MIS Active Finance

ActiveF finance software

ActiveF is a cloud native Accounting software SaaS Solution. The solution covers accounting, treasury, supplier management, customer management, reporting and budgeting/forecasting.

Features

• Accounts Payable
• Accounts Receivable
• Treasury
• Asset & Liability registers
• Tax calculations and integrations
• Group Consolidations
• Foreign Exchange Management
• Reporting
• Budgeting & Forecasting
• CIS & Component Accounting

Benefits

• Accounting Compliance and resilient processes
• Integrated Treasury functionality
• Housing Management Integrations
• CIS/RCT calculations
• Cloud Native SaaS
• Speed, Resilience & Responsiveness
• 99.99% SLA
• Immutable database
• Social Housing specialism
• Community of Reporting

£4,500 a unit a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrewm@miscs.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

535619036060720

Contact

Andrew McLaughlin
07900901102
andrewm@miscs.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: ActiveH
• Cloud deployment model: Public cloud
• Service constraints: The solution is only available as SaaS.
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 4 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: None currently. Due later in 2024
• Onsite support: Yes, at extra cost
• Support levels: Incident Management Target Response Times (covered within subscription fee); P1 1 hour; P2 1 hour; P3 4 hours; P4 4 hours; P5 1 day; ; New Features; Once evaluated and accepted into the pipeline the target delivery is 4 weeks. If they are enhancements for all customers then it'll be delivered at no additional cost.; ; Accounting & Technical Support available through the support desk.; ; Requests for Change to be assessed on individual merits.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We deliver a system overview and support the customer with the configuration and historic data import.; Digital training material is also available in written and recorded formats.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Mp4
• End-of-contract data extraction: Request an extract routine or utilise the system functionality to export it themselves.
• End-of-contract process: Service is on a subscription approach and will require 3 months notice. A requested data extract will come with a charge however a customer can do this themselves at not additional cost.; ; Customers can moth ball the solution and slim it down to minimum users and maintain as a live copy of the data at a reduced cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No differences in terms of features
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The solution is built on a 'tasking' principle so all parts of the solution are sending tasks to be processed either automatically or with manual intervention from a user.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Basic in-house testing currently. This is due to be independently assessed in September 2024.
• API: Yes
• What users can and can't do using the API: The solution is built around a front-end API approach meaning that with appropriate token based authentication the APIs can be utilised.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The software contains approximately 30 configuration screens that enables the setup to be customised to the users requirements. The software itself is not customisable as each customer is utilising the same fundamental system. This is better described as highly configurable rather than customisable and it delivers a better outcome for customers.

Scaling

• Independence of resources: Cloud native SaaS design is spread across 6 datacentres and is infinitely scalable as a consequence. No user or customer can affect any other adversely.

Analytics

• Service usage metrics: Yes
• Metrics types: Users; Asset Numbers; Number of processes run; Availability SLA
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Utilise the tools provided in the solution.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: Xls
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.99% availability; Service credits available for repeated breaches (3) over a 6 month rolling period or a drop below 99.50% availability in a single period
• Approach to resilience: It’s available on request
• Outage reporting: Email alerts to affected customers

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
• Access restrictions in management interfaces and support channels: Permissions within the system restrict what the users can and cannot undertake.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus
• ISO/IEC 27001 accreditation date: 06/03/2024
• What the ISO/IEC 27001 doesn’t cover: All aspects are covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • ISO27001
  • ISO9001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We follow ISO27001 with security monitored continuously and reported to CAB and senior management no less than weekly.; We maintain a minimum security assessment score via a third party solution which is monitored weekly with proactive alerts if a new vulnerability is identified.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All changes are logged, impact assessed for functional and non-functional aspects and assigned for remedial actions, peer reviewed and deployed. Security vulnerabilities are prioritised and resolved within 5 working days, but often within 1 day.; Product lifecycle is managed through an enterprise solution to ensure configuration and change management maintains compliance to ISO27001.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Threats are assessed weekly and openly discussed within the team. Vulnerability scanning software is deployed to manage the risk and support performance to be 1st class.; There is no outage for patching due to the software design.; Information sources for vulnerabilities comes from a multitude of avenues and is recorded in our ISO documentation.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Vulnerability scanning and security scoring are used to maintain a healthy and secure ecosystem.; When identified the vulnerabilities are investigated and prioritised for resolution.; Typical response rate is 1 day, but we advise 5 as the target.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Pre-defined service desk processes that are tried and tested with our other businesses.; Incidents are linked should a Problem occur.; Users have a link to the service desk inside the solution and via an external link.; Incident reports will be shared during account/service management meetings.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At MIS:AF we are implementing plans to reduce internal carbon emissions. We have dramatically reduced our carbon emissions by actively encouraging online client meetings, where possible. We have successfully reduced our Carbon Dioxide levels, for example, year-end September 2022 our overall company 7.36 - tCO2e (tonnes (t) of carbon dioxide (CO2) equivalent (e)) with a reduction of 0.61 tCO2e in year-end September 2023. We are also reducing our electricity usage and have evidenced a 0.20 tCO2e reduction.

