Acuma Solutions Limited

Transport Management System (TMS)

LiteTMS is a cloud-based solution developed for Borough, City and County councils, Local Authorities, Community Transport Schemes and Volunteer Car Schemes that need to manage logistics or work with multiple parties. LiteTMS automates the day-to-day processes and works with fire-services, school buses, recycling collections, street cleansing, and other field tasks.


  • Fleet Lifecycle Management: record buses, trucks, drivers and associated assets
  • Vehicle Tracking - GPRS/Geofencing methods, real time location of carrier
  • Diagnostics provided: Usage of vehicle telematics; information about status
  • Real-time data from sensors and IOT mechanism to detect threat
  • Remote Asset Management: Based on RFIDs, Barcodes and IOT sensors
  • Driver Behaviour Measurement: safety compliance, punctuality and driving style
  • periodic sms/emails about the scheduled maintenance of vehicles
  • Fuel Management through efficient routing, maintenance and curbing fuel consuming
  • Analytics with Dashboards and Reports


  • Manage day-to-day tasks
  • Manage Partners and Customers
  • Track the vehicels with real-time location
  • Manage statuatory documents: store work-orders, tax-receipts, licensing-permit etc.
  • Easy to understand reports and cognitive dashboards
  • Reduce Human Errors: accessible and real-time updated system
  • Create Quick Orders: Instantly create editable work-orders


£25 to £40 per user per month

Service documents


G-Cloud 11

Service ID

1 7 4 8 8 3 3 5 2 8 3 1 4 3 8


Acuma Solutions Limited

Jonathan Eeley

0161 241 4031

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints LiteTMS is a freight management solution only for Truckload. It does not support LTL, Ocean or Air Cargo shipping. It is only meant for domestic shipping and does not support international shipping, customs clearance and insurance claims. For the fleet management, the hardware device to be installed in the trucks would have to be purchased by the customer, and are not a part of the software solution. The driver app which is a part of this solution is developed only for Android phones.
System requirements
  • A web browser to access the application
  • Mobile phones for location data, if required

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 4 hrs
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AAA
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.1 AAA
Web chat accessibility testing Jaws
Onsite support Yes, at extra cost
Support levels Level 1 support –provide basic support and troubleshooting, such as password resets, break/fix instructions, ticket routing and escalation to Level 2 and Level 3 support. A Level 1 tech gathers and analyzes information about the user’s issue and determines the best way to resolve their problem.
Level 2 support – manage break/fix, configuration issues, troubleshooting. Manage escalated issues that Level 1 support is not equipped to handle.
Level 3 support – Troubleshooting, configuration and database administration. Level 3 tech has the ability to deploy solutions to new problems, and is the go-to person for solving difficult issues.

All levels of support are included in the product cost, no extra cost for support.

Usually, the user raises a ticket which is assigned to one of the available Level 1 support engineer who carries it to completion.
While Technical account manager or cloud support engineer are not needed, they are provided at extra cost. See our SFIA rates for details.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide video based trainings on how to use the software, and user manuals. We also provide a two hour training by one of the sales executives.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction The entire user data is exported in CSV and PDF’s and given to the users at no extra charge. The service can be customised to deliver data with encryption in multiple ways at an extra charge.
End-of-contract process The entire user data is exported in CSV and PDF’s and give to users. A feedback form is given. Typical end-of-sales activities are done at the end of contract, and there is no extra cost for this.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service There are multiple ways to access
1) Native mobile app for information entry
2) Web app for management and administration
3) Native mobile app for information consumption

The differences
● User interface
● Access permissions
● Third party integrations

Typically, the mobile-app user (which can be driver) will be able to access the service to upload the key statistics about the trip. He may not have access to the key reports and statistics available to the system administrator through dashboard. Admins, however, for the ease of access can access the reports and real time status updates via mobile app too.
Service interface No
Customisation available Yes
Description of customisation This is a SaaS solution deployed on cloud.
The users can customize the look and feel of the user interface by choosing one of the available themes of the solution.
Customers can also white-label the solution to add their branding, colours etc.


