MRI Software Limited

MRI Qube PM

Qube PM is an industry leading real estate software application that provides a complete end to end property management solution for over 500 organisations. Our property management solution includes comprehensive property accounting, purchase ledger, maintenance management, document management, diary management, integration with MS office, mobile apps and web portals.

Features

• Service charge management: budgets, caps, multiple schedules, apportionments, reconciliation
• Full property accounting: charging/collecting rents, ground rents, turnover rents
• Comprehensive financial reporting including P&L and balance sheet by property
• Bank reconciliation and links to banking systems
• Maintenance management, both planned and reactive activities
• Diary management: including inspections, rent reviews, lease expiries, gas checks
• Customisable tenant correspondence and demands
• 24/7 tenant/leaseholder self-service portal including tenant payments
• Flexible reporting features, including income analysis and forecasting
• Links with Microsoft products including Outlook and Excel

Benefits

• A fully-integrated solution which streamlines processes
• Significant efficiency savings that facilitate business growth
• Increased control of real estate income and expenditure
• Zero duplication of data provides complete transparency
• Automated and interactive reporting provides business insights
• Customisable user interface and reporting to meet your business needs
• Improved financial reporting provides greater visibility
• Easy to implement and cost effective solution
• Tenant/leaseholder self-service portal reduces operating costs
• Mobile working

£21,000 an instance a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@mrisoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

550858276673948

Contact

Claire Brown
020 3861 7100
tenders@mrisoftware.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: Planned maintenance is typically scheduled outside of regular business hours.
• System requirements:
  • Compatible access devices/operating systems
  • Environment that support the Microsoft RDP client
  • Windows 7 or above

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: MRI’s Global Client Support group will make every reasonable effort to ensure that submitted cases are assigned the proper level of Severity. Submitted cases will be responded to in the order in which they are received, with consideration given for higher Severity levels. Response Time is the time it takes before a Global Client Support agent makes initial contact with the individual who submitted case. Bundled Service (Normal Priority 6 Hours, Serious Priority 3 hours, Critical Priority Live Call Only) Concierge Standard (Normal Priority 4 Hours, Serious Priority 2 hours, Critical Priority Live Call Only)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We include support within our annual fee. Support includes a named Account Manager and a Client Support Helpdesk. The Client Support Helpdesk also serves as the contact for all cloud support requests for trained users. Cases and incidents can be recorded and viewed in the myMRI portal on a 24/7 basis. The myMRI Portal provides clients with information on support cases, regardless of whether a call is logged via a phone call or via the portal. Various information, documentation, forums and resources are also available on the portal.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Our training program is designed to help you achieve the maximum return on investment. During the implementation phase we will train your core project team to have a strong understanding of the system. Your project team will learn how data is structured in the solution, the available configuration options within the standard product and how the specific processes operate. This process involves reviewing your business processes as they are mapped to system functionality. We offer both classroom and webinar training. During this stage, well-designed and executed training helps your users of the system to become proficient and self-sufficient. After commencement of live use of the software, you will have access to a wealth of expertise via the support staff who are eager to assist with client questions and queries related to the system. You will also have access to our client portal for system documentation, user guides, video clips, forums, in addition to the support team.
• Service documentation: Yes
• Documentation formats:
  • ODF
  • PDF
• End-of-contract data extraction: Data can be exported from the system via reporting tools in CSV format to MS Excel which can then be used to import into other applications.
• End-of-contract process: Following termination of the contract (for whatever reason), buyer shall certify that it has returned or destroyed all copies of the applicable software and confidential information of MRI and acknowledges that its rights to use the same are relinquished. Buyer shall use its commercially reasonable efforts to remove all buyer data from any software or SaaS service prior to termination of the contract. Buyer may engage MRI to assist buyer in removing such buyer data at MRI's then standard rates. If any buyer data remains in the software or SaaS service more than thirty (30) calendar days after the effective date of termination, MRI may, in its sole discretion and without notice, delete any and all buyer data.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile apps are available for specific functional areas.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Qube PM’s API is delivered via web services (SOAP and RESTful). The services enable integration with our partners and other MRI applications to provide the ability to create, update or delete data and transfer documents. Where there are specific interface requirements these can be discussed and agreed with the user as part of the project implementation and associated configuration complete in partnership.
• API documentation: Yes
• API documentation formats:
  • HTML
  • ODF
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can select which field colours, fonts and columns are displayed on tables of data and the order of function buttons. Custom notes may be built to store additional data which may be fully reported on. These changes are made through the standard application user interface. The client's defined system administrator can customise the field labels used throughout the system to organisational standards. Users can be restricted to a subset of the data by the use of enforced filters.

Scaling

• Independence of resources: Qube PM SaaS utilises VMware to provide clustered host resource pools (vCPU, RAM, Storage) and features including High Availability (HA) and Distributed Resource Scheduler (DRS) which ensure resources are available to support current and future growth of customer systems. Each customer has dedicated virtual images (Application and Database Server) with appropriate resource reservations (vCPU, RAM, Storage) according to user and business process needs.

Analytics

• Service usage metrics: Yes
• Metrics types: Customer defined Qube PM System Administrators have the ability to run reports to view user metrics/usage (successful/unsuccessful login, session termination, data changes).
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported in multiple ways including Excel, csv, text and xml. We can also develop customer exports as required.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • Text
  • XML
• Data import formats:
  • CSV
  • Other
• Other data import formats: Excel

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We use commercially reasonable efforts to ensure availability twenty -four (24) hours a day, seven (7) days a week, except for: (a) planned downtime (of which we provide adequate notice and will schedule to the extent practicable during the weekend hours), or (b) any unavailability caused by circumstances beyond our reasonable control, including without limitation, Force Majeure events or internet service provider failures or delays. We host our solution in a UK-based Tier 3 data centre that is designed to deliver high availability.
• Approach to resilience: Available on request
• Outage reporting: Salesforce support desk is used to manage customer / support interaction for specific customer system issues. E-mail advisories are in place and used to alert multiple customers / contacts of unplanned outages.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Management interfaces and support channels are managed according to ISO 27001:2013 ISMS controls and processes. The least privilege required for a role principal is followed in all areas. At the implementation phase, we define the principle customer contacts and allow only these authorised users to request management changes. We verify user identity as part of change request process.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Data centre Infrastructure and associated services are managed according to ISO 27001:2013 controls and processes. Qube PM security controls and processes are used to manage the Application Platform.
• Information security policies and processes: Data centre Infrastructure and associated services are managed according to ISO 27001:2013 controls and processes. Qube PM security controls and processes are used to manage the Application Platform.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Qube PM is managed according to ISO 27001:2013 ISMS including technical platform patching (e.g. non-production testing, sign-off), risk assessment and corrective action tracking. Qube PM code is version controlled using Subversion and GIT, allowing code changes to be tracked at line level. The application is built from Subversion or GIT, depending on the component, and subjected to separate Development and Test cycles within dedicated non-customer environments. Releases to the customer are through our ftp site or CD, for the customer to download. An external Application / Penetration Test is undertaken annually against the latest Qube PM Application build.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Data centre vulnerabilities are managed according to ISO 27001:2013 ISMS controls and processes which allow risks to be tracked throughout the risk life (identification, assessment and treatment). Quarterly Scheduled Maintenance is undertaken to ensure that the technical platform is routinely patched to the latest available security guidelines/patches. Short notice (2 hours) Essential Maintenance may be undertaken based on a risk assessment to ensure that critical vulnerabilities are addressed outside of Quarterly Scheduled Maintenance as required. 3rd party security forums and alert services (e.g. ISC) are subscribed to along with automatic security device signature updates.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Protective monitoring and associated responses are managed according to ISO 27001:2013 ISMS controls and processes utilising a mixture of automated features at security device level (e.g. automatic blocking based on severity/signatures) and manual interaction based on alerts (e.g. manual investigation of alert before intervention).
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents are managed according to ISO 27001:2013 ISMS controls and processes which includes a defined "Security Incident Management Policy" including reporting mechanisms for both Information Technology and Physical Security incidents, incident logging, communication to internal and external parties, escalation, reporting, planning, implementation of preventative actions, securing / forensic evidence and continued improvement incident review.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  MRI is committed to managing environmental risks that are material to our business and to reducing our carbon footprint by enhancing the energy efficiency of our operations and reducing the amount of waste that our company produces. We do this by utilising some of our own solutions with sensors in our own offices to assess our space utilization, energy usage and setting a reduction plan. As well as improving our own position, we also look at ways to help our clients work towards using services that have less impact on our planet’s scarce resources. A good example is HomeSwapper, our national mutual exchange solution. HomeSwapper enables tenants to swap homes either locally or anywhere across the United Kingdom with another social housing tenant, often to reduce their commute to work or schools which has a direct impact on carbon emisisons in the region.

  Covid-19 recovery

  We have fully embraced hybrid working and have recently formalised our flexible working model and different types of flexibility offered to all employees. We believe flexible working benefits our employees and the business. Our solutions available on this framework are all available remotely allowing our clients employees, users and contractors as applicable to work from any location in accordance with your approved working practices to allow flexibility

  Tackling economic inequality

  Our employees are all contracted and salaried fairly, in line with the Living Wage standards. All of our employees are paid at least the minimum rates as stated under the current Living Wage. We do not employ anyone on zero hours contracts and have a strong commitment to regularly review salaries in line with our appraisal process. We have a number of apprentices in the business who we are supporting to complete degree level qualifications, who all receive above the apprentice minimum wage. We also offer a comprehensive benefits package for all our staff, which includes health and wellbeing support and access to private health care.

  Equal opportunity

  We work hard to ensure our employees have a voice. Our business has various committees in place, such as a Diversity, Equity and Inclusion Committee and Employee Resource Groups, such as Women & Allies and LGBTQIA+, which help us understand how employees feel about working at MRI and help us drive forward inclusive events. We have also very recently launched our first ERG – employee resource group for Women and Allies. As a business with over 250 employees in the UK we are required to produce a Gender Pay Gap report. We very much welcome this initiative and our reports are available publically on our website. This report shows the impact we have on reducing our Gender Pay Gap and also highlights the many initiatives we have underway to further reduce our gap. This includes the development of our Flexible Working and Inclusive Policies initiatives, educating our People, People Managers and Business Leaders and working with external partners to attract a diverse staffbase.

  Wellbeing

  Work hard, play hard. From the day we opened our doors, we set out to build flexible, game-changing solutions that would make people's lives better. We do this by providing our clients with solutions that enable them to provide better places to live, work, and do business. The only way to carry out that mission is to hire the best employees and keep them. We are dedicated to creating a working environment which supports and develops our staff. Some of the benefits that we offer are: Gym reimbursements, Medical assistance, including mental health tools, Flexible working opportunities, including hybrid working Employee engagement is key to MRI's success and we hold quarterly spirit weeks to both connect and enthuse our teams globally. These weeks are themed and where staff are encouraged to learn about different topics or take part in activities that they might not typically have time for. These include fitness sessions, cooking sessions, engagement with families for those working from home or targeting one big event where we can globally feel like we are one team with the same goal. We also carry out bi-annual employee engagement surveys to ensure employees can express their views.

Pricing

• Price: £21,000 an instance a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@mrisoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.