  Covid-19 recovery

  During the coronavirus pandemic. MIS recognised that due to the pandemic causing redundancies and uncertainty there was an 81% increase in demand for food parcels, and most worryingly of all, the number of parcels given to children increased by 122%. As a result of this frightening statistic, MIS decided to launch the Food for All campaign, a campaign which would see MIS donate £20,000 to foodbanks across the UK & Ireland and forging good links with the Trussell Trust in various regions in the process.; ; MIS have customers from all over the UK & Ireland, so as part of the Food for All campaign we took it upon ourselves to donate £1,000 to two foodbanks, every week, for ten weeks. Each week would be dedicated to a different region. We started in our heartland of the Northwest and then moved onto Scotland, Yorkshire and the Humber, North East of England, East and West Midlands, Wales and the South West, South East England, East of England, Greater London and Northern Ireland. However, we didn’t just select foodbanks from these locations on our own accord. As there is so many excellent and well-deserving foodbanks across the UK, we required our customers’ assistance. We asked our customers to provide the foodbank that they feel is most deserving in their region, and why, to help with our selection.

  Tackling economic inequality

  In 2023, MIS started working closely with Keele University and following its long-standing work in Social Housing and Emergency Services, MIS created the Stewart Mclaughlin Scholarship program at Keele for disadvantaged students in the Paramedic degree course. This awards a student with a donation covering one year of their accommodation fees. ; ; In addition to the above, MIS has supported; customers awards, ‘Give and Gain’ days, estate walkabouts and have attended a number of CIH research trips over the years to help drive efficiency within the industry. One of the social areas MIS is most proud of is our Student Placement program. The MIS Student Placement program has been in place since 2014 and involves MIS taking between 1 and 3 student placements each year as part of their IT University placement year course. Although this is an excellent way of providing real life experience within a business, what MIS are most proud of, is the fact that every single placement student has managed to secure a job once they have finished their course due to the level of training they had received.

  Equal opportunity

  We achieve equal opportunity from the start of our employment by implementing rigid recruitment processes. Recruitment, promotion and other selection exercises is conducted on the basis of merit, against objective criteria that avoid discrimination. Shortlisting is done by more than one person possible and at least two interviews are carried out before employment. Vacancies are generally advertised to a diverse section of the labour market. ; Advertisements avoid stereotyping or using wording that may discourage particular groups from applying. Job applicants do not ask questions which might suggest an intention to discriminate on grounds of a Protected Characteristic. For example, applicants are not asked whether they are pregnant or planning to have children. Job applicants are not asked about health or disability before a job offer is made, except in the very limited circumstances allowed by law: for example, to check that the applicant could perform an intrinsic part of the job (taking account of any reasonable adjustments), or to see if any adjustments might be needed at interview because of a disability. ; Once in employment at MIS, staff training will be identified through regular staff appraisals. All workers will are given appropriate access to training to enable them to progress within the organisation. All promotion decisions will be made based on merit. Where appropriate, steps will be taken to identify and remove unnecessary or unjustifiable barriers and to provide appropriate facilities and conditions of service to meet the special needs of disadvantaged or under-represented groups.

  Wellbeing

  One of our products, ActiveC, an omni-channel contact centre tool, contains 'sentient analytics' technology, which identifies, in real-time, if a caller shows signs of distress, which is flagged and the appropriate mitigation can be actioned and the situation monitored. ; ; In relation to MIS employees, we have built a family-run, open, honest and friendly atmosphere, which is evidenced by our high staff retention levels. We do, however understand that it takes individuals to make a team and all staff members partake in very regular one to one meetings with their line manager, where wellbeing is discussed as a priority. Additionally, we have trained four staff members on mental health awareness and mentoring.; ; We undertake welfare calls with staff when there is a specific need and keep in touch with them throughout difficult times.; We listen to staff feedback and we take on board good suggestions for improvements.

Pricing

• Price: £4,500 a unit a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: The software is free for the first month whilst it is being configured.; This can be extended whilst the usage is low.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrewm@miscs.com. Tell them what format you need. It will help if you say what assistive technology you use.