COM Software Limited T/As Mission Software

Mission SEN Passenger Transport Software

This software (“MPS”) is a specialist web SEN transport software solution, covering every aspect of your home to school passenger transport services, one-off jobs and recurring trips. Specifically for Council, Government, CT, Providers.
Multi-device, multi-user, all aspects of trip management, scheduling, stats&reporting and compliance. Many existing Council Clients and growing.

Features

  • Sophisticated Mapping, Scheduling & Optimisation, Scenarios, Analysis of mileage,time,distance
  • Instant Venue, Route, Passenger Schedules with detailed stats and Costs
  • Multi Department Transport Brokering, ITT, PTB, Approval & workflow processes
  • Drivers, PA's, Timesheets, DBS, Payslips, Training, Licences, PPE & SelfService
  • Audit Trail, Stats, Accounting, Pivotgrid analysis, Integrated spreadsheet & WordProcessor
  • Document Management, Calendars, SMS, EMails, Bid Sheets, BackToSchool Letters
  • Workshop, Fleet, Licences, Servicing, MOT, Jobs, Quotes, Availability, Warnings
  • FullyWebEnabled, MultiDevice, Secure MultiCountry Hosting with DMZ &Failover
  • Data Migration, Training, Support, Free Upgrades, Helpdesk, user Forum
  • Everything included in one licence - no "Per Module" trickery

Benefits

  • Over 20 years development & use by Council SEN teams
  • Secure websystem, failover included and data changes audit trails
  • Modern easy to use web design in forms, grids,reports
  • Simple Back To School procedures ensure smooth planning
  • Sophisticated Optimise, scheduling, Scenario & makelive routines
  • Detailed accounting, stats financialanalysis, benchmarking and Invoicing
  • Simple change management, COA, Drivers, Attendants including SMS EMails
  • Make a change and instantly SMS, EMail the Provider
  • Self Service System for Providers, Attendants, Parents, Drivers PA's
  • Incredibly sophisticated yet simple to use

Pricing

£9000 to £48000 per unit per year

Service documents

G-Cloud 10

156213690358675

COM Software Limited T/As Mission Software

Stephen Hill

03339202149

shill@missionit.net

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints We support the latest versions of the 3 main browsers and the 2 previous versions.

We can offer this as a shared cloud, dedicated cloud or Intranet system.

Some ports may need to be configured for SMS & EMail functionality.

We offer Bing Mapping as standard but can integrate other mapping systems. UPRN fully supported.
System requirements
  • Current Browser Versions
  • No desktop Components required - all web functionality
  • We offer DMZ Web Security
  • All systems include failover to servers in another country

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Every client gets a dedicated web helpdesk system. We have multi-level support and respond based upon severity of issue.

Support Hours are 8am UK Time to 5:30pm weekdays and our support team is also available on Saturdays from 8am to 2pm.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Every client is allocated a dedicated "Client Manager". We visit our clients once a month to discuss the systems and any requirements - this service is free of charge.

Every client gets a standard 14 hours support time per month for ticketed items included in the price on a "use it or lose it" basis.

Bugs and errors are always fixed free of charge.

We offer multiple options for additional support, development and also offer "shared cost" development where legislation changes may affect all of our Council Clients and by "sharing" the total development cost - each Council gets the enhancement for a much reduced fee.

Every time there is a significant enhancement we send every single user a link to our "What's New" document detailing all new features and how they work - this is all free.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started After initial on site training and needs analysis:

1. Client supplies own data in CSV, Excel or other format. They can also use Mission Import Template spreadsheets.
2. Mission staff prepare data and make necessary relational codings to suit MPS software database architecture, keys and indices.
3. Mission staff run routines to correct obvious typo’s, upper/lower case errors, incomplete addresses and improvements.
4. Mission staff import the data into the new client SQL database.
5. Link the MPS web software to this new SQL database – Test connections & data-integrity.
6. Test user log-ins, permissions and system security
7. Test add, edit, delete static data such as passengers, routes etc.
8. Test Diary and Synchronisation system for timeline
9. Test accounting routines and reports
10. Test new backup and restore system works correctly
11. Create duplicate Test & Training SQL databases as copies of this master data.

This whole process is repeated on “Go Live Weekend” incorporating all revisions and process changes discovered during testing.

Mission Software supply a complete start to finish training, consultancy, data migration service. Clients also get a test system to use, evaluate and learn on.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Once a client reaches the end of a contract we have several options for data migration and access to old systems. Some clients want to end, extract their data and nothing else; some want to end a contract, extract their data but still have access to the system for 3-12 months for queries, reports, stats analysis and data comparison purposes, a good “gap” option. We also have an option to move from an Intranet system to a hosted web solution.

Mission software also needs to remove our web and database system from client computers to meet with the removal terms in our licences. So our 3 main options are:

1) Data Extraction & Remove Systems
2) Data Extraction & Temporarily Keep System
3) Move from a Council Intranet to a web hosted system

Mission Software will extract all data from the SQL systems and can provide this to you in both CSV and Excel formats. Some fields contain “Long Text” up to 32000 characters and this can only be extracted in a CSV format.
End-of-contract process Our End of Contract data migration services are priced as follows:

Data Extraction & Remove Systems 5 days at £850 £ 4,250 /
Data Extraction & Keep a System for 3 months £ 5,450 /
Data Extraction & Keep a System for 6 months £ 6,650 /
Data Extraction & Keep a System for 12 months £ 7,850 /
or
Migrate from Intranet to Web Hosted Solution with 12 months hosting and support.

