Skip to main content

Help us improve the Digital Marketplace - send your feedback

MRI Software Limited

MRI Document Management

MRI Document Management aids paper-free digital transformation by providing digital document storage, indexing, OCR, and tagging.

Maintain GDPR compliance with time based retention and redaction features, and integrate with complimentary solutions via documented APIs.

Document Management allows fast retrieval of records including collation for Subject Access Requests and court packs.

Features

  • Convert physical documents to searchable files - MRI Document Management.
  • Integration with MRI or third-party Housing Management systems.
  • Redaction capability with version control.
  • Image, Video and Audio file support.
  • Built-In digital Mail Distribution module (e-Post).
  • In-Line Page Editing & Removal – MRI Document Management.
  • Customisable Tag, Entity & Content Type lists.
  • Provision Document Access to Tenants or Customers.
  • Encrypted Document storage using MRI Document Management
  • Automated deletion scheduling based on defined policies.

Benefits

  • Helps with efficient document management of your property portfolio.
  • Documented API for open integration with third party products.
  • User configurable security, setup, and rules: using MRI Document Management
  • Annual Fees provide predictable solution costs for budgeting.
  • Fast, effective reporting, dashboards & auditing, MRI Document Management
  • Enhances housing management productivity by your teams.
  • Proven to enable compliance with GDPR standards.
  • Delivery of enhanced housing management services to your clients.
  • Securely hosted resulting in reduced on premise operating costs.
  • Reduce wasted space with removal of filing cabinets.

Pricing

£30,063 to £94,392 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@mrisoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

9 5 6 3 8 0 0 0 5 7 1 0 3 7 6

Contact

MRI Software Limited Claire Brown
Telephone: 020 3861 7100
Email: tenders@mrisoftware.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
Planned maintenance is typically scheduled outside of regular business hours.

The mobile solution is available on Android, iOS and Windows devices
System requirements
  • Microsoft supported versions of their Internet Explorer/Edge browsers
  • Current versions of Chrome
  • Current versions of Safari
  • Current versions of Firefox
  • Microsoft SQL 2012 or later
  • Windows Server 2012 or later

User support

Email or online ticketing support
Email or online ticketing
Support response times
MRI’s Global Client Support group will make every reasonable effort to ensure that submitted cases are assigned the proper level of Severity. Submitted cases will be responded to in the order in which they are received, with consideration given for higher Severity levels. Bundled Service (Normal Priority 6 Hours, Serious Priority 3 hours, Critical Priority Live Call Only)
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We include support within our annual fee. Support includes a named Account Manager and a Client Support Helpdesk. The Client Support Helpdesk also serves as the contact for all cloud support requests for trained users. Cases and incidents can be recorded and viewed in the myMRI portal on a 24/7 basis. The myMRI Portal provides clients with information on support cases, regardless of whether a call is logged via a phone call or via the portal. Various information, documentation, forums and resources are also available on the portal.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Clients will be provided with data loading file formats which can be used for the mass upload of the modular data. Throughout the project, our data migration consultant will advise on the mapping of fields to the current sources to ensure the data is loaded accurately. The process will be iterative, and as part of the validation exercise, our consultants will be in regular contact to advise on data cleansing and corrections as necessary.

On-boarding activities will vary from client to client, according to requirements. The on-boarding process differs for clients who already run MRI Document Management compared to those clients migrating from other applications. Activities may include, as required:
Provision of access to an appropriate environment
Provision of a URL to log onto the system
System Administrator log on credentials supplied
Configuration services
Integration with third-party systems
Data services including data migration.
MRI will manage the onboarding process, including migration activities, using its experienced consultants and project managers with processes based on PRINCE2. All onboarding activities will be agreed with the client and charged in accordance with the MRI DM SFIA rate card.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
Word docs
End-of-contract data extraction
A full data extract is available via data export (this can be made available at time of contract termination agreement over SFTP (PGP / SSH).
End-of-contract process
The data will be provided in a predetermined format. If there are requirements which are different from our standard approach, we can discuss these with Clients to draw up an appropriate exit plan.

The initial de-commissioning (powering down of client-server images and movement to non-production storage) takes place on the agreed date (e.g. contract end date) with permanent de-commissioning taking place one month after the initial de-commissioning date (backups removed, and server images purged).

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Full functionality is available on all devices although a tablet is the smallest screen size on which practical operation is sensible
Service interface
Yes
User support accessibility
WCAG 2.1 A
Description of service interface
The application user interfaces are designed with untrained users in mind and provide a consistent approach to usability for all. We observe all usability standards and design for ease of use.
Accessibility standards
None or don’t know
Description of accessibility
We are committed to providing solutions that are accessible to the widest possible audience, regardless of technology or ability.
Accessibility testing
None
API
Yes
What users can and can't do using the API
There are a number of APIs designed for integration with third-party systems. Typically, they are used for data transfer and viewing of data between systems.
API documentation
Yes
API documentation formats
Other
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
There are a large number of system parameters which control the behaviour of the service in its various modules. Lookup lists can all be user-defined, albeit controlled by a comprehensive user permissions structure.