Independence of resources LiteTMS is deployed on an Azure cloud. In Azure cloud, the users get compute resources on demand. Azure pool its massive hardware resources and provide virtual machines on top of it to the users. Azure used resource over-commitment to best utilize the resources of a virtualised cloud infrastructure, so that user’s aren't affected by a spike in CPU usage.


Service usage metrics Yes
Metrics types The service is priced as per user per month, so the metrics for other usage as device, instance, server load, transactions, data-size is not provided.
This is not to be confused with metrics useful for the service like orders, drivers on duty etc. which are provided and described in the features and benefits.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations EU-US Privacy Shield agreement locations
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Encryption of all physical media
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach The user can export the data through downloadable CSV format files. These files will be available for direct downloads to the permitted users only. Every section which has data in the form of reports or statistics is supplemented by clickable buttons which allows the user to download the data instantaneously.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Legacy SSL and TLS (under version 1.2)
Data protection within supplier network Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability We don’t offer any guaranteed availability. However since the application is deployed on Microsoft Azure and has redundancy, the application is a highly available application. In the past the application has been available for more than 99.5% time
Approach to resilience LiteTMS is deployed on Microsoft Azure, which has built in high availability, disaster recovery, and backup. It’s a proven technology that -
• Keeps the applications up and running
• Creates a resilient environment easier in the cloud
• Minimizes the impact of incidents
• Stays compliant with the first ISO 22301, Business Continuity Management, certified global cloud
Outage reporting We use Azure’s outage reporting as LiteTMS is deployed on Azure.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels There is no separate management access interface setting in LiteTMS.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for Less than 1 month

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security No
Security governance certified No
Security governance approach We do a security risk analysis and feature planning. All services are secured with OAuth and JWT implementation. Microservices are secured through common service gateway with single endpoint. We perform platform security testing and application penetration testing periodically. We audit the software using security threat monitoring tools. SSL is used to encrypt data in transit, and all stored data is encrypted and stored using SQL Azure Services.
Information security policies and processes We do a security risk analysis and feature planning. All services are secured with OAuth and JWT implementation. Microservices are secured through common service gateway with single endpoint. We perform platform security testing and application penetration testing periodically. We audit the software using security threat monitoring tools. SSL is used to encrypt data in transit, and all stored data is encrypted and stored using SQL Azure Services.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach First we identify the need for the change requested, and what needs to be changed or configured. There are several layers of stakeholders that include management which both directs and finances the endeavor, champions of the process, and those who are directly charged with instituting the new normal. A road-map is then defined that includes the beginning, the route to be taken, and the goals. We also integrate resources to be leveraged, the scope or objective, and costs into the plan.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Our vulnerability management process consists of five phases: • Preparation • Vulnerability scan • Define remediating actions • Implement remediating actions • Rescan.
The security officer is the owner of the vulnerability management process. The vulnerability engineer role is responsible for configuring the vulnerability scanner and scheduling the various vulnerability scans. The asset owner is responsible for the IT asset that is scanned by the vulnerability management process. This owner decides whether identified vulnerabilities are mitigated or their associated risks are accepted. An IT system engineer role is typically responsible for implementing remediation actions for detected vulnerabilities.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We work with Microsoft Azure’s protective monitoring approach for LiteTMS. We also run security tests to identify potential compromises, and if we find any, we completely move LiteTMS to a separate instance of Azure. We can move to a separate instances within 24 hours of identifying a compromise.
Incident management type Supplier-defined controls
Incident management approach Our Incident management is closely aligned with the service desk. When a service is disrupted or fails to deliver the promised performance during normal service hours, we put an effort to restore the service to normal operation as quickly as possible. Also any condition that has the potential to result in a breach or degradation of service triggers a response that prevents the actual disruption from occurring. Our incident management process includes Incident identification, logging, categorization, prioritization, diagnosis, Escalation, resolution and closure. Also Communication with the user community throughout the life of the incident.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • Joint Academic Network (JANET)


Price £25 to £40 per user per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Most of the features of the service for a week.
Link to free trial

Service documents

Return to top ↑