TILES System® Interview Management Software
The TILES System® is an investigative interviewing planning and management tool designed to digitally transform all aspects of the PEACE model framework. TILES allows interviewers and supervisors to plan, conduct and evaluate investigative interviews in any investigative context, facilitating transparency, accountability, consistency and efficiency across an agency’s investigative interviewing workflow.
- Secure in-house or Microsoft Azure cloud hosting delivering 99.99% uptime
- Fully digital investigative interviewing workflow
- Strategic and tactical planning functionality featuring flexible topic management
- Remote access delivering collaborative and supervisory capabilities
- Integrated Mapping functionality
- Integrated Timeline functionality featuring Swipe to Timeline™ capability
- Enterprise Management Dashboard
- Incorporates pre-interview feedback and post-interview evaluation
- Forensically robust meeting all disclosure requirements
- User-friendly, multi-platform (web/tablet/mobile)
- Increased accountability and transparency across interviewing workflows
- Fosters objective based interview planning
- Reduced preparation time of investigative interview plans
- Reduces the administrative burden and financial costs of paper-based workflows
- Aligns with current UK Home Office Investigative Interviewing standards
- Real-time strategic conversation fostering the strategic use of evidence
- Configurable to any investigative remit including law enforcement and audit
- Integration with e-mail for electronic management of feedback and evaluation
- Ability to link documentary evidence directly to interview objectives
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Service constraints||Access to the TILES System® is available on 24 x 7 basis. Planned maintenance windows, when the service will be unavailable, will be agreed with the client, with updates usually being implemented outside of working hours. IMS will agree a notice period with clients before undertaking scheduled maintenance tasks. In order to maintain this service, IMS has a variety of technical support and maintenance assets at its disposal, depending on the severity of service disruption.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Email enquiries are generally responded to within 1 working day. Priority support requests will be responded to within 1 working hour (Business Critical Impact); 2 working hours (Major Operational Impact); 4-6 working hours (Minor Operational Impact); 4-6 working hours (Minor Operational Inconvenience); 1-3 working days (System Operation not impeded).|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Priority 1 Business Critical Impact 1 working hour
Priority 2 Major Operational Impact 2 working hours
Priority 3 Minor Operational Impact 4-6 working hours
Priority 4 Minor Operational inconvenience 4-6 working hours
Priority 5 System Operation not impeded 1-3 working days
Bespoke support levels agreed in SLA with client.
|Support available to third parties||Yes|
Onboarding and offboarding
IMS are able to make full on-boarding training available to TILES System® users onsite. Training costs will be charged as per the IMS SFIA rate card. Enterprise customers are encouraged to discuss options for bespoke training packages with their IMS project manager during the
project-planning phase in order to realise the maximum potential of the TILES System®.
IMS are able to support their clients with a full online investigative interviewing training package which can be arranged as per client requirements.
A TILES System® User guide is also freely available online and is accessible from within the TILES System® user interface.
|End-of-contract data extraction||
Due to the sensitive nature of the data likely to be held in the TILES
System®, off-boarding, data security and data migration will be subject to an agreed process following direction from the buyer's ICT risk and security advisers during initial scoping. All off-boarding will occur in accordance with clause 9.1 within the IMS Service Definition Document.
|End-of-contract process||End of contract processes will align with the IMS Termination Terms listed at clause 9 of the IMS Service Definition Document.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Desktop/laptop access is recommended although full functionality may be accessed via tablet devices on both the iOS and Android platforms.|
|Description of customisation||
The TILES System® can be customized for individual agencies who may require bespoke data fields within the software to be added, edited or removed. The TILES System® dashboard available at the enterprise level can also be customized to ensure unique investigative contexts can be catered for.
