MHR

Microsoft Dynamics Finance / IBM Planning Analytics / CCH Tagetik

MHR provides best of breed finance solutions. Operating standalone or fully integrated with our own payroll and HR solutions. Working with 3 best of breed vendors, Microsoft, IBM & Business Central. Providing end to end finance including core financials, procurement, supply chain, operations, budgeting/forecasting, group consolidation, disclosures and compliance reporting/analytics.

Features

• Best of Breed’ finance solutions
• Seamless intergration with HR & Payroll
• Cloud or on Premise
• Managed service packages available
• Automated workflows
• Access from any device, PC, Mobile or Tablet
• Legislative updates to ensure compliant solutions
• Real-time reporting, standard reports and advanced analytics, management dashboards
• Advanced customer support portal
• Tried and tested DataMart solution

Benefits

• Best of Breed’ end to end finance solutions
• Seamless intergration with HR & Payroll
• Cloud or on Premise
• Managed service packages available
• Automated workflows
• Access from any device, PC, Mobile or Tablet
• Legislative updates to ensure compliant solutions
• Real-time reporting, standard reports and advanced analytics, management dashboards
• Advanced customer support portal
• Tried and tested DataMart solution

£57.50 a licence a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at G-cloud@mhr.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

795539843071409

Contact

Mary Watkinson
0115 945 6000
G-cloud@mhr.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No
• System requirements: Minimum server specs which is technology specific

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We aim to call every case back raised within 2 hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: All our customers receive the same service level, our standard support includes: • Service Desk logging, available via the portal or by telephone, the manned service desk available from 09:00 to 17.00 hours (Monday to Friday excluding English Bank Holidays). • Through the dedicated support line customers are able to contact the service desk whereupon each call is given a unique reference number. The call is assigned to the appropriate member of the support team for resolution and is owned and tracked at all times by the service desk. • a Customer Portal where customers can log new calls, track the progress of open calls, browse frequently asked ques-tions (FAQs), view closed calls and receive forward notice of imminent releases. A rolling two week patch and fix schedule is published on the extranet, as is an up-to-date list of all existing patches and fixes. • the customer portal comprises a powerful search facility of existing support materials (e.g. documentation, articles, patches, calls) and is available 24/7. • an account manager who will discuss with you your ongoing support. Regular scheduled meetings with your account manager ensure you are able to obtain the most from your implementation.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: This is mapped out through one of our consultants with the customer using our standard design documentation.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: There are a number of ways to extract the customer data at the end of the contract which include flat file, CSV or by using a BI tool. If the customer wishes MHR to do this, we will charge the standard consultancy rates for the number of days effort required.
• End-of-contract process: There are a number of ways to extract the customer data at the end of the contract which include flat file, CSV or by using a BI tool. If the customer wishes MHR to do this, we will charge the standard consultancy rates for the number of days effort required.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Responsive design detects screen size. This automatically adapts its user interface to best suit the device being used to access. The majority of tasks can be completed using mobile devices. Limitations to mobile devices reside more around setup and system configuration.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Our finance solutions are web based and designed to be accessed over the internet via a web browser for all aspects of the solution. Supported for use on laptops, desktops, thin clients and mobile devices including smartphones and tablets and supported for use on mainstream browsers including IE, Edge, Chrome, Firefox and Safari. Mobile devices supported include Android and Apple and access using devices native browser.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: Shared data between Payroll, HR & GL
• API documentation: Yes
• API documentation formats: Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Whether it is consultancy, training or support, we can customise to suit and also offer managed service solutions, the technology can be adapted to deliver as per client requirements, however the underlying property rights remain with the vendor (i.e. Microsoft/IBM/CCH Tagetik).

Scaling

• Independence of resources: Through a SAAS model and dedicated tenant environments with scalability discussed at the outset.

Analytics

• Service usage metrics: Yes
• Metrics types: User driven dependent on requirments.
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft Dynamics / IBM Planning Analytics / CCH Tagetik /

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Data protection is dependent on the partner SaaS solution provided.
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can easily imported and exported via inbuilt 2-way ETL's.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel
  • PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Excel
  • PDF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: Data protection is dependent on the partner SaaS solution provided.
• Data protection within supplier network: Other
• Other protection within supplier network: Data protection is dependent on the partner SaaS solution provided.