Scaling

Independence of resources
Each client has their own working environment with servers configured to match the client's requirements.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
Less than once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
There are around 150 standard reports as part of the system. Each can be run with a huge number of data filters and can be exported to Excel, PDF, CSV etc.
Data export formats
  • CSV
  • Other
Other data export formats
  • Xml
  • Word
  • Excel
  • Pdf
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
We use commercially reasonable efforts to ensure availability twenty -four (24) hours a day, seven (7) days a week, except for: (a) planned downtime (of which we provide adequate notice and will schedule to the extent practicable during the weekend hours), or (b) any unavailability caused by circumstances beyond our reasonable control, including without limitation, Force Majeure events or internet service provider failures or delays.
Approach to resilience
Available on request.
Outage reporting
The client support desk is used to manage client/support interaction for specific customer system issues. E-mail advisories are in place and used to alert multiple clients/contacts of unplanned outages.

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Access to management services is restricted by user identity. As users are added to the system settings are used to define which apps, which features and what is accessible by a security level setting.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Data centre infrastructure and associated services are managed according to ISO 27001. The least privilege required for a role principle is followed in all areas, server access is restricted to only those employees who have reason to access it.
Information security policies and processes
We have a documented Information Security Policies and a dedicated Information Security Team work under the direction of our Information Security Council, which is responsible for assessing information security policies, technologies, and strategies. The Information Security Council in conjunction with the Information Security Team evaluates the role, scope, and size of the Information Security Team annually, based on our company size, our client's industries and the sensitivity of the data we house for those clients.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Change management is a matter of regular review with the management team. At each review all new software fixes and enhancements are assessed for both overall impact on such as system security, performance and functionality before being approved for scheduling in the development plans. All new developments are the subject of an in depth analysis of security, functionality and practicality for inclusion in future releases
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Critical and Important updates are applied automatically upon release. Other updates are checked for relevance to software/operating system installation and are installed as part of the scheduled maintenance where relevant.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Protective monitoring and associated responses are managed according to ISO 27001:2013 controls and processes utilising a mixture of automated features at the security device level (e.g. automatic blocking based on severity/signatures) and manual interaction based on alerts (e.g. manual investigation of alert before intervention). Access to the application/infrastructure is restricted to authorised personnel.
Incident management type
Supplier-defined controls
Incident management approach
Comprehensive monitoring tools are used to highlight potential problems before they become an issue. A defined "Security Incident Management Policy" includes reporting mechanisms for both Information Technology and Physical Security incidents, incident logging, communication to internal and external parties, escalation, reporting, planning, implementation of preventative actions, securing / forensic evidence and continued improvement incident review.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

MRI is committed to managing environmental risks that are material to our business and to reducing our carbon footprint by enhancing the energy efficiency of our operations and reducing the amount of waste that our company produces. We do this by utilising some of our own solutions with sensors in our own offices to assess our space utilization, energy usage and setting a reduction plan. As well as improving our own position, we also look at ways to help our clients work towards using services that have less impact on our planet’s scarce resources. A good example is HomeSwapper, our national mutual exchange solution. HomeSwapper enables tenants to swap homes either locally or anywhere across the United Kingdom with another social housing tenant, often to reduce their commute to work or schools which has a direct impact on carbon emisisons in the region.

Covid-19 recovery

We have fully embraced hybrid working and have recently formalised our flexible working model and different types of flexibility offered to all employees. We believe flexible working benefits our employees and the business. Our solutions available on this framework are all available remotely allowing our clients employees, users and contractors as applicable to work from any location in accordance with your approved working practices to allow flexibility

Tackling economic inequality

Our employees are all contracted and salaried fairly, in line with the Living Wage standards. All of our employees are paid at least the minimum rates as stated under the current Living Wage. We do not employ anyone on zero hours contracts and have a strong commitment to regularly review salaries in line with our appraisal process. We have a number of apprentices in the business who we are supporting to complete degree level qualifications, who all receive above the apprentice minimum wage. We also offer a comprehensive benefits package for all our staff, which includes health and wellbeing support and access to private health care.

Equal opportunity

We work hard to ensure our employees have a voice. Our business has various committees in place, such as a Diversity, Equity and Inclusion Committee and Employee Resource Groups, such as Women & Allies and LGBTQIA+, which help us understand how employees feel about working at MRI and help us drive forward inclusive events. We have also very recently launched our first ERG – employee resource group for Women and Allies. As a business with over 250 employees in the UK we are required to produce a Gender Pay Gap report. We very much welcome this initiative and our reports are available publically on our website. This report shows the impact we have on reducing our Gender Pay Gap and also highlights the many initiatives we have underway to further reduce our gap. This includes the development of our Flexible Working and Inclusive Policies initiatives, educating our People, People Managers and Business Leaders and working with external partners to attract a diverse staffbase.

Wellbeing

Work hard, play hard. From the day we opened our doors, we set out to build flexible, game-changing solutions that would make people's lives better. We do this by providing our clients with solutions that enable them to provide better places to live, work, and do business. The only way to carry out that mission is to hire the best employees and keep them. We are dedicated to creating a working environment which supports and develops our staff. Some of the benefits that we offer are: Gym reimbursements, Medical assistance, including mental health tools, Flexible working opportunities, including hybrid working Employee engagement is key to MRI's success and we hold quarterly spirit weeks to both connect and enthuse our teams globally. These weeks are themed and where staff are encouraged to learn about different topics or take part in activities that they might not typically have time for. These include fitness sessions, cooking sessions, engagement with families for those working from home or targeting one big event where we can globally feel like we are one team with the same goal. We also carry out bi-annual employee engagement surveys to ensure employees can express their views.

Pricing

Price
£30,063 to £94,392 a licence a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@mrisoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.