TILES System® users are able to customize individual TILES to deliver a bespoke interview management experience tailored to their own investigative context. Each of the system's customized TILES may be populated with a full menu of customized hints and prompts designed to assist an interviewing team to navigate forensic conversation.
|Independence of resources||The secure Microsoft Azure platform upon which the TILES System® is hosted is designed to scale to meet TILES System® load/usage requirements.|
|Service usage metrics||No|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||See IMS Terms and Conditions Document|
|Data export formats||
|Data import formats||ODF|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||See Service Definition Document|
|Approach to resilience||IMS can implement proven strategies to safeguard business continuity through disaster recovery plans affording customers operational resilience. IMS encourages customer agencies to ensure appropriate mitigation strategies are factored into the detailed IMS implementation plan at inception|
E-mail alerts /
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||
Access restrictions in management interfaces and support channels are built into password protected user profiles delineated access privileges at user and administrator levels.
Access restrictions will be TILES System® users will be registered and administrators are provided with audit/privilege rights over based upon client account hierarchies.
IMS support staff dealing with end-user support requests are able to access user profiles but are restricted from accessing client data within the TILES System®.
|Access restriction testing frequency||At least once a year|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||IMS manages data stored on its servers in accordance with the provisions of the Data Protection Act 1998 (DPA 1998) and General Data Protection Regulation (EU) 2016/679. Highest assurance 2048-bit SSL Certification is employed to secure all web-based data transmissions to and from its Azure cloud trusted framework.|
|Information security policies and processes||
IMS operates within a robust security governance and risk management framework headed by the CEO/CTO who holds full responsibility for establishing, implementing, operating, monitoring and reviewing security governance and risk management processes within the company. Each IMS employee, contractor or consultant has freedom to report directly to the CEO/CTO on security governance issues and are responsible for adhering to the company’s security policies, guidelines, standards and procedures.
Data Management responsibility at IMS rests with the CEO/CTO. The IMS Data Protection Officer has delegated responsibility for data protection compliance to ensure that all data is managed and controlled in adherence to General Data Protection Regulation (EU) 2016/679.
IMS operates to robust Standing Operating Procedures within its Information Security Management Framework to ensure security procedures are followed in an appropriate, transparent and repeatable manner. All software development including design, maintenance, testing and quality assurance is undertaken in compliance with certified ISO9001:2008 Quality Management System standards to ensure integrity, transparency and accountability of resultant software products.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||IMS software configuration and change management follows agile methodologies achieving cross-team communication and collaboration and self-organization in a flexible and adaptive development environment. Developers and quality assurance personnel include certified International Software Testing Qualifications Board (ISTQB) testers and also comprise specialist advanced level and security tester ISTQB certified test engineers.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Within the Azure Cloud environment Security Centre offers integrated vulnerability assessment with Qualys cloud agents as part of Virtual Machine functionality.Once deployed, the Qualys agent will start reporting vulnerability data to the Qualys management platform, which in turn provides vulnerability and health monitoring data back to Security Center. IMS developers are able to maintain regular oversight of Security Centre data on behalf of clients to quickly identify and respond to vulnerability threats from within the Security Center dashboard.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||IMS executes its protective monitoring capabilities through the Microsoft Azure Security Information and Event Management (SIEM) solution for the purposes of monitoring, triaging and investigating security alerts. Threat intelligence monitoring is proactively managed as part of the Microsoft Azure Security Centre detection capabilities which includes integrated threat intelligence, behavioural analytics and anomaly detection.|
|Incident management type||Supplier-defined controls|
|Incident management approach||
IMS maintains pre-defined incident management processes to maintain levels of support as defined at clause 5 of the IMS Service Definition Document.
Incident reports relating to Business Critical and Major Operational impacts should be reported via telephone, whilst remaining priority reports may be communicated via email and through in-application support requests.
IMS will administer incident management through a process of identification, logging, prioritization, diagnosis and resolution through to closure. IMS will take steps to communicate with the user community throughout the life of the incident and share post-incident findings with stakeholders.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£39 to £59 per user per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||Basic functionality|
|Link to free trial||https://www.tiles-system.com/|