Can be paid monthly at £750 per month - annual total £ 9,000

Additional User Licences cost £750 per annum per licence.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Exactly the same - all of our systems are optimised for hand held devices.
Accessibility standards None or don’t know
Description of accessibility In over 20 years of serving SEN clients we have never been asked for this. All of our forms are responsive and optimised for screen resolution changes and zooming modes.

We consulted on colour schemes that provide the easiest viewing experience.

We would be happy to customise where required for this as our system responds to the user that is logging in and sets the environment accordingly.
Accessibility testing We have not done any thus far.
API Yes
What users can and can't do using the API We have developed 2 API systems that allow external parties to connect to our SQL databases and analyse data in different modes.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Users can change themes for on screen colours and we also have different menu systems and modules for different "types" of users.

There is a setting that allows users to choose what forms open and in what order during login and we also have "My Favourites" sections in the menu to allow users to pin their most regular forms and reports for easy access from anywhere in the system.

Every client gets 14 hours support and development per month included in the price, this can be used for reports, new fields, queries, letters and other customisation.

The system supports Logo images, Personal Signature Images for letters and there is an inbuilt word processor for designing letters and analysis.

Scaling

Scaling
Independence of resources Each client gets a dedicated 3 (web) server system, no sharing.

1 x Web Server running IIS /
1 x SQL Web Server /
1 x Failover server (in a different EU country) for uptime guarantee. /

We know from our analysis of existing clients, data quantities and traffic exactly how much RAM and resources each system requires and also offer load balancing options for peak times of the year.

We code to optimise users, types of users, processes and also reporting.

Analytics

Analytics
Service usage metrics Yes
Metrics types Every login is stored within the system and a full audit trail shows every single change and by whom.

Dashboards are available for other analysis requirements.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Although all of our data can be downloaded by a user in list or Excel format - we offer a much better service. We are happy to supply the whole database in a "relational" format with all the Keys and ID fields included. This is a far superior option to a simple list download.

We did this for the London Borough of Brent when they wanted to migrate to another system and also worked with the new supplier to on-board successfully within 2 days.
Data export formats
  • CSV
  • Other
Other data export formats
  • Excel
  • SQL
Data import formats
  • CSV
  • Other
Other data import formats
  • SQL
  • Excel
  • Any SQL Compatible Data Source

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks Each system is has DMZ
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network Data Encryption, DMZ

Availability and resilience

Availability and resilience
Guaranteed availability Every system is provided with a fail-over option to guarantee continuity. We copy the whole SQL system every 15 minutes to our fail-over servers and provide separate URL's for user access.

As well as fail-over options we also provide stats about monthly up-time and can agree different up-time guarantees.

Some of our clients like to have a percentage of monthly support payments available as a refund if up-time drops below agreed limits and we are happy to do this.
Approach to resilience Detailed information is available upon request.

That said - we have passed all of the secure web hosting tests and requirements for the London Borough of Enfield and the London Borough of Croydon.

We include all of the following:

✓ SSL included with all products
✓ DDoS Protection
✓ Geo-redundancy
✓ ISO 27001:2013 Certified
✓ Data Encryption
✓ DMZ's
✓ Servers in different Countries
✓ Regular Penetration Testing
Outage reporting We work directly with the client on this as each client has a dedicated web system for their system.

We have constant server and service monitoring and also supply monthly stats.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels We offer Intranet options for enhanced security and also can do VPN as a second level security option if clients want it.

3 years ago we integrated a random number authentication system to login as well as standard username and password.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 TÜV Nord
ISO/IEC 27001 accreditation date 2017
What the ISO/IEC 27001 doesn’t cover Don't have a specific list - our (global) web system suppliers gave us this statement:

there are multiple redundant connections to major Internet hubs, we can offer close to 100% availability. Sophisticated security measures also ensure data protection according to the highest standards as our data centres and networks are ISO 27001:2013 certified through TÜV.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Each client gets a dedicated server system and we agree all security policies to suit our clients.

We are very strict on control, access, management, storage and encryption of client data. We only use secure data transfer systems like Egress when exchanging data and have very strict systems in place for location and access to client data.

We follow the advice of our independent security company who carry out all of our sceurity, penetration testing and system security optimisation.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach We have a dedicated server management team that have to report every week on Windows, Server, Security Software updates, general update status, errors and patches.

Every client gets a Test system and a Live system, all initial updates get tested on the test system and have to be signed off before going live, unless the client specifies otherwise.

We have a dedicated helpdesk system for clients to request changes, we carry out these changes then make everything available in the test systems for the clients.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach We have regular penetration testing and certification.

This alerts us to any potential vulnerabilities, DDos etc.

We also carry out constant monitoring of servers and report on this monthly to the clients.

We are extremely diligent and sensitive to the security and protection of client data.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach We get constant analysis from our security systems about potential breach or access attempts.

Most attempts are blocked or handled by our security systems but if there was ever an attempt which got past that, we would be notified via emails or other notifications.

Our development team in India works from 5am UK time to 17:30pm UK Time and also all day Saturday - so we have physical hands-on people for support issues available for much more than UK work times.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach We use feedback from our 24x7 security software systems, live monitoring, logs and other systems to notify us of any issues.

Team members know exactly what to do in the event of a breach and we also have regular "server switching" to ensure we can get a client working within 30 minutes using different servers in different countries, we are very proud of the level of cover and speed that we can restore and/or switch services.

We provide monthly reports on all of this.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £9000 to £48000 per unit per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial We have a free to use demo system that clients can use for as long as they want. They can add their own data and test as they want - we will then delete their data when they want.

We import data for clients and can anonymise it as well.
Link to free trial https:demo.missionmps.com

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