CACI Impulse - Education Management Information System
Impulse is a modular, web-based education management system that enables greater efficiency by using a centralised, core pupil record. Impulse provides a holistic view of a child's educational activity and their family circumstances, through advanced reporting functionality, portals and dashboards with optimised mobile accessibility.
- Single database application with a centralised core pupil record
- Flexible, modular offering fulfilling specific education department requirements
- Management information system with analytics and powerful reporting
- Information portals for parents, school, local authorities to access
- Web-based, mobile optimised with self-service and service redesign
- Secure, compliant system enabling multi-user access and information dashboards
- Admissions, Transfers, Appeals, SEND, Social Inclusion, Early years
- Education Psychology, Child Protection, Results & Tracking, Governors
- Welfare Benefits, Specialist Support Services & Music modules
- Powerful HUB data-matching engine that collaborates, synchronises, cleanses data
- Dramatically improves internal processes, affordably and efficiently
- Broadens view of child’s journey through the education system
- Improves integration and quality of data from other agencies
- Robust, mature system which works excellently at scale
- Multi-professional case management; supports better collaboration to safeguard children
- Intensive support provided by Trusted Advisors with domain expertise
- Excellent value for money with tangible time-saving results
- Experienced people, methodology and values; more effective implementation
- Rapid data entry toolkit to save staff time and effort
- Meaningful analytics, dashboards, visualisations using live data (with drilldown)
£35000 per licence per year
- Education pricing available
- Pricing document
- Skills Framework for the Information Age rate card
- Service definition document
- Terms and conditions
- Modern Slavery statement
CACI UK Ltd
CACI Digital Marketplace Sales Team
0207 602 6000
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Service constraints||None, other than internet access|
|System requirements||Appropriate browser enabled device and connection to the internet.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
CACI provide web support and a helpdesk portal 24/7 to process customer issues, requests for support and software changes.
ChildView is a highly secure and available system and several aspects of the application are business-critical, so we aim to deliver maximum uptime.
Application and technical support is available 08:00 to 1800 and at other times by arrangement. If a serious fault (Severity 1 & 2) is reported, and the system is not available or unusable, we will immediately respond and diagnose the issue using our technical consultants. This is typically within two hours if it relates to the software.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.1 AAA|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Yes, at an extra cost|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.1 AAA|
|Web chat accessibility testing||
CACI have reviewed inclusive features in Skype for Business:
- Users with vision impairments can get shared content on their own devices. This lets them use their favorite assistive technologies, such as a screen reader or magnifier.
- Users with hearing impairments can get transcription services in real time, through Communication Access Realtime Translation (CART).
|Onsite support||Yes, at extra cost|
All CACI’s customers receive a comprehensive support package as standard. This is included in the annual support and maintenance charge. Support is an area CACI is confident it over performs in; it’s constantly cited as one of the reasons why our customers partner with us, and why they stay with CACI.
All first line customer care consultants are attuned to practice issues and know how important it is, and are committed to, turning technical issues around quickly when they are affecting a child’s life.
Although our Service Level Agreement (SLA) is focused on service requests, >80% of our support time is spent providing advice to help customers optimise their use of Impulse and its diverse features. We are proud of this level of engagement and certain this is a uniquely beneficial feature of our service, compared to other providers.
Another popular benefit is CACI’s regular engagement with our userbase. We hold regional user conferences, webinars, workshops and actively encourage our userbase to engage with each other, both to help with best practice and to communicate in relation to CACI’s services and the development of Impulse.
|Support available to third parties||No|
Onboarding and offboarding
CACI will confirm all customer requirements for configuration and implementation including training as well as a service start date.
Typically, we offer an initial onsite kick-off meeting with the customer at a suitable location (onsite or nearby) and agree the method and types of users to receive training, this will depend on the customer service needs, number and location of users that require training.
Impulse training sessions are designed to be interactive and are delivered by knowledgeable and experienced consultants, with in-depth knowledge of the solution. Full training documentation will be supplied, as well as user and how-to guides, regular advice notices and webinars.
We continuously improve our software design, implementation, testing and deployment processes. We provide a complete service to manage Impluse, software upgrades and data backups, for example, to fully comply with statutory application and security requirements etc. Three service pack updates are scheduled in consultation with the customer annually.
|End-of-contract data extraction||Onboarding documentation is available on-line, complimentary to our on-site, specialist training package. Off boarding documentation is available on request.|
If a customer chooses not to renew, and once written confirmation is received, we will agree a date on which we are to carry out the data extract. Once carried out it is then securely provided to the customer.
Upon confirmation that all is in order, we then clear Impulse and shut it down, providing written confirmation to the customer that this has taken place and that we have securely destroyed all their data.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||The standard ChildView service works on mobile devices, such as tablets. Extensions to ChildView, for example Search, Capture and Analytics, are fully optimised to work on mobile phones and tablets.|
|Accessibility standards||WCAG 2.1 AAA|
|Accessibility testing||Testing has been carried out in order to meet specific customers requirements to assist their users with specific accessibility needs e.g. JAWS. CACI has experience of tailoring visual displays for users with visual impairment, for example. Upon contract start CACI's team will discuss any specific requirements before Impluse is implemented.|
|What users can and can't do using the API||
Impulse can interface and integrate with a range of modern systems.
CACI can reference examples of similar interfacing and integration, for example, automatic updating of education training attendance and attainment, care status and looked after children's placements, police notifications etc.
