Mentz GmbH

Cloud software

As a software provider for public transport related solutions, MENTZ provides applications into cloud based environments. These are used by public sector organisations such as Local Transport Authorities, Public Transport Executives, County and City Councils to plan their timetables and provide Journey Planner information for their users.

Features

• Integration, dissemination of public transport data within defined rule set
• Web based integration and normalisation of public transport related data
• Plot public transport related data on map
• Report on data issues in available public transport data
• Journey Planner web interface for contact centres (TICC at TfL)
• Provide support services online and track issues
• Journey Planner API and routing engine for public transport data
• Configure and patch applications with new versions
• Central web application to report on Journey Planner usage, issued
• Use OpenStreetMap and other GIS for public transport data visualisation

Benefits

• Scale Journey Planner system up and down depending on load.
• Use multiple instances for production, staging and development.
• Use flexible cloud configuration management and replication functions.
• Provide failover recovery for important instances and functions.
• Replicate environments when required and in case of failures.

£250,000 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hosseini@mentz.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

956901328229250

Contact

Nahid Hosseini
0049 89 41868 134
hosseini@mentz.net

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Product IPRs belong to MENTZ. Product licenses for application are issued together with Support and Maintenance services to buyers.
• System requirements:
  • Windows
  • Oracle
  • Postgres

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 1) Response time depends on agreed SLA; E.g.; Prio 1, Response 1 hr, Fix 2 dys; Prio 2, Response 4 hrs, Fix 5 dys; Prio 3, Response 24 hrs, Fix 10 dys; Prio 4, Response 5 dys, as per estimate; 2) yes (an online support facility is available); 2b) None or don’t know
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: MENTZ provides support services for all licenses products including the large systems DIVA and EFA (Journey Planner).; ; For both service levels do exist.; ; EFA; Prio 1, Response 1 hr, Fix 2 dys; Prio 2, Response 4 hrs, Fix 5 dys; Prio 3, Response 24 hrs, Fix 10 dys; Prio 4, Response 5dys, as per estimate; ; DIVA (data management - not public facing); Prio 1, Response 5 hrs, Fix 5 dys; Prio 2, Response 1 dy, Fix 10 dys; Prio 3, Response 7 dys, Fix 20 dys; Prio 4, Response 7 dys, as per estimate; ; MENTZ provides technical application support as well as account management.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: MENTZ provides system implementation and support services. The implementation phase includes onsite training with comprehensive system documentation. After system launch onsite or online training is provided with new functionality or applications being available. The ducomentation is updated accordingly. We work with very close relationship with the buyers, this is a key success factor.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data can easily be downloaded (in standard formats) and deleted across all systems. On request MENTZ provides backup services.
• End-of-contract process: Any data is downloaded and deleted from all. Machines are terminated and deleted on buyers request. This service is included if no special requirements do apply, e.g. copy to mediums which are not included to contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Not specifically accessible, Journey Planner is a API driven application
• Accessibility standards: None or don’t know
• Description of accessibility: Not specifically accessible, Journey Planner is a API driven application
• Accessibility testing: XML / JSON API of Journey Planner is accessible via internet does not require testing with assistive technology
• API: Yes
• What users can and can't do using the API: Plan door-to-door journeys and displays results in tabular and map form.; Accessible features are supported by the API to allow step-free journey calculations on a national level (UK).; Dynamic, realtime information is integrated - such as events being published by transport operators - which influence the journey result.; Optimisation criteria such as Quickest Journey / Least Interchanges / Least walking is available:; Multimodal journey options are available, such as bike sharing or car sharing.; Fares data is made available with journey plans.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: API for Journey Planner is highly configurable and relies on a business logic which can be setup once but frequently changed when new requirements emerge. This is done in tight coordination between MENTZ and the buyer. Fundamantal parameters can be changed in a web user interface during run time.

Scaling

• Independence of resources: Application server cluster is redundant and scalable horizontally. MENTZ solution auto-scales in the cloud depending on demand.

