Defence Information Management Portal (DIMP)

Service scope

Software add-on or extension: No
Cloud deployment model: Private cloud
Service constraints: Although each management information Portal is fully customisable and built to meet customer requirements they are based on core infrastructure components that are shared between all user communities. The DIMP infrastructure and feature set has its own agreed maintenance and release schedules.
GDUK will publish a roadmap setting out a schedule for future baseline updates and will ensure all customers are informed. All changes that impact customer services or business processes will be approved by a Change Advisory Board (CAB) that will include representatives from customers and sponsoring agencies.
System requirements: Access to a DII/RLI Service Delivery Point (SDP)

DII/RLI approved workstation, PC or laptop

User support

Email or online ticketing support: Email or online ticketing
Support response times: All requests will receive a response within 30 minutes
User can manage status and priority of support tickets: No
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: No
Onsite support: No
Support levels: GDUK provides a full support service and has a dedicated Service Management team for each DIMP. All support team members have SC level security clearance with DV staff and crypto custodians also available on site. The team covers the full range of ITIL service management processes and project leads are ITIL V3 expert qualified. All DIMP customers receive the same levels of service.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: GDUK will provide full on-boarding as part of the DIMP core service. On-boarding of customers will involve a customer liaison engineer developing a plan that is designed to reduce the risks and complexity of moving to a cloud based service. Initial user training and familiarization will be provided.
Service documentation: No
End-of-contract data extraction: Service Off-boarding is initiated by the customer through a request to the Service Desk. The process will usually occur after expiration of the service agreement. If the customer requires that their data is returned then a data extraction service will be required. This service can be requested at any time during service provision.
GDUK will make the required data available using media provided by the customer and in line with the data security classification. Where a database or table is part of the service, a separate data extraction service will be required due to the potential complexity and volumes of data involved.
End-of-contract process: Custom portals require a minimum of six months’ commitment and a minimum of three months’ notice. By prior agreement, GDUK can provide a three month short term service.
There are no additional fees for extracting and handing over basic customer data that includes such items as documents and individual files from within a storage area.

Using the service

Web browser interface: Yes
Supported browsers: Microsoft Edge

Firefox

Chrome
Application to install: No
Designed for use on mobile devices: No
Service interface: Yes
User support accessibility: None or don’t know
Description of service interface: GDUK will provide a secure Defence Information Management Portal that is accessible to all MOD staff with a DII, MODNET or RLI network connection using a standard web interface.
Accessibility standards: None or don’t know
Description of accessibility: Service interface is built to comply with MOD requirements using agreed formats, layout and colour schemes
Accessibility testing: Service interface is built to comply with MOD requirements using agreed formats, layout and colour schemes. MOD conformance testing carried out at Service handover.
API: No
Customisation available: No

Scaling

Independence of resources: Our service is aimed at specific MOD users where the capacity of our system exceeds the number of authorised users.

Analytics

Service usage metrics: Yes
Metrics types: Each management Information Portal is provided with a performance dashboard area that details basic contractual performance data including number of support calls, requests and Portal usage statistics along with response and resolution times.
Reporting types: Real-time dashboards

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Conforms to BS7858:2019
Government security clearance: Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom
User control over data storage and processing locations: No
Datacentre security standards: Managed by a third party
Penetration testing frequency: Less than once a year
Penetration testing approach: Another external penetration testing organisation
Protecting data at rest: Physical access control, complying with another standard
Data sanitisation process: No
Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach: A data export is requested by the customer through the service desk.
Data export formats: CSV

Other
Data import formats: CSV

Other

Data-in-transit protection

Data protection between buyer and supplier networks: Private network or public sector network
Data protection within supplier network: Other
Other protection within supplier network: Our service and systems run within the MOD DII (Defence Information Infrastructure)

Availability and resilience

Guaranteed availability: The target percentage availability for all users of this service will be 98%. All measurements are taken over a rolling 4-week period and exclude downtimes due to Planned Maintenance and non-availability of supporting MOD based remote Services e.g. RLI Services, Network availability, DNS, SMI etc. The financial recompense model is based around a service credits. The model is agreed with the customer for each service deliverable and will typically consist of a service credit of up to 100% of the period’s service payment depending on the duration, cause and impact of the breached SLA.
Approach to resilience: Details of our approach to system resilience is available on request.
Outage reporting: There is a service notification and availability portal available to users.

Identity and authentication

User authentication needed: Yes
User authentication: Username or password
Access restrictions in management interfaces and support channels: Management and support channels are not published on the client side.
Access restriction testing frequency: At least every 6 months
Management access authentication: Username or password

Audit information for users

Access to user activity audit information: Users contact the support team to get audit information
How long user audit data is stored for: At least 12 months
Access to supplier activity audit information: Users contact the support team to get audit information
How long supplier audit data is stored for: At least 12 months
How long system logs are stored for: At least 12 months

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: British Standards Institute (BSI)
ISO/IEC 27001 accreditation date: 18/12/2022
What the ISO/IEC 27001 doesn’t cover: We do not declare any exclusions against the requirements of ISO27001
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: Yes
Cyber essentials plus: Yes
Other security certifications: Yes
Any other security certifications: Defence Security and Assurance Services (DSAS) Accreditation to IL3

BS EN 9100, ISO 9001 in accordance with EN 9104:P1

Security governance

Named board-level person responsible for service security: No
Security governance certified: Yes
Security governance standards: Other
Other security governance standards: Defence Security and Assurance Services (DSAS) – Accreditation to IL3
Information security policies and processes: The DIMP is hosted on DII and is cleared and accredited to hold information up to and including “Official-Sensitive” (IL3). It is accessible to all DII users and MOD industry partners who have an RLI Service Delivery Point (SDP).
The DIMP hosting facility is located within a type 1 MOD data centre. All infrastructure at the hosting site is subject to a biannual IT Security Health Check (ITSHC). ITHSC activities and schedules have been agreed with the CESG RLI/DFTS Accreditor.
It is important to note that all users of the system must abide by the RLI code of connection. All customers and end users requesting use of any of the services offered must be appropriately Security Cleared and evidence provided to GDUK before service delivery can commence.
In addition the Customer must possess List-X premises and ensure that information derived from the DIMP is properly protected. The customer and end user are responsible for the protection and control of any data output produced during the service duration. Data output including all reports will be marked “Official-Sensitive”.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: All service components are managed within ITIL conformant change and configuration management processes. All changes are approved by the CESG RLI/DFTS approved accreditor.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: A dedicated security team are tasked with maintaining system security and vulnerability management. Bi-annual penetration testing is carries out with activities and schedules agreed with the CESG RLI/DFTS Accreditor.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: A dedicated security team is tasked with monitoring all systems and services and respond appropriately.
Incident management type: Supplier-defined controls
Incident management approach: A fully ITIL conformant service desk is available to all customers to manage Incidents and Service Requests.

Secure development

Approach to secure software development best practice: Supplier-defined process

Public sector networks

Connection to public sector networks: Yes
Connected networks: Other
Other public sector networks: Restricted Lan Interconnect (RLI)

Social Value

Fighting climate change
Tackling economic inequality
Equal opportunity
Wellbeing

Fighting climate change

As an organisation committed to good corporate citizenship, sustainable business practices, and community support in an ethical and responsible manner, we’re committed to reducing our global environmental impact through continuous improvement.

As you may have seen, the government committed to end its contribution to global warming by 2050, setting the target to bring all greenhouse gas emissions to net zero. To support this, a new selection criteria was recently introduced, requiring major government contractors to support the target by publishing a Carbon Reduction Plan – you can access our plan here:

https://generaldynamics.uk.com/wp-content/uploads/2023/12/GDUK-Carbon-Reduction-Plan-2023.pdf

The Company is concerned not only with its direct impact on the environment, but also any indirect effects caused by the Company’s activities affecting its neighbours and the local community. To support this, the company is accredited to both of the International Standards ISO 14001 (EMS) and ISO 45001 (OHS).