In addition to offering generic interfacing and inter-operability with other 3rd party systems, Impulse provides a web service application programming interface. We have also developed RESTful interfacing with Impulse to enable interfacing with mobile software devices as well as for other purposes.
|API sandbox or test environment||No|
|Description of customisation||
Impulse can be customised at a service level to include a number of different modules, generate specific reporting, dashboards, user permissions and role-based settings.
Users can also customise their personal dashboard, generate specific reports and include / remove certain windows and sections of information based on relevance to the users work.
We also offer systems integration options. These are configured as options and require the Impulse Hub matching and systems integration product. The number and type of feeds to Local, Regional and Government systems is virtually unlimited.
|Independence of resources||Regular testing and enhancements to our service and hardware are conducted. Up-time and performance assurances are provided in our SLAs.|
|Service usage metrics||Yes|
|Metrics types||Service metrics can be provided on usage of Impulse with various user-defined variables.|
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Supplier-defined controls|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a CHECK service provider|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||ChildView uses an integrated reporting and filtering system for users to define precisely the data that users want to extract themselves.|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
|Other protection within supplier network||CACI use a mixture of these protection protocols across the CACI network, relating to different projects and the scale / security levels required.|
Availability and resilience
We guarantee 99% availability, using the following definitions:
• Network resilience is defined as recovery in less than 2 hours
• Physical Machine resilience is defined as less than 5 minutes
• Virtual Machine resilience is defined as less than 15 minutes
• Data Center recovery is defined as less than 1 hour (if secondary site option purchased)
|Approach to resilience||
CACI has various contingencies in place including:
- N+1 best practice and physical arrangements in our accredited UK data centres.
- Environmental protection includes gas and fire suppression systems, N+1 air-conditioning systems with nothing combustible stored on site.
- CACI also operate contingent power, computing and network capacity which includes highly resilient HP RAID technology.
Further information about resilience of our service is available on request.
|Outage reporting||Email alerts and phone calls.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Username and password plus internal processes, audited in accordance with ISO 9001 and ISO 27001 protocols.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||BSI|
|ISO/IEC 27001 accreditation date||19-07-2016|
|What the ISO/IEC 27001 doesn’t cover||Not applicable|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||
|Other security governance standards||Cyber Security Plus|
|Information security policies and processes||
CACI provides systems integration, software applications and consultancy services to customers from across the public and private sectors. We manage sensitive data on behalf of our customers ensuring that the confidentiality, integrity and availability of information is maintained always.
CACI is dedicated to protecting all customer data and systems using industry best practise for security. We have implemented an Information Security Management System (ISMS) containing policies, procedures and robust technical controls to systematically manage sensitive data, systems and processes in accordance with ISO 27001:2013.
Our customers demand the highest levels of data security, and our ISMS is subject to regular rigorous internal & external audits by our customers. CACI has been certified by the British standards Institute to ISO 27001 since 2006, cert # IS501477, covering all CACI offices and data centers, demonstrating our commitment to information security. We also hold Data Seal, cert # DS 27001/1-2014 and Cyber Essentials certification, cert # CES-CSR-10006.
All our systems are installed on highly available hardware in CACI owned data centres, backed up nightly on offsite encrypted media, patched regularly, while being protected by high-end firewall systems, intrusion detection and antivirus systems. Complete network penetration tests are performed annually by independent third parties.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Documented change management systems form part of ISMS. Major/significant changes are peer reviewed and approved by the change advisory board (CAB) which delivers support to a change management team by approve, assess, prioritise the requested changes.
All changes are subject to our Change Control Policy. Where there’s the possibility of an impact to user activity, the appropriate stakeholders are notified for feedback.
Changes are forwarded to Change managers for CAB approval, who may append plans when appropriate.
Robust systems acceptance testing processes have been established for all new information systems, upgrades and new versions, conducted by dedicated quality assurance team.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
Independent penetration testing is conducted annually. Regular vulnerabilities scans are conducted utilising the Nessus vulnerability scanning product. CACI’s in-house cloud hosting solution has an independent IT Health Check and approved for government PSN standards.
Deployment of service packs / updates are in accordance with ISO27001 policy; first to a test group then after a successful testing period deployed to the remainder. Critical patches are applied immediately. Systems / applications are routinely updated/ patched to the latest release levels to ensure best practices for security via leading security applications, alerts, publications to counter new / emerging threats.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Active Directory event logging is enforced and captures all appropriate events to prevent security incidents and malpractices. Systems are additionally monitored via Quest Change Auditor software, a dedicated security logging tool, which audits the activities taking place within our infrastructure and delivers detailed information about vital changes and activities as they occur to all peer administrators, including the IP address of the originating workstation, where and when it occurred, along with before and after values.
Checkpoint's SmartCenter and HP Systems Insight Manager (HP SIM) is used to monitor systems and alert administrators of possible security, capacity or resource problems.
|Incident management type||Supplier-defined controls|
|Incident management approach||All Security Incidents are recorded and documented in-line with our security incident policy and response procedure, for each incident a root cause analysis is conducted and a preventative action will be implemented to prevent or reduce the probability of the incident reoccurring in the future. A Security Incident Support call is raised to the Projects & Security team within the Technology Department. The support call requires analysis, corrective action and preventative action to be recorded.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||Yes|
|Other public sector networks||CACI provide connectivity to DfE eligibility checking service.|
|Price||£35000 per licence per year|
|Discount for educational organisations||Yes|
|Free trial available||No|