Availability and resilience

• Guaranteed availability: 99.5%+
• Approach to resilience: Microsoft; https://docs.microsoft.com/en-us/compliance/assurance/assurance-data-resiliency-overview; ; IBM; https://www.ibm.com/docs/en/i/7.1?topic=availability-data-resilience
• Outage reporting: MHR use a host of tools to ensure all aspects of the service are being monitored, and where needed, alerts are configured. Notifications are configured in the event of an alert, emails, text messaging and on-screen notifications are sent. On-screen real time dashboards are available on display in the office as well as being available remotely. Any outages or issues are promptly notified to affected customers by telephone, email and through the service portal. MHR operates 6 maintenance windows per year which take place out of hours (Fri - Mon) and are notified to the customer a year in advance.. For up-grades and patches to customer environments, necessary work is communicated to customers with plenty of notice. Customers can then schedule a suitable time for work to be completed by MHR's hosted IT team.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: For the application layer, we pass responsibility to the customer to control access using iTrent’s security profiles.; Data and functionality access is assigned according to user definable security profiles. Once the user has logged on with their password, they will be granted access according to security profile. Access to data may be controlled at functional/screen/field level. Access to list content can be restricted with access defined as, fully editable/read-only/non-visible.; When accessing support, user accounts are created on MHR’s Service cloud portal. These are linked to an email address. Support calls are verified on details, such as address/email address/phone number etc.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Description of management access authentication: MFA is a requirement for all iTrent access. Access to iTrent is controlled via username and password authentication. iTrent can authenticate users against a central identity provider (IDP) such as Azure AD and Google, using SAML 2. MFA can then be enabled through the identity provider. ; Where a customer may not have their own IDP solution to integrate, authentication is provided using MHR’s iTrent Shield MFA solution. This utilizes Microsoft Azure AD B2C.; Each of the above offerings can be used on their own or together in hybrid mode. Both can provide multi factor authentication to the solution.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyd's Register Quality Assurance Limited
• ISO/IEC 27001 accreditation date: 25/06/2020
• What the ISO/IEC 27001 doesn’t cover: N/A as covers all areas of the business.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: SOC2 reporting and control framework, audited by KPMG to ISAE3402

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: SOC2
• Information security policies and processes: We have 21 policies covering security. Our security policies and processes are all aligned to ISO27001 standards.; Here at MHR, we take data security very seriously, by implementing and constantly improving our Information Security Management System and supply chain; to ensure your information is protected, giving peace of mind to your business. This is a rigorous, structured and independently verified system of data processing; overseen by our in-house team of specialist security, compliance, data protection and software experts, who all to ensure compliance, as well as the protection of your company and employee data.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: MHR operate a change board chaired by IT director, we have a configuration management database, which is SharePoint for HROIT and ManageEngine for Internal IT. This forms part of our ISMS in line with service change control, ISO27001:2013. The customer change control process is built in line with ISO9001:2008 and ISO27001:2013, any changes of customer environments are all performed through a signed off change from both customer and MHR.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Infrastructure within MHR’s datacentres are regularly scanned using QualysGuard. Authenticated scans are performed to identify vulnerabilities. This data is supplemented by threat intelligence form NCSC, CERT and security industry bodies to feed vulnerability/patch management processes. The infrastructure is patched as required. Systems are regularly scanned by our Qualys suite to ensure all devices are at the required patch levels MHR perform an annual CREST penetration test of the software, hosted service and corporate network. Customers work with MHR to perform their own penetration tests as part of the due diligence process. In 2017 there were around 20 penetration tests conducted.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: MHR has its own professional hosted IT team that monitor the service and infrastructure 24/7/365. Additionally the security system is monitored for exploits and vulnerabilities by our security partner 24x7x365 using a specialist Security Operations Centre. All perimeter devices are monitored real time using a SOC operated by Orange Cyber Defence to a service level where all critical events are responded to within 30mins.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: MHR has our own in-house security team with forensic tools; in addition, we are supported by a 24x7x365 SOC team from OCD and can call on incident response specialists from our security supply chain or through the cyber insurance we hold. We aim to notify any impacted customers as soon as possible in the event of MHR becoming aware of any incident involving their systems/data. We contact the customer through CRM/Service Desk authorised contacts and start joint investigation process using WebEx/secure mail.; All incidents undergo full investigation including root-cause analysis.; MHR incident management procedures require all staff to log incidents.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks: Cloud based deployments so can be accessed as required