Our Environmental Policy Statement articulates the Company’s commitment to sound environmental management.

This policy shall be upheld through the following:

Implementation and maintenance of an Environmental Management System in line with the International Standard BS EN ISO 14001
Maintaining effective environmental control procedures for all significant environmental aspects of the Company’s undertakings
Commitment to comply with all legal and regulatory requirements relevant to the Company’s activities
Commitment to prevent pollution and to avoid the use of hazardous materials on site and in products wherever practicable
Setting of objectives and targets on a regular basis in line with our commitment to continual improvement of the Environmental Management System
All employees are expected to observe sound environmental practices and to support the Company in its environmental objectives.

In the latest assessment by Carbon Footprint Ltd., we received certification for our recent efforts in reducing our footprint. We remain committed to addressing the climate crisis and striving for environmental quality.

Tackling economic inequality

At General Dynamics United Kingdom Limited, community involvement is at the core of our mission. We actively form strategic and academic partnerships, volunteer time and participate in charitable, academic and military-related organisations. We are dedicated to supporting our communities and giving back to them in the same way that they give to us.

We are proud of the support we offer to: -

Llamau: Helping to eradicate homelessness for young people and vulnerable women in Wales.

The Coalfields Regeneration Trust: Supporting and improving the quality of life for people living in former mining towns and villages by helping them secure employment, increase skills, and enhance their health and wellbeing.

Equal opportunity

At General Dynamics United Kingdom Limited, we recognise the unique contributions of each of our colleagues are key in our ability to drive innovation. We proudly support a culture of inclusion and encourage a work environment that respects diverse opinions, values individual skills and celebrates the experiences each of us bring to our workplace. We continue to work to improve representation of diverse talent at all levels to reflect the communities in which we operate.

We believe gender equality, diversity and empowerment are paramount to creating an inclusive community for all. As such, we were among the first to sign the Women in Defence (WiD) charter and revalidated our commitment to improve gender balance in the defence sector in 2023. We also support Women Empowering Defence (WED,) who champion gender equality and advocate for change within the defence and security sector.

We recognise the challenges of creating a truly equal workplace and are committed to promoting and advancing the careers of women in the defence sector.

Read our Gender Pay Gap Reports: https://generaldynamics.uk.com/wp-content/uploads/2023/04/Gender-Pay-Gap-Results_Mar-2022-2.0-1.pdf

As a Disability Confident employer, we have committed to:

Ensuring our recruitment process is inclusive and accessible
Communicating and promoting vacancies
Offering interviews to disabled people who meet the minimum criteria for the job
Anticipating and providing reasonable adjustments
Supporting existing employees who acquire a disability or long-term health condition

Wellbeing

At General Dynamics United Kingdom Limited, community involvement is at the core of our mission. We actively form strategic and academic partnerships, volunteer time and participate in charitable, academic and military-related organisations. We are dedicated to supporting our communities and giving back to them in the same way that they give to us.

We are proud of the support we offer to the following charities:

Army Benevolent Fund – The Soldiers’ Charity: The Army’s national charity, for soldiers, past and present, and their families for life.

The Ghurka Welfare Trust: Providing financial, medical, and development aid to Gurkha veterans, their families, and communities.

Combat Stress: Providing clinical treatment and support for veterans from the British Armed Forces, with a focus on those with complex mental health issues.

Llamau: Helping to eradicate homelessness for young people and vulnerable women in Wales.

The Coalfields Regeneration Trust: Supporting and improving the quality of life for people living in former mining towns and villages by helping them secure employment, increase skills, and enhance their health and wellbeing.

SSAFA: Supporting the armed forces community and providing direct support to individuals in need of physical or emotional care.

We believe gender equality, diversity, and empowerment, are paramount to creating an inclusive community for all. We are also proud signatories of the Women in Defence charter and supporters of Women Empowering Defence.

Pricing

Price: £13,200 an instance a year
Discount for educational organisations: No
Free trial available: No

Defence Information Management Portal (DIMP)

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

Defence Information Management Portal (DIMP)

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents