InJenuity

iSample

iSubmit is an online solution for sample management for employees, eliminations or custody samples. This includes DNA and Fingerprint samples.

Features

Sample management for employees or candidates
Sample management for elimination samples
Sample management for custody samples
Track and manage your samples
Supports DNA and Fingerprint samples
Full audit and continuity tracking
Reporting
Batch update sample status by barcode or file import

Benefits

Improved timeliness of sample management
Full auditing and continuity of the process
Significantly reduced administration of sample handling
Provide instant access to the status of samples

£3,700 to £7,500 a server a year

Free trial available

Service documents

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at matthew@injenuity.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

Contact

InJenuity Matthew Barrett
Telephone: 07533721667
Email: matthew@injenuity.co.uk

Service scope

Software add-on or extension: No
Cloud deployment model: Private cloud
Service constraints: 1. Support is limited to the specified versions of operating systems and other databases.
2. There may be requirements to upgrade IIS, operating system or database version to deal with security vulnerabilities and to maintain a supportable version.
3. There may be downtime in service to undergo maintenance or upgrades
System requirements: SQL Server 2019

Microsoft IIS 10, or above

User support

Email or online ticketing support: Email or online ticketing
Support response times: Support is open between 9am and 5pm Monday and Friday.
We aim to respond to a ticket within 2 hours
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: None or don’t know
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: No
Onsite support: Yes, at extra cost
Support levels: We only provide our standard support service which is included in the price.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: The costs including onboarding the service. This includes installing, configuration and deployment for the client.
Service documentation: Yes
Documentation formats: ODF

PDF
End-of-contract data extraction: This is not applicable as our solution is designed as a gateway to pass scene examination information to other back-end systems.
End-of-contract process: Consultancy can be provided to assist the client to export data into other formats to allow onboarding into other systems.

Using the service

Web browser interface: Yes
Supported browsers: Microsoft Edge

Chrome
Application to install: No
Designed for use on mobile devices: No
Service interface: No
User support accessibility: None or don’t know
API: No
Customisation available: No

Scaling

Independence of resources: The solution is built on scalable technology and will be sized accordingly to the expected concurrency. The solution is also designed to work both online and offline and will just synchronise when available.

Analytics

Service usage metrics: No

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Other security clearance
Government security clearance: Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom
User control over data storage and processing locations: Yes
Datacentre security standards: Supplier-defined controls
Penetration testing frequency: Never
Protecting data at rest: Encryption of all physical media
Data sanitisation process: No
Equipment disposal approach: A third-party destruction service

Data importing and exporting

Data export approach: The solution has an inbuilt reporting tool that allows reports and forms to be provided which can be exported or printed.
Data export formats: CSV

Other
Other data export formats: Microsoft Excel

PDF
Data import formats: CSV

Other
Other data import formats: Excel

PDF

MS Word

Data-in-transit protection

Data protection between buyer and supplier networks: Private network or public sector network

TLS (version 1.2 or above)
Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability: The SLA will be agreed with the client as part of the contract
Approach to resilience: This information is available on request. However, the solution uses a message queue to deal with resilience to deal with situations when services are not available.
Outage reporting: The solution provides emails if a service is down or not available or unexpected errors are generated.

Identity and authentication

User authentication needed: Yes
User authentication: Identity federation with existing provider (for example Google Apps)

Limited access network (for example PSN)

Username or password
Access restrictions in management interfaces and support channels: InJenuity adheres to the the access and support channels of the client if the solution is deployed on their cloud or infrastructure.

For InJenuity managed services access to the application or software is limited to pre-agreed and vetted (SC) staff.

Access to client data will be restricted to time limited periods based on agreement with the client and only by approved and cleared InJenuity staff.
Access restriction testing frequency: At least once a year
Management access authentication: Limited access network (for example PSN)

Username or password

Audit information for users

Access to user activity audit information: Users contact the support team to get audit information
How long user audit data is stored for: User-defined
Access to supplier activity audit information: Users contact the support team to get audit information
How long supplier audit data is stored for: User-defined
How long system logs are stored for: User-defined

Standards and certifications

ISO/IEC 27001 certification: No
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: No
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: No
Security governance approach: We follow the security governance required by the client based on the sensitivity of the data.
Information security policies and processes: InJenuity has documented security policies and processes that are followed throughout the DevOps process. These can be provided at request.

The Data Processor Officer (DPO) is responsible for weekly reviews of software and vulnerabilities. They report directly to the managing director.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: InJenuity have documented processes for change management which can be provided at request.

All components, class libraries and other tooling are actively reviewed for security vulnerabilities.

All changes, including documentation and code, are managed using our DevOps tool. They are managed using agile development processes which are responsible of the product owner.

The code branching strategy supports master branch, and development branch. The development branch manages both features and bugfix change branches.

All releases are managed and approved by the product owner, and the data protection officer.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: InJenuity use a number of methods for assessing potential security threats:
1. Vulnerabilities reported by GitHub
2. Vulnerabilities reported by NuGet manager
3. Actively review online resources such as the CISA known exploited vulnerabilities catalog

Each vulnerability will be impact assessed and the client informed. If there is a known work-around or patch they will be applied at the earliest opportunity.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: If the solution is deployed onto a clients cloud it is expected the client is responsible for the protective monitoring.

For InJenuity hosted solutions Azure Monitor is used to collect and analyse IIS logs. Once an alert is raised we aim to respond within one hour during supported hours.

All solutions provide logging to assist with monitoring and detection.
Incident management type: Supplier-defined controls
Incident management approach: InJenuity have a pre-defined process for raising, investigating and resolving issues via their online support system. This solution can provide users 24 hour access to their incidents along with providing incidents reports.

There is a frequently asked questions area that provides guidance for commonly reported questions.

Secure development

Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks: No

Pricing

Price: £3,700 to £7,500 a server a year
Discount for educational organisations: No
Free trial available: Yes
Description of free trial: The full solutions is provided on a public Azure cloud for a trial period of 2 months. This includes two free days consultancy to configure and provide a system overview to users.

Service documents

Request an accessible format

Cookies on Digital Marketplace

iSample

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents