TROJAN CONSULTANTS LIMITED

Caspar Cloud

The Caspar Cloud SaaS application is a comprehensive case and financial management solution for Public Deputies, Solicitors, Appointees and their teams to manage the property and financial affairs of their clients under the orders and rules of the Court of Protection.

Features

  • Automatic creation of planned income/expenditure facilitating financial planning
  • On-screen account reconciliation / optional automation using bank transaction files
  • Court of Protection workflow and system generated application forms
  • Property/vehicle register with the facility to attach documents
  • Letter writer to create bespoke templates populated with data
  • User diary plus client notes, visits and funeral functionality
  • User defined workflow to document departmental procedures
  • Appointee and deputy fee calculation and forecasting
  • Report writer to create and save user defined reports
  • Pre-populated Office of the Public Guardian annual returns

Benefits

  • A complete integrated client record, eliminates the need for spreadsheets
  • Centralisation of processes and client data
  • Improved caseload allocation and management
  • Increased accuracy and efficiency in the account reconciliation process
  • Automation of the fee calculation process
  • Dramatically reduces time spent collating data for OPG reports
  • Facilitates the court application process
  • Improves reporting capabilities and data access
  • Helps teams meet audit and statutory reporting requirements
  • Time savings allow staff to manage more cases

Pricing

£21,250 a server a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at larry.morgan@trojanconsultants.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

1 6 6 5 2 9 5 9 1 9 1 1 0 3 1

Contact

TROJAN CONSULTANTS LIMITED Larry Morgan
Telephone: 01527 882255
Email: larry.morgan@trojanconsultants.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
CasparV is designed to work with the latest versions of Microsoft Edge, Google Chrome, Firefox and Safari or any appropriate browser with HTML5 support and requires access to the system via the internet. There are no other constraints.
System requirements
  • Computer with up to date internet browser
  • For 2-Factor Authentication a smartphone (android or iOS) is required

User support

Email or online ticketing support
Email or online ticketing
Support response times
On receipt, questions are triaged as being business critical, an interruption to normal service or non-serious.
Response and action to fix a business critical issue is provided within 2 hours.
Response to service interruption issues is provided within 4 hours with a 2 day fix time whilst non-serious issues carry a 4 hour response time with a fix in within 5 days.
The standard support service is available from 9am to 5pm, Monday to Friday excluding public holidays. Out of hours support may be arranged at additional cost.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Web chat is accessible through the Trojan Consultants Limited website. In the chat users can initiate a live chat session with a support representative. If no representative is available to respond a ticket will automatically be created and the standard SLA will be applicable.
Web chat accessibility testing
No web chat testing with assistive technology users has been carried out so far.
Onsite support
Yes, at extra cost
Support levels
Level 1 Business Critical – the system cannot fulfill its statutory business duties and the system is down - priority response and fix in 2 hours.
Level 2 Interruption to normal service.The system still performs the majority of statutory duties, but the fault prevents aspects of this not to be performed - response in 4 hours with fix in 2 days.
Level 3 Non serious. The system does not perform as per the user manual, is available for normal work but a more manual intervention is required - response in 4 hours with fix in 5 days.
The support service is included in the annual licence charge which covers all support and help desk assistance. The licence and support cost is calculated on a sliding scale based on the number of concurrent user licences held by the customer.
Each site is provided with a dedicated, named technical support contact
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The first stage of the consultancy, training and implementation process is delivered through a Workshop day where managers and operational staff are given a detailed presentation of the system and the underlying processes involved, in order to illustrate the scope of the system and to properly inform the changes in business procedures that may be required to fully realise the benefits and efficiencies offered by the implementation of the software. The session also focuses on data migration and system configuration.
Detailed user training is provided either online or on-site as part of an agreed programme covering all aspects of system set up and daily use. The exclusive members area on our website also gives users access to the following resources:
• User guides covering all system modules
• Educational ‘how to’ videos focusing on core system functionality
• User forum to ask questions and share best practice
• Online support tool to request advice and guidance
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
Video
End-of-contract data extraction
On termination of the contract Trojan provides a free of charge data extraction service whereby the data will be ready to be transferred within 1 working week of receipt of the customer request.
End-of-contract process
Customers will be provided, free of charge, a full copy of their data in CSV format or SQL files in zipped format. If assistance is required to migrate to another system, then this can be provided at the prevailing professional services rate by mutual agreement.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
No
API
No
Customisation available
Yes
Description of customisation
User defined reporting and document production i.e letter and forms
User roles and access levels
Customised field names

Customisation is usually limited to a system supervisor with appropriate access permissions.

