i2N Ltd

Interventions Manager

The tool of choice for rehabilitation used in Probation, Youth Justice, Prisons and Community non-offender programmes by government, private companies, mutuals and charities. Manages all types of interventions from complex group-work Accredited Programmes to CPOs. Secure; available on browsers over secure internet or PSN. Interfaces with Case Management.

Features

  • Built-in CMS facility or easy integration with your CMS
  • Customisable screens to suite your workflow
  • Internet portal and SMS for communicating information and appointments
  • Designed by expert practitioners
  • Secure cloud-hosted, accredited for OFFICIAL-SENSITIVE data
  • Accessible via all browsers
  • Works on desktop PCs, laptops, tablets and smartphones
  • Friendly, responsive support from SC Cleared, ITIL trained staff
  • Easy to select and export selected data to Excel
  • Powerful query and reporting features

Benefits

  • Manages all interventions from one-on-one to complex multi-segment groupwork
  • Supports individually targeted pathways to reduce recidivism
  • Sophisticated scheduling and conflict management Improves efficiency, cuts costs
  • Workflow ensures timely involvement of all practitioners
  • Supports collaboration, select the right partner for effective delivery
  • Ensures rigour in delivery of Accredited Programmes
  • Remote data entry on tablets for non-office interventions
  • Transition rehabilitation through different departments (youth, prison, probation)
  • Ability to view session recordings
  • Powerful dashboards, reporting and analysis support KPI achievement

Pricing

£500 per unit per month

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

2 3 4 1 4 6 7 6 3 7 7 1 2 5 6

Contact

i2N Ltd

Marco Fiorentino

01473 731230

marco.fiorentino@i2n.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
Interventions Manager can be used on PCs, Laptop or tablets and is tested for compatibility with latest