myRJ Limited


myVCU is a secure dedicated Victim Care Unit Referral Management System that features state of the art functionality combined with a simple, clean and user friendly interface.

myVCU is aimed at multi partnership collaborations and larger organisations such as Victim Support, Police and Crime Commissioners Victim Care Units.


  • Simple Reporting
  • Cloud Sharing
  • Easy File Management & Upload
  • Remote Working
  • Time Management
  • Unique User Dashboard
  • Dynamic Case Managment
  • Integrated Collaboration


  • Streamlined working on Super fast servers
  • Cost Saving
  • Time Saving
  • High Level Encryption and Security
  • Multi Users Workspace
  • 24 / 7 Support system
  • Advanced Information Capture
  • Streamlined Processing


£15800 per licence per year

Service documents

G-Cloud 10


myRJ Limited

Andrew Robbins

0845 868 49 32

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to MyRJ - Restorative Justice Case Management System.
Cloud deployment model Private cloud
Service constraints The system requires an internet enabled device to access the secure cloud.
System requirements
  • An Internet Enabled Device
  • Internet Explorer (IE) 10 or above

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Support tickets are answered within 60 minutes of submission.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support No
Support levels Online technical support
A full online technical support ticket system is provided via the secure system login and via the myVCU Website.

Help videos and downloadable manuals are available under the training section of the myVCU Secure system.

Telephone support
Telephone support is provided as part of the License Cost and as such will be available should online technical support fail to solve your issue.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide onsite training / virtual learning tools, manuals and video conferencing tools to ensure every new user gets the most out of the system.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction They get sent an encrypted CSV File to a CJSM account or secure email address.
End-of-contract process An encrypted export of the data on the system will be provided and sent to a CJSM / Secure email address at closure of contract, this is included in the cost of the contract.

If the client wishes for us to store the data in our vault then we will do so at an small annual fee.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service There is no difference between the mobile and desktop service online only the menu is displayed as an accordion.
Accessibility standards None or don’t know
Description of accessibility Our service is accessed via a standard web browser on any internet enabled device.
Accessibility testing We have tested this device on the following devices:
Google Chromebook, Microsoft Surface, Apple iMac, iPads, iPhones, Samsung Note, Amazon Fire, Dell Laptops using the following operating systems Microsoft Windows, Apple OS X, iOS, Android OS.
Customisation available Yes
Description of customisation Only the main account holder can change and customise any system settings, these settings are:
Visual Editing
Service Standard Time Frames
Data Retention Periods
Reporting Periods
User Access Rights


Independence of resources As many of our system processes are automated there will never be any supply issues.


Service usage metrics Yes
Metrics types Our system has a in depth real time reporting dashboard so you can extract from a selection of pre defined reports.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Users export their own data via the data extraction tools on the system, all major data exports are done as and when requested by the account holder.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability We offer a 99% uptime of the system, should there ever be a prolonged outage customers would be contact individually and a resolution would be sort for compensation.
Approach to resilience We have strict protocols in place to ensure we are resilient, further information is available on request.
Outage reporting Email alerts, via the website and social media

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels Access is restricted by our own console where we can limit usage and access rights, there are also automatic triggers that lock accounts should misuse be suspected.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 LRQA
ISO/IEC 27001 accreditation date 06/05/2017
What the ISO/IEC 27001 doesn’t cover Our cloud software system, only the hosting provided by UKFAST
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • IASME Certification
  • Cyber Essentials +
  • ISO 9001:2008 (Data Centre - UKFAST)
  • ISO 14001:2015 (Data Centre - UKFAST)
  • PSN Connection Compliance Certificate (Data Centre - UKFAST)

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We hold weekly management meetings between the technical director and managing director to ensure polices are up to date and in place.

issues and development is tracked and reported on an internal system.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach All changes are tracked via an internal system and a audit (history) of all events and changes are kept.

Any and all changes are assessed in a weekly management meeting and planned accordingly to mitigate risk and impact.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach A weekly management meeting is held and the technical director reports on threats, updates and patches available.

These are assessed and scheduled for deployment as soon as possible.

The information about threats comes from oWASP, Reputable Online Security forums, Government sources and software providers and manufacturers .
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach A weekly management meeting is held where the Technical Director presents a report on potential issues or incidents.

All work is then structured in line with policies on updates and changes and responded to as soon as possible.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach All events and changes are reported via the online portal where a a simple process outlines how, where and what needs to be done or is being done.

All users are notified of change and updates via the same portal.

Users can use the same portal to report issues and incidents to the company.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £15800 per licence per year
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