Scaling

Independence of resources
Each environment is built separately and dedicated for a single customer. Based on the agreed number of the users, hardware and software configured in a manner to allow at least 20% headroom in case of spikes in user demand from a customer.

Analytics

Service usage metrics
Yes
Metrics types
User activity, System Usage, Service availability up-time, Service downtime analysis
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
The CasparV application includes a report generator which allows users to build user defined reports to extract data in CSV format. Reports can be automatically output to MS Excel to enable the data to be edited or manipulated by the user into the required reporting format.
Data export formats
  • CSV
  • Other
Other data export formats
  • Microsoft Word compatible formats
  • Microsoft Excel compatible formats
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
There is guaranteed level of availability for the Caspar application of 99% based on 24 hours per day. There are no contractual refund allowances under Trojan's current contractual Terms and Conditions of Business.
Approach to resilience
Full details of the datacentre setup utilised by Trojan Consultants Limited is available upon request.
Outage reporting
Outage reporting is provided manually via email to the users affected by any downtime.
Due to the nature of the service it is highly unlikely that multiple customers will be affected by a particular outage issue.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Named, per-user administrative accounts. Two Factor Authentication to access all business and administrative resources
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials Plus

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
The Company's security governance policies are written in line with certified standards and best practice. Updates to the policies are issued and staff training is carried out to ensure that all employees are fully aware of their responsibilities and actions required should they recognise a breakdown in the operation of the policies.
The datacentre that provides the application platform adheres to a broad range of information and security certifications & standards including SSAE18 SOC1, SOC2, SOC3, PCI DSS, ISO27001, ISO14001 and ISO9001
Information security policies and processes
The datacentre is certified to ISO27001.
Trojan Consultants Limited recognises the importance of excellence in governance and has produced procedure and policy documents that cover all the major areas of good governance from major frameworks although at this time it has not certified to any framework standards.
Policies cover an annual Cyber Essentials Plus audit, identity and access management, data encryption and data retention and protection procedures.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All server configuration changes are documented on our Helpdesk and tracked on a client basis. All software changes and updates are tracked and documented in the release notes and the repository, new software is extensively tested in-house on a virtual environment before deploying to production. At this stage, in-house security testing is carried out and release is scheduled after satisfactory results.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Potential threats are assessed via a continual process of in-house vulnerability testing based on the latest intelligence around system attack methods etc.
Updates are applied in 14 days or less from release.
• Updates that apply to the Windows® operating system (OS) itself.
• Updates that are installed by default.
• Available add-on roles or services.
• Non-security updates if Datacentre Support and Trojan Consultants determines that they address a specific need that applies to our customer base as a whole, such as cumulative time zone updates.
• The latest definition updates for Windows Defender during monthly patching.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
The service is protected by antivirus and real time monitoring.
• Real time protection of file system from malicious code in monitoring mode
• Scanning and neutralization of malicious code at the administrator’s request
• Constant scanning of dangerous VBScript and JavaScript scripts
• Scanning of riskware
• Quarantine of suspicious objects

If any of this monitoring is triggered, real time, 24/7 protection is provided.
Incident management type
Supplier-defined controls
Incident management approach
Incidents are reported to Trojan via email from the hosting provider and further actions decided based on the nature of the incident.
The service is monitored 24/7 for the most common security and service incidents and a team of experts at the hosting site are constantly evaluating the results.
Trojan's incident response team will investigate reported incidents and initiate CAPA with the hosting provider. All incidents and investigation reports will be recorded in our support system and shared with customers.
Our hosting partner conforms to the following standards - SSAE18 SOC1 SOC2 SOC3 PCI DSS ISO27001 ISO14001 ISO9001

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£21,250 a server a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
The free demonstration version includes :
a single user system made available for 5 working days as standard
a fully functional system excluding document export
a pre-populated demonstration database
The customer is expected to take full responsibility for the data entered, used and viewed in the system

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at larry.morgan@trojanconsultants.com. Tell them what format you need. It will help if you say what assistive technology you use.