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  MHR know the impact our business has on the planet, and we’re committed to the actions we need to take to reduce our carbon footprint. https://mhrglobal.com/uk/en/about-us/sustainability. We have implemented an Environmental policy agreeing to:; • Become carbon neutral by 2028 scope 1/2 operations. ; • Reach net zero by 2050. ; • Encourage net-zero practices with suppliers. ; We’re striving to exceed energy standards having installed 400 solar panels. Double thermal insulation in roofing areas/external walls, triple glazed windows, LED lighting with occupancy sensors, centrally controlled heating/cooling systems. Our electricity is 100% REGO backed renewable sources we have reduced our carbon emissions by 38.4% in 2023. All servers in our data centres on a 5-year refresh programme, ensuring the latest technologies are used. Server virtualisation is used replacing physical servers, and run at 65/75% capacity, reducing under-utilisation. Additional measures in our data centres include: ; • Upgraded disaster recovery data centre to free air cooling, reducing energy consumption by £30,000 per annum. ; • Using disaster recovery hardware for test/development infrastructure, ensuring full utilisation of all hardware rather than systems sitting idle. ; • Use of metered power supplies throughout our data centres ; • Growing usage of cloud services ; We recycle 98% of waste and are eliminating single use plastic providing reusable BPA free water bottles, and biodegradable Vegware disposable cups/cutlery/food packaging. We introduced PlanetMark this year which will provide us with independent verified assurance of our carbon footprint including Scope 1, 2, and 3 emissions. MHR is working towards ISO14001 (May 2024).; MHR believe that high overall levels of employee education/interaction and facilitate an employee Sustainability Social Group. The group is an open forum for everyone to share/discuss our Sustainability Strategy including graphical data updates on progress. MHR environmentally screen new/existing suppliers allowing us to monitor direct/indirect emissions of suppliers, encouraging a sustainable supply chain.

  Covid-19 recovery

  Through our software and services, we have been able to support our customers (and their local communities) to adapt to the new ways of working imposed by COVID-19. The web-based nature of our solutions meant customers could still access the software remotely to pay employees accurately and on-time, and employees could be engaged through system communications.; Our product design team responded promptly, releasing functionality to assist customers with calculating and reclaiming payments under the Coronavirus Job Retention Scheme. All developments were completed and delivered at no charge to customers.; We also offered free-of-charge online advice and guidance sessions on key topics such as:; • the remote mobilisation of workforces; • changing government legislation; • furlough and holiday leave extension; Our Managed Payroll Service continued to operate as normal, delivering payrolls with normal high levels of accuracy, and emergency payroll services to support customers who needed it. ; All implementations were, and continue to be, conducted remotely, ensuring the safety of both our clients and our employees, and that crucial HR and payroll operations continued and employees were paid on-time. We have multiple technologies to support this including Microsoft Teams, Skype and WebEx, to ensure we can continue all communications with no delay to the project.; Internally at MHR, we operated as BAU, with no employees placed on the furlough scheme and instead creating new employment opportunities for our local community. ; We take the physical and mental wellbeing of our employees very seriously and implemented several initiatives and procedures to ensure they remained comfortable and happy during this challenging time. (E.g. MHR employees have access to 7 trained Mental Health First Aiders, an Employee Assistance Programme and the Smart Health GP App. We also kept in regular contact with our employees through our HR dashboard, promoting virtual baking clubs, competitions etc.)

