Compass Ticketing and Reservations
Compass is the complete solution for ferry ticketing and reservations. For turn-up-and-go customers there is desktop ticketing for use in port offices and mobile ticketing for use onboard vessels. Advance bookings can be taken via call centre over the phone or online over the web. Supports smart and ITSO ticketing.
Features
- Inventory and Product Management
- Timetable and Sailing Management
- Turn up and go Ticket Sales using Mobile Ticketing Application
- Reservation Management Call Centre and Online Web
- PSP Integration for card payments with offline payment capability
- Financial Integration
- Rugged/Water proof Mobile Ticketing Machines IP67
- Check-In
- Reporting
- Commercial Account Handling
Benefits
- Increased User Efficiency
- Easy Integration
- Flexible, Robust Ticketing
- Comprehensive Auditing
- Enhanced User Experience
- Improved System Reliability
- Offline card payments in remote areas where no connectivity
- Reduce Costs
- Financial Visibility
Pricing
£4,000 to £20,000 an instance a month
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
5 9 2 7 1 6 0 7 2 1 9 1 9 1 8
Contact
PDMS Limited (Professional Data Management Services Limited)
Catriona Watt
Telephone: +44 (0) 1624 664000
Email: saasenquiries@pdms.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Hybrid cloud
- Service constraints
- No
- System requirements
-
- Windows 10 or above for Admin with Compass Client Software
- Network access from Remote PCs to Compass Back Office
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- A response to a support request can typically be expected to be received within four working hours of the support call being raised, however PDMS will work to agree SLAs with the buyer and can provide higher levels of service where required.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- As standard, PDMS provide support 09.00 - 17.00 Monday to Friday excluding UK bank holidays. The support level depends on the type and scope of the solution being supported, and the support hours required. Please see they SFIA rate card for our standard rates. Technical account management/support engineers are available where required.
- Support available to third parties
- No
Onboarding and offboarding
- Getting started
-
Key User Training for back office data setup.
On Vessel training for pursers.
Training documentation is provided. - Service documentation
- Yes
- Documentation formats
-
- Other
- Other documentation formats
- Microsoft Word
- End-of-contract data extraction
- Data Extracts can be agreed and provided.
- End-of-contract process
-
If the Service is terminated either by the Customer or by PDMS, PDMS will contact the Customer to establish your off-boarding requirements.
PDMS will supply your data to you on Termination as described below;
▪ A standard extract of data in a delimited form to facilitate on-boarding elsewhere. This will include suitable definitions of the extracted files and delimited fields.
▪ Relationships between entities will also be retained/supported through the use of appropriate keys
▪ Bespoke data extract requirements can also be provided on request, but would form part of a service request.
The cost of this is not included in the subscription to the service.
Other mechanisms are available and can be requested by contacting PDMS (either at Take-up or at Termination). Use of another mechanism may incur an additional service charge.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- Yes
- Compatible operating systems
-
- Android
- Windows
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
Mobile Ticketing Applications for use on the vessels runs on rugged Android mobile device.
Desktop Ticketing for use in port offices runs on Windows PCs.
Online web bookings will run in a browser and is fully responsive to the size of the screen on which it is being displayed. - Service interface
- No
- User support accessibility
- WCAG 2.1 A
- API
- Yes
- What users can and can't do using the API
-
XML data extracts for key information held in Compass back office can easily be provided for analysis.
API for timetable enquiries and making new bookings. - API documentation
- Yes
- API documentation formats
- Open API (also known as Swagger)
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
Compass includes a wide range of items that can be customised.
Timetables, Ports, Fare and Ticket Types, Ships/Capacity etc are completely configurable.
Scaling
- Independence of resources
-
PDMS can either host on a highly resilient infrastructure using multiple storage, memory and processing units across multiple locales or on premise if requested by the customer.
Each instance of Compass is allocated dedicated resources which are not impacted by other users.
PDMS holds ISO 27001:2022 Information Security Management System standard certification and Cyber Essentials.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Other
- Other data at rest protection approach
-
Secure Tier 3 Data centres - secure containers, racks or cages, physical access control.
Encryption of Physical media
Safe destruction of physical media.
On premise installations/access agreed with client. - Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
Compass has built in reports that can be viewed on screen, sent straight to a printer or converted to PDF or CSV.
Key reports will also be provided in XML format. - Data export formats
-
- CSV
- Other
- Other data export formats
- XML
- Data import formats
- Other
- Other data import formats
- Data cannot be manually uploaded to the system
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
Service Availability is set at 99.9%.
SLAs can be tailored to meet the needs of each individual customer. - Approach to resilience
- PDMS Software-as-a-Service is hosted on a highly resilient infrastructure using multiple storage, memory and processing units across multiple locales in multiple Data Centres – an architecture aimed at achieving extremely high availability. The Data Centres adhere to best practices described by the EU Code of Conduct for Data Centre Operations, and meet the Uptime Institute Tier Level 3 classification. PDMS holds ISO 27001:2022 Information Security Management System standard certification alongside Cyber Essentials Plus certification. Further information is available on request and also within the Service Definition document.
- Outage reporting
-
Email alerts inform PDMS of any unplanned outage.
Planned outages are communicated to customers via email and telephone well in advance of the outage.
Mobile ticketing can operate completely offline.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Public key authentication (including by TLS client certificate)
- Username or password
- Other
- Other user authentication
- Limited access over private secure network (PSN)
- Access restrictions in management interfaces and support channels
- Access (to management interfaces and support channels) is restricted by least privilege access using active directory accounts with strong username and password combinations. Access is restricted on both a need and time basis with the default being that support staff do not have access.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- Public key authentication (including by TLS client certificate)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- LRQA
- ISO/IEC 27001 accreditation date
- Held since 25/03/2003
- What the ISO/IEC 27001 doesn’t cover
- All areas of the business and our services are in scope.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- NCC Services Limited
- PCI DSS accreditation date
- 26th Sept 2019
- What the PCI DSS doesn’t cover
- N/A
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- As part of its ISMS, PDMS have the following policies and processes; Information Security Policy, Secure Development Process, Acceptable Use Policy, Change Control Policy, Data Classification and Handling Policy, Data Protection Policy, Business Continuity Policy and an Incident Management Process, all of which are governed, managed and audited through our ISO certifications. All policies are owned and regularly reviewed by the relevant departmental manager. It is the responsibility of each departmental manager to ensure that all of their staff follow the information security policies and processes, however compliance is audited by the Quality and Standards Manager, with any issues identified reported to the relevant manager, for rectification. Operationally, Information Security is jointly managed by the Chief Operating Officer and the Quality and Standards Manager, both of whom report directly to the Chief Executive Officer, who has overall ownership at Executive Level for Security, allowing issues that require immediate escalation to be reported to the Executive Team. Operational Issues that do not require immediate escalation are discussed at the monthly management meetings, where it is a standing issue. All issues discussed during these meetings that require escalation are reported upwards to the Executive Team for it to be discussed, where appropriate.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
We have change management processes in place for both system and software changes. These processes are part of the lifecycle of each system or service. They involve the use of tools and technical controls, as well as policies and procedures for our engineers to follow.
All changes are documented and tracked. This includes peer review and approvals before any changes are implemented in our environments.
We control changes and releases through automated pipelines. This provides repeatable, audited, and secure methods for introduction of environment changes.
Notifications from the change management process ensures that relevant stakeholders are aware of the changes. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Firstly, we promptly apply updates from the providers/manufacturers of devices and operating software that constitute our hosting platform. Updates are typically applied within a 14-days of release, barring any exceptional circumstances hindering successful deployment.
Secondly, we employ vulnerability management tools to scrutinise the installed software/configuration within our environments. The data generated is aggregated and examined by our engineers. If modifications are deemed necessary, they are managed through change management processes.
Lastly, through our software development lifecycle, we use code analysis and vulnerability scanners to detect known vulnerabilities within our developed software. This proactive approach addresses potential issues before impacting systems/services. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
We operate systems that gather/process telemetry from a range of aspects related to our hosting/service offerings, extending the scope of vulnerability management system monitoring.
Telemetry provides valuable insight to our operations teams, who maintain security/stability of hosted systems. Identified issues/operational enhancements are prioritised/delegated/resolved appropriately.
Security findings are overseen by qualified engineers, allowing for a customised response/remediation process.
Where telemetry indicates potential compromise, it’s escalated through incident management procedures.
The tools/methods we use continually evolves. As new insights/remediations are discovered, they contribute to ongoing improvement of operational procedures and overall environment. This iterative process ensures systems remain secure, efficient and up-to-date. - Incident management type
- Supplier-defined controls
- Incident management approach
- PDMS allow all staff the ability to report security incidents through a number of methods, including email, telephone, and system based forms. Ultimately all reported incidents are managed by the Chief Operating Officer, who follows the Incident Management Process, which identifies how the incident should be managed, including when to provide updates to any customers that may be affected. Customer Incident Reports are normally provided in a written document. All incidents are reviewed following their satisfactory conclusion, in order to determine what lessons can be learned, in order to improve the process or prevent future occurrences.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
PDMS is committed to reducing our impact on the environment and has held the ISO I4001 environmental certification for over 10 years. PDMS holds the Bronze Level Social Value Quality Mark accreditation which recognises distinction in values-led business that benefits customers, communities, and the planet. It is one of the most rigorously tested standards of its kind in the UK. As part of our certification, we have pledged to develop a comprehensive roadmap to achieve Net Zero by 2023 and offset our carbon emissions. We have a fully documented Carbon Reduction Plan which is published on our website.
PDMS uses an online portal to report and calculate our carbon footprint, which is then forwarded to an external provider for offsetting through carbon credits. In addition, we have recently helped to fund a local carbon credit project by purchasing land that will support a tree-planting initiative with the dual purpose of carbon sequestration and biodiversity enhancement.
We installed solar panels at our Global House head office which now produce 50-60% of our annual energy consumption based on a daytime energy consumption.
Our employees have embraced Treekly, a platform that plants trees for every day they achieve over 5,000 steps, effectively "turning footsteps into forests." This initiative not only promotes reforestation but also enhances both mental and physical wellbeing among our staff.
Chris Gledhill, our founder, is the sector lead for the local Chamber of Commerce Climate Change Programme which enables us to share best practice across the business community. We cover environmental issues as part of our Lunch Time Learning sessions empowering our team to make environmentally conscious decisions both at work and at home.
We also ensure that environmental protection and improvement is a key consideration of any partners or suppliers we work with.Covid-19 recovery
COVID-19 took a toll on the physical and mental health of many people and within our organisation, we have expanded our comprehensive support programme for our staff and their family wellbeing, helping to reduce the burden on local healthcare services. This includes providing paid time off to attend any health-related appointments, access to bereavement support and counselling, externally trained mental health first aiders and private health care. In addition, we have provided all our staff with access to the HeadSpace meditation app to help support mental health app.
We have improved workplace conditions that support the COVID-19 recovery effort by introducing a flexible policy allowing employees to decide whether they want to work from home or in our offices.
We work with our local authority clients who have our employment and skills portal, SignedUp Skills, supporting their work to create employment, re-training and other return to work opportunities for those left unemployed by COVID-19, and new opportunities in their chosen high growth sectors.
During Covid we supported recovery by supporting our clients with various initiatives including rapidly developing a Covid-19 website for the Isle of Man Government.Tackling economic inequality
When working with our clients in central and local government we assess where we can add social and economic value to the local communities both in where our clients work and where we work. We will collaborate with you to ensure that our social value commitments agreed as part of a contract are well aligned with your organisation’s specific social value priorities.
PDMS holds the Bronze Level Social Value Quality Mark accreditation. The Social Value Quality Mark recognises distinction in values-led business that benefits customers, communities and the planet. It is one of the most rigorously tested standards of its kind in the UK. We have pledged to:
Provide opportunities for young people to gain valuable work experience which supports their future employment and to create sustainable employment opportunities in PDMS.
Actively support skills development and knowledge sharing and to promote awareness and understanding of career opportunities in the technology sector to help address the digital skills gap.
Be a force for good in our local communities by investing our time, expertise and money to positively impact people and our environment.
Some of the varied activities we undertake that contribute to our pledges above, in relation to economic inequality, include donating our time to digital sector career talks, career mentoring, mock interview sessions and work buddies. We regularly host work experience students in different parts of our business from development and UX through to infrastructure and marketing. We have a structured apprenticeship programme and one in six of our technical staff originally started with use as an apprenticeship.
Our team are allocated time for mentoring young people schemes including MCR Pathways and the Digital Critical Friends Programme. PDMS is also a key supporter of Junior Achievement; a global organisation that helps provide financial literacy, employability and entrepreneurship education to students.Equal opportunity
We passionately believe in fostering inclusive environments that champion equal opportunity for all, regardless of gender, ethnicity, or background. Our commitment extends across the company ensuring that we have robust hiring practices that emphasis fairness and impartiality. We ensure that all candidates are evaluated solely on their qualifications and also merit based. Our promotion policies are transparent and merit-based too. We actively support career progression for all employees, regardless of their background or working pattern.
Given the gender gap in the technology sector we are involved in initiatives to help address this. We are proud that 34% of our tech roles are performed by females which is above the national average of 26% and we strive for greater representation. Our generous Maternity Pay is 12 weeks full pay and 12 weeks half pay.
We operate a fully hybrid working model, where our staff chose whether to work from home or come into the office and flexible working patterns to suit individual needs.
PDMS has supported the Empowering Women programme through sponsorship and participation. This is a cross-industry initiative, backed by industry and government partners. The programme is unique as it is directed at women who work in digital transformation roles with the aim of building a collaborative and powerful community of emerging women leaders in digital transformation across all industry sectors.
We also support charities that help women and young girls to progress a career in technology such as LoveTech and have STEM ambassadors in our team and focus on promoting awareness of accessibility and diversity in digital design – speaking at third party events and hosting our own webinars to highlight the importance of ensuring that all digital services cater to diverse user needs.
We celebrate diversity, empower women, and work tirelessly to create an environment where everyone thrives.Wellbeing
At PDMS, we promote an open culture around wellbeing and mental health. We conduct regular anonymous staff surveys every six weeks to monitor how staff feel in relation to workload, stress, health and mental health issues. This regular feedback helps form the support we provide to our team. Our Health & Wellbeing score is 8.6 which puts us in the top 25% of technology companies.
We measure our performance, and our results are also benchmarked against other companies in our sector.
We operate inclusive and accessible recruitment practices and have a flexible work policy where our employees decide whether they want to work from home or the office.
We have an internal Wellbeing Team and a dedicated Wellbeing Channel within our corporate intranet along with the following in support of the wellbeing of our staff:
• Externally trained mental health first aiders
• Access to bereavement support and counselling
• Access to private health care including online tools to help support mental health and access to specialist one-to-one counselling covering a range of issues from money worries to a relationship breakdown
• A regular series of talks from external experts on mental and physical health covering topics including nutrition, dealing with stress & anxiety, mindfulness, addiction and posture
• Time off to attend any medical, dentist, opticians, or health related appointments
• Subsidised gym membership to encourage physical activity
• Every member of staff has a minimum of 2 days allocated to undertaking work to support a local charity or not for profit
• Free access for our staff and their family to the HeadSpace app
We also put emphasis on training and continuing professional development supporting paid support for professional qualifications and study leave. We also support a range of different charities that focus on mental health.
Pricing
- Price
- £4,000 to £20,000 an instance a month
- Discount for educational organisations
- No
- Free trial available
- No