MAKE TIME COUNT TODAY LTD

Code Compliant Victim Support Solution

We support Forces and agencies that engage with Victims to operate in a code compliant manner.

Our solution helps agencies collaborate to support Victims of crime, assess needs, keep them up to date, provide a safe space, gather feedback from users and support them in the justice process.

Features

• Browser based for staff, app for staff and end users
• Take statement from user, add photo and video
• Assess requirements of victim, quickly refer to local services
• Journaling service for victims
• Victims stores sensitive information, choosing with whom to share
• Cloaking features for victims to conceal app from prying eyes
• Knowledge base including all info victims require
• Phone based alarm functionality
• Notifications to victims
• Solicit feedback at closure, use insights to improve service

Benefits

• Ensure victims understand and are understood
• Log crime and provide victims with info
• Refer victim to local services
• Provide victims info on trial and their role
• Victim keep upto date with progress
• Support victim complaints /solicit feedback
• Ensure victims get access to compensation
• Keep victims in the process
• Stop victims being forgotten
• Ensure greater number of victims get justice

£39,950 to £39,950 an instance a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jonathan.m.ley@MakeTimeCount.Today. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

906796936899694

Contact

Jonathan Ley
+491783278718
jonathan.m.ley@MakeTimeCount.Today

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: There are no constraints to our service.
• System requirements:
  • Devise and Operating system agnostic
  • Wifi / data connection for Phone / Desktop

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We aim to answer all enquiries within 8 working hours; ; Our standard operating hours are 9am-5pm Monday to Friday
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We use a industry standard third party Web chat application that confirms to industry standard assistive technology requirements
• Onsite support: Yes, at extra cost
• Support levels: Our support levels are agreed with each client on needs basis. ; ; As standard we use our online ticketing platform to raise and resolve issues. ; ; A technical account manager can be provided upon request.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As an organisation we pride ourselves on supporting each client and their onboarding process. We give them a first class approach to onboarding, with a ; ; Welcome Pack.; Face to Face or Virtual Training.; Onboarding Support with a step by step approach to creating them as a client onto our solution.; Training Documentation ; Knowledge Base of useful tips and information ; Designated Account Manager ; Regular Touch Points ; Training Packs for client new starters
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: As an organisation we follow GDPR Policies on Data Processing and Data Extraction. Once Make Time Count Today have been notified of the clients thoughts regarding leaving and requiring their data. A roadmap and project will be kicked off collaboratively so that the clients needs are met to make sure all of their requirements are met but do not comprise our data integrity.
• End-of-contract process: Upon notification of contract cessation, we will work together with the client on their specific handover requirements. ; ; We can be very flexible across the following options:; 1. Migrating data to new provider.; 2. Providing downloaded database for client reference; 3. Create standalone version of the platform for client usage; 4. Continue to act as data hosting provider beyond active usage period; ; If client has other specific requirements we can also work towards these.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile devices offers a subset of the functionality on the browser. This is simply due to screen size
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The browser based interface is provided for; - Admin users to set up and configure services; - Supervisors to schedule and plan work assignments; - Staff users to administer their workload; - End users to view their accounts
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We have undergone accessibility testing with Hands Free Testing, a UK based testing organisation
• API: Yes
• What users can and can't do using the API: API connectivity is delivered jointly between Make Time Count Today and the client. ; An API catalogue is shared with the client so that they can ascertain which elements of the API they request to access.; Changes to the API are connection are communicated with Make Time Count Today and are administered jointly. ; There are no limitations but agreements to any changes have to approved.
• API documentation: Yes
• API documentation formats:
  • HTML
  • ODF
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customers have several types of administrative accounts to complete different processes within our service. Customers have the ability depending on their level of access - ; ; Add New Partner Organisations; Add/Remove/Archive Modules and Features; Add/Remove/Archive User Accounts based on their account level, ; Team Admins can create Practitioners and Service Users; ; Beyond the in-product configuration, further customisations can be discussed with client and implemented for a single client of across platform at competitive day rates. ; ; As we are a platform solution end clients cannot customise the solution themselves.