Analytics

• Service usage metrics: Yes
• Metrics types: System usage such as; - Imported data / who, when, what; - Exported data / who, when, what; - Manually maintained data / who, when, what; - Number of Journey Planner requests; - TOP requests; - TOP locations; - Hourly / Daily / Monthly / Yearls requests; - Request matrix (from - to); - Accessible options; - Calculation times
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: Never
• Protecting data at rest: Other
• Other data at rest protection approach: Not available or not applicable
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The solution provides a web interface where all data can be exported in following formats; - NaPTAN; - TransXChange; - NeTex; - VDV452; - TRIAS / Open Journey Planner; - SIRI; - Excel; - CSV
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • NaPTAN
  • TransXChange
  • NeTex
  • VDV452/453/454
  • TRIAS / Open Journey Planner
  • SIRI
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Excel
  • NaPTAN
  • TransXChange
  • NeTex
  • VDV452

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Not available or not applicable
• Data protection within supplier network: Other
• Other protection within supplier network: Not available or not applicable

Availability and resilience

• Guaranteed availability: Availability is defined in tight coordination with the buyer. The MENTZ applications are designed to provide 100% availability. However, availability is also driven by the underlying cloud environment. The MENTZ solution is scalable and can also be mirrored to secondary hosting sites. Hence the applications can run on multiple instances in redundand mode, which guarantees availabilities of up to 100%.; ; SLA EFA (Journey Planner):; Prio 1, Response 1 hr, Fix 2 dys; Prio 2, Response 4 hrs, Fix 5 dys; Prio 3, Response 24 hrs, Fix 10 dys; Prio 4, Response 5dys, as per estimate; ; SLA DIVA (data management - not public facing); Prio 1, Response 5 hrs, Fix 5 dys; Prio 2, Response 1 dy, Fix 10 dys; Prio 3, Response 7 dys, Fix 20 dys; Prio 4, Response 7 dys, as per estimate
• Approach to resilience: The MENTZ Journey Planner solution is setup on redundant instances with the same applications and data. A load balancer guarantees an even load distribution across all instances. In case one instance fails, the remaining instances take over the load. A certain spare room capacity shall be included in the solution design or auto-scaling is introduced to ensure the demand can be served.
• Outage reporting: Dedicated monitoring applications report on outages via dashboards and messaging to system operators. An optional 24x7 support can be granted to pro-actively monitor the system and react on failures.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: The MENTZ systems provide two main streams:; 1) DIVA - data management - where a concrete user access and roles management is integral part and which is setup together with the buyer; 2) EFA - journey planner - where APIs are accessed and a API gateway is required to protect access
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: ISO 9001:2015

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Governance defined in MENTZ QM following ISO standard (ISO 9001:2015).
• Information security policies and processes: In our applications we ensure that the latest patches and security advices are taken into account.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: In case new versions of applications or changed configuration is to be released, this is deployed on development and staging instances for testing excercises before these are released to production.; All our processes (including configuration and change management) are well-defined in our quality management system following ISO 9001:2015.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: MENTZ uses COTS products for all customers. Before new versions are released they are tested on functionality and vulnerability (on request) by internal test teams and the customer via UAT.; All our processes (including vulnerability management) are well-defined in our quality management system following ISO 9001:2015.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Dedicated monitoring applications report on compromises. Response times are defined in the SLAs, e.g. for Journey Planner; Prio 1, Response 1 hr, Fix 2 dys; Prio 2, Response 4 hrs, Fix 5 dys; Prio 3, Response 24 hrs, Fix 10 dys; Prio 4, Response 5dys, as per estimate; ; All our processes (including protective monitoring) are well-defined in our quality management system following ISO 9001:2015.
• Incident management type: Supplier-defined controls
• Incident management approach: The process to manage incidents is handled by our technical support team in accordance to our quality management system following ISO 9001:2015.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks:
  • HTTP
  • RDP

Social Value

• Wellbeing:

  Wellbeing

  MENTZ supports staff wellbeing, healthiness and physical training to a high extent: flexible working times, flexible employment opportunities for working parents, sabbaticals, ergonomic office equipment, organic coffee, juice and fruits, free accident insurance, excursions, sports activities (skiing weekend, weekly running groups, hiking trip, discounted gym membership, cycle to work scheme), restaurant vouchers, financial support in cases of emergency. To improve staff wellbeing we encourage sporting activities. Company excursions include, skiing weekend, running groups, annual hiking trip,, discounted gym membership, health insurance, cycle to work scheme, or dicounts in form of food coupons, sabbatical with salary sacrifice. MENTZ offers financial support in cases of emergency. MENTZ offers flexible employment opportunities for working parents.

Pricing

• Price: £250,000 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hosseini@mentz.net. Tell them what format you need. It will help if you say what assistive technology you use.