other
• Other data import formats: Microsoft Project files

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We use Microsoft Azure as our hosting environment and pass through the following service level agreement commitments;; ; 99.9% availability of service and data ; If less than 99.9% availability per month we will return 10% service credit ; If less than 90% availability per month we will return 25% service credit
• Approach to resilience: We prefer not to make this information public, and we will provide this information on request.
• Outage reporting: We report outages via email alerts to the designated customer administrators for the application service.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Other
• Other user authentication: We can also integrate with any organisations bespoke authentication service.
• Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is controlled and restricted using role based access controls.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Less than 1 month
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Less than 1 month
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We are working towards ISO27001 standards and our processes are aligned towards this. Our processes outline responsibility towards security throughout the company and supply base with security terms built into contracts and training rolled out internally. Our governance against our processes is led from the top of the company down with CEO ensuring regular audits are performed. Our incident response process ensures transparency with our customers and builds in lessons learned for continual improvement. These policies are built into our security policies and adherence to our policy standards (or similar) are built into service contracts and employment contracts.
• Information security policies and processes: Our security policies are based on ISO27001 standards as we are working towards ISO27001 certification. ; ; Our documented policies include the following;; (1) Information Security Policy (ISP ) which outlines the security framework, leadership commitment, organisational aspects and operational assurances we are committed to performing.; ; (2) Information Security Management System (ISMS) which goes into specific detail across a broad range of areas per ISO27001 and how we conduct ourselves. ; ; (3) Incident Response Plan which outlines how we respond when an incident is found and repeats our commitment to transparency with our customers and how we involve outside agencies where appropriate including ICO, law enforcement and the customers.; ; (4) Risk Management Process which defines how we assess and pre-empt security risks.; ; Reporting Structure; Our policies define that security is led from the top of the company ultimately through the CEO and evidence of adherence to security policies is a standing agenda item in the company board reviews. The incident response plan defines the reporting of incidents from the point where the incident was noticed directly through the named data security officer with the CEO being informed of every incident.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: New Development or infrastructure: Board reviews major choice of infrastructure. ; ; Quality Testing: Systems components are selected and regularly reviewed for currency, regularity of updates and industry wide adoption. Our system updates do not depend on board review for approval and can be rolled out in faster controlled process to respond to security threats. ; ; We test all changes in a test environment before deploying them to live production systems.; ; We use role-based access to control authorisation to change production systems.; ; Scripted deployment for automatic deployment from source control, eliminates human error, and assures the configuration of deployed software.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We identify and mitigate security issues using the following approach;; (a) we assess vulnerabilities by running automatic audit tools on the software to flag where known vulnerabilities exist and where patches are available.; (b) continuously check for known vulnerabilities against the software systems, components and libraries we use. We apply patches within two weeks to close known vulnerabilities. When no patches or updates exist we assess the risk of the vulnerability to determine the safest course of action.; (c) we get information from CiSP membership bulletins and by news bulletins from membership forums such as the International Systems Security Association.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Protective monitoring – in order to detect attacks and unauthorised activity on the service we employ a combination of automated audit logging and regular analysis of these. If a potential compromise is discovered we look more closely at audit logs and logins to determine if a compromise has actually occurred. In addition, we determine a risk score based upon 3 factors: the likely threats; the likelihood that there was a compromise; the impact of the compromise. We respond within 24 hours.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have a detailed incident response plan document covering processes for all events including common events ; ; Users report incidents through the DPO in written form and verbally.; ; Incident reports are captured in written form and emailed.; ; Our process;; 1) The discoverer captures details and alerts the designated DPO; 2) Incident analysed , categorised and recorded ; 3) Recommend changes to prevent propagation ; 4) Restore the affected system(s) . ; 5) Preserve evidence and permanent log of incident; 7) Notify proper external agencies and customers as appropriate. ; 8) Review response and update policies—plan and take preventative steps so the intrusion can't happen again.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Traqplan have committed to fighting climate change by enforcing a policy of 100% remote working for all employees in order to reduce carbon emissions generated from travelling to a workplace.

  Covid-19 recovery

  Traqplan have committed to the Covid-19 recovery by ensuring that we prioritise recruitment within the UK and focus on delivering exports from 2024 onwards to bolster the UK economy.

  Tackling economic inequality

  Traqplan have committed to tackling economic inequality by ensuring fair and equal opportunity of employment across the lower economic regions of the UK.

  Equal opportunity

  Traqplan have committed to tackling economic inequality by ensuring fair and equal opportunity of employment across the lower economic regions of the UK.

  Wellbeing

  Traqplan are committed to wellbeing by operating a 100% resilience across employee ranks qith a buddy system and mentor system sponsored by all directors.

Pricing

• Price: £15 to £150 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: The trial is available for full access to all the application features for four weeks duration. ; ; This does not include; ; a) bespoke requirements to enable access to the system; b) access to the support SLA
• Link to free trial: https://traqplan.com/

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at colin@traqplan.com. Tell them what format you need. It will help if you say what assistive technology you use.