Scaling

• Independence of resources: Make Time Count is built on a scalable cloud based architecture. Each component has it's dedicated dual server set up to ensure availability and load balancing.; ; Our set up in monitored such that when an agreed pre set percentage of resources are in use, additional server capacity is automatically spun up to provide bandwidth and ensure service provision maintained

Analytics

• Service usage metrics: Yes
• Metrics types: Depends on services used; ; - Number and frequency of logs ons; - Compliance rates of users; - Feedback from users on services received
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: As an organisation we adhere to GDPR Guidelines and Policies and we will make sure that we do not compromise our integrity. ; Export of client's data is agreed against a roadmap and collaboration between both organisations. Data requirements are agreed and the method of data removal is approved not compromising either organisation GDPR Policies.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • Excel
  • XML
  • MySql Database
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Excel
  • XML
  • MySql

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: For standard service we work to the AWS standard of 99.99% uptime. ; ; We agree with clients a standard four hour fortnight service window for updates. ; ; We have no standard refunds in place for missing availability targets. These would be agreed on a contract by contract basis.
• Approach to resilience: Available on request
• Outage reporting: We have a publicly available dashboard showing service times and availability. ; ; Should the service be unavailable, email alerts will be sent to all Admin users informing them of; - Issue; - Mediation; - Estimate time to resolve; ; Updates are provided every two working hours

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: All users to the system are manually created. We don't allow for example social log on. (via facebook / google etc).; ; End users and manually verified by a client before setting up. Terms and conditions have to be agreed to before setting up end user account.; ; Clients can only create same tier of lower tier users. For example a team admin can create another team admin but not organisation admin level.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR Limited
• ISO/IEC 27001 accreditation date: 01/05/2024
• What the ISO/IEC 27001 doesn’t cover: ISO27001 certificate covers our Information Management system related to Make TIme Count as the product owner of the Make Time Count Platform.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: JOSCAR Accreditation

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Cyber Essentials - updated annually.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Component Management; - Our component list is maintained by our Quality Manager.; - Every 6 months we proactively review the component list for upcoming changes and predicted version changes; - These changes are then assessed y our change review board and then included in our standard release cycle.; ; This process is supported by automated vulnerability monitoring tools such as Dependabot from GitHub and fortnightly vulnerability scans run on our platform such as Immuniweb.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our vulnerability management process is designed using NCSC guidelines; https://www.ncsc.gov.uk/guidance/vulnerability-management; ; We assess vulnerabilities across our platform monthly using standard scanning tools. We are also informed immediately by monitoring software when CVE vulnerabilities have been discovered. ; ; Our team meets daily. Vulnerabilities are included on the daily agenda. Where assessed as critical, vulnerabilities are fixed immediately. Those that are not deemed critical will be included in the upcoming release schedule
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our ISO27001 accredited infrastructure partner monitors our platform for attacks, misuse and malfunction.; ; We create audit logs to identify suspicious activity these events are analysed to identify potential compromises and together we take prompt action to address incidents ; ; Should a compromise be found, team consisting of infrastructure, development and management board assemble to resolve.; ; Action plan is agreed and implemented. Alerts will be provided to clients on any suspected compromise.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our incident management process allows us to detect, investigate and respond to incidents. ; ; We have five key steps - ; ; Identification: where possible we proactively seek out issues via regular scanning and monitoring of platform. Incidents may also be reported through team or users; ; Notification: alerts to team and users will be agreed based on categorisation of incident; ; Diagnosis: once identified and triaged the type, cause and solution options can be investigated.; ; Resolution: incident resolution will be worked on by team, may be an immediate release or included in release schedule; ; Closure: Issue closed and documentation updated

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  Make Time Count is built for scalability. Our platform can be easily adapted to handle larger caseloads and integrate with evolving technologies. This ensures a future-proofed approach to justice delivery. By empowering officers and streamlining processes, Make Time Count facilitates a more resilient justice system. We also believe in capacity building, and will actively share knowledge and best practices with collaborators, ultimately strengthening the entire judicial ecosystem. We work closely with all partners, fostering a fair and responsible environment throughout the supply chain. Additionally, we prioritise transparent data security practices to mitigate cyber risks across all phases of the project. We promote diversity, foster innovation, and advocate for a collaborative and resilient justice system.

Pricing

• Price: £39,950 to £39,950 an instance a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jonathan.m.ley@MakeTimeCount.Today. Tell them what format you need. It will help if you say what assistive technology you use.