Intelligent Transport Systems
Providing ISO27001 cloud based hosting for JMW mobility as a service (MaaS) including real time passenger information software, traffic signal priority systems, digital signage management, VMS display management, commercial advertising, car parking, vehicle counting, solar powered transport infrastructure and fuel management systems.
Features
- Bus and Coach Real Time Information
- Secure Remote Access on web enabled devices
- Real Time Analysis and Statutory Reporting including historical data
- Manage and Maintain Display and VMS advertising
- Live Tracking Predictions including departure and arrival predictions for Buses
- Scheduled Bus, Coach and Rail timetable information
- Dynamic Parking Spaces and Vehicle Counting
- Traffic Signal Prority integration with UTCs
- Distribution of information to digital signage and VMS messaging
- Real Time Management of solar bus shelters
Benefits
- Produce and Publish Scheduled Real Time Information to any device
- Back Office Reporting with Comprehensive Analytics System
- Generate Transport Compliance Reports in Real Time
- Help manage and reduce carbon footprint
- Provide transport data to Smart Cities Platforms
- Manage Transport Infrastructure in real time
- Control Digital Signage and VMS displays
- A single cloud based platorm for controlling MaaS
- Generate Printed Timetable Information
- Manage Maintain and Report on Depot fuel stocks
Pricing
£4,000 a licence
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
9 0 2 6 8 8 4 0 4 6 5 8 0 1 5
Contact
JMW Systems Ltd
Simon Fairbank
Telephone: 01785616510
Email: tenders@jmw-systems.co.uk
Service scope
- Service constraints
- There are no known constraints
- System requirements
-
- Internet Access
- Compatible Web Browser
- Software Licence
- Internet Enabaled Devices
- Data input
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Response times are subject to each clients SLA with JMW.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AAA
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Onsite support
- Support levels
-
JMW provide a support and service desk that can be contacted through email, phone and the electronic ticketing system linked through our hosted web-based software.
Engineer onsite support is provided throughout the UK.
Each customer has a dedicated account manager. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- JMW provide user manuals and training. End user training and service documentation is provided.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- JMW work with the customer to extract the data in an appropriate format subject to specification on notification of contract end.
- End-of-contract process
- JMW provide the client all related data stored on the customer database at the end of a contract and agree to provide all relevant documentation and a single extract of the data as per agreed specification, removing all data from the servers and backup copies.
Using the service
- Web browser interface
- Yes
- Using the web interface
-
Each unique user is provided with a secure username and password.
Access levels are dependent on requirements, the access level determines the ability to make changes through the web interface. - Web interface accessibility standard
- WCAG 2.1 A
- Web interface accessibility testing
- JMW software supports our DDA compliant products including RNIB technology.
- API
- Yes
- What users can and can't do using the API
- JMW Inforoute API is available on request. 3rd Party users cannot use the information for commercial gain. JMW operates a fair use policy for information requests from via the api.
- API automation tools
- Other
- API documentation
- Yes
- API documentation formats
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
-
- Automatic
- Manual
- Independence of resources
-
This is controlled through different access levels agreed at the start of the contract.
Each customer has their own dedicated server. - Usage notifications
- No
Analytics
- Infrastructure or application metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- No
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Database back ups
- Historical data and reporting
- Backup controls
- JMW provide this service as standard to all customers.
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Supplier controls the whole backup schedule
- Backup recovery
-
- Users can recover backups themselves, for example through a web interface
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
- Private network or public sector network
- Data protection within supplier network
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
JMW have the following SLA's in place:
Urgent faults will have an engineer on site within a two hour period, working to either resolve the urgent fault or to downgrade to a less urgent fault within six hours and providing a complete repair within 48 hours.
Less Urgent faults would be repaired within 48 hours. - Approach to resilience
- Information is available on request.
- Outage reporting
- Should an outage occur JMW will issue an email from the service desk detailing the cause of the problem and details of when the issue will be resolved.
Identity and authentication
- User authentication
-
- Public key authentication (including by TLS client certificate)
- Username or password
- Access restrictions in management interfaces and support channels
-
All users have a pre-agreed access to the web based system appropriate to their user level.
Reports are available on the system to monitor individual usage. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- Public key authentication (including by TLS client certificate)
- Username or password
- Devices users manage the service through
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- EY CertifyPoint
- ISO/IEC 27001 accreditation date
- 20/11/17
- What the ISO/IEC 27001 doesn’t cover
- JMW systems hardware and some 3rd party reverse engineering of physical devices.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- No
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
JMW are accredited to ISO 9001:2008 and ISO 14001:2004.
We are audited externally once a year and internally each quarter to ensure we follow our policies and procedures. As part of our employee induction all new staff are trained on these policies and procedures and an annual review is completed.
Policies and procedures are available on request.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- JMW are accredited to ISO 9001:2008 and ISO 14001:2004, as part of this we are audited on our design and development process which is record on our various platforms including but not limited to JIRA and Confluence. Further information is available on request.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
JMW assess threats on a case by case basis taking into account the type of threat, the level of threat and how it affects our software and hardware infrastructure.
Patches are typically deployed on a time scale based on the level of threat. Known high vulnerabilities are patched within a few days and medium risk vulnerabilities within 10 days and low risk vulnerabilities within a month.
Information on threats typically comes from AWS, software vendor notifications and security message boards. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
JMW regularly view detailed logs of access and attempted access.
All access to servers is blocked, only allowing access to the website via the standard port.
As part of our quality assurance JMW respond instantly and put a plan in place immediately based on the level of threat. - Incident management type
- Supplier-defined controls
- Incident management approach
-
JMW have pre-defined processes in place through agreed SLA's with third party suppliers.
Users are able to report incidents through the web based ticketing system. JMW have a help desk available to assist any incidents.
JMW provide incident reports through communicate with users via the ticketing system and also provide communication via email dependant on the incident.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- No
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- JMW Software is hosted within AWS which adhere to the EU Code of Conduct.
Social Value
- Social Value
-
Social Value
Tackling economic inequalityTackling economic inequality
JMW, as an employer, understands the economic challenges and skills shortages in technology sectors. We believe future industry leaders come from local communities and are committed to supporting initiatives that connect young people with the world of work to boost aspirations and motivation. Our team has firsthand experience through the Careers and Enterprise Company, aligning with Gatsby benchmarks for career best practices. To bridge the gap between technical expertise and youth engagement, we partner with qualified careers advisers. Collaborating with schools, we offer diverse opportunities like remote work-related learning, Q&A sessions, enterprise days, and project collaborations to expose students to various career paths. Feedback and reporting are provided to schools and councils for continuous improvement.
Pricing
- Price
- £4,000 a licence
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- Demo systems can be accessed via web enabled devices, user training, standard SIRI integration, Local Atco.cif file or TransXchange uploads.