  Tackling economic inequality

  MHR provides roles for over 850 people, hiring local talent and raising awareness of employment opportunities; we are constantly injecting income and support back into our local community. We work with local business, using local tradespeople/craftspeople for our building/restoration work of Ruddington Hall. MHR ensure that at least 60% of the suppliers we use are sourced within a 30-mile radius, creating a positive economic impact. ; Improving Lives is a registered charity, working with people with complex health/social needs. Our internal training team have completed several sessions with the volunteers, providing training on Microsoft Word, Excel and PowerPoint, designed to help the volunteers run internal workshops for service users, helping them apply for jobs, create budgets, CVs and presentations. Last year MHR dedicated over 67 hours on regional school visits, offering 31 work experience placements to pupils. We support Founders 4 Schools facilitating inspirational talks for young people, from less advantaged backgrounds, working with schools around STEM skills promoting careers paths within tech industries/emerging trends. ; MHR has a culture of employee development with a suite of over 200 free personal/professional development courses accessible to all staff. Over the past 5 years, 50 employees have completed their CIPP and CIPD qualifications, several employees have completed their CIM qualifications, Prince 2, ACCA, CIMA and Mental Health First Aid. ; MHR future-proof products/services through re-investing 22+% of annual revenue into research/development. iTrent’s cloud-based products/software are highly scalable with the ability to handle increased workloads, add/remove users with minimal cost/impact. Customers can streamline processes using workflow/employee and manager self-service. MHR’s managed service centre use state-of-the-art payroll automation, reducing manual processing time/eliminating human error, negating paper usage. Our professional services team operate a 100% remote delivery, reducing downtime/travel costs whilst maintaining the same level of service/communication (see case study at https://mhrglobal.com/sites/default/files/2021-03/Cherwell_Case_Study.pdf).

  Equal opportunity

  MHR ensures that its most important resource, its employees, are treated fairly and that diversity of employees' backgrounds and other characteristics are used to the advantage of the individual and the business. We do not treat applicants unfavourably based on their Protected Characteristics, ensuring that there are equal opportunities at all stages of the recruitment/promotion processes. We believe that an individual’s disability, ethnicity, sexual orientation, and gender identity should not affect whether they get a job, benefit from training, or get promoted. MHR believes that all employees should receive equal pay for the same or broadly similar work, https://www.mhr.co.uk/gpg-report/; At MHR we champion diversity and inclusion, making sure that everyone in the company feels welcome and at home. All staff participate in mandatory equality, diversity and inclusion training sessions including accessible e-learning material via our Learning Management System. Participation is monitored and recorded through our HR department with reminders sent to those who have not enrolled. MHR strive to bring everyone together and celebrate each other’s individuality through our staff community pages on our internal social feed. We have celebrated International Women’s Day with a breakfast event for all, including a chance for all staff to identify their inspirational women https://mhrglobal.com/uk/en/blog/mhrcelebrates-international-womens-day-2023?term=international+women%27s+day We utilise our employee platform to encourage all staff to celebrate their cultures and way of life and several staff have set up groups and events to celebrate this across the business.; We perform a regular audit of supplier’s policies/websites to monitor the risk of modern slavery. We strive to work with our partners to raise standards so that their employees are paid a living wage and are not subject to forced, compulsory, trafficked or child labour. Our Chief Officers have responsibility to ensure that organisations demonstrate these qualities. Our statement can be found on the website at https://mhrglobal.com/uk/en/modern-slavery-statement

  Wellbeing

  We recognise the importance of supporting the physical and mental wellbeing of our people. We have implemented several measures that supports and promotes employee wellbeing with visible, long-term commitments to mental/physical health including: ; • Supportive workplace where employees understand and can discuss mental health and wellbeing through our mental health first aid team, mentoring programme, and dedicated wellbeing platform on our employee community page. ; • Support for employees to manage their own mental health and wellbeing, encouraging them to achieve their wellbeing goals utilising our employee assistance programme or taking advantage of discounted healthcare options and gym memberships. ; • Home Working and Digital Solutions–using Online Communication, Webinars and Video Conferencing enabling a work-life balance for employees, contributing to clean air and reduction in carbon emissions in the community. ; • Our Smart GP offers employees unlimited access to a Virtual GP as well as health and wellbeing experts for employees enabling them to receive an immediate response. ; • Employees can access confidential support with mental, financial, physical, and emotional well-being though our LifeWorks programme. Supporting employees with questions about handling stress, parenting, and childcare, managing money, or health issues. ; • Actively contribute to raising awareness/understanding of health and wellbeing. With several initiatives throughout the year and regular mental health awareness workshops with our internal training team. ; • MHR support the nutritional/dietary needs of employees serving, gluten free, vegan, vegetarian, and healthy eating options within our subsidised restaurants. ; • Provide employees with the tools and knowledge to build and support each other in building personal resilience. ; • Our charitable work, in conjunction with employees, supporting local and national causes through volunteering hours to pick litter, create peace gardens for a hospice, running marathons, delivering training sessions for unemployed/disengaged young people, provides huge impact for our employees and community physically and mentally.

Pricing

• Price: £57.50 a licence a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at G-cloud@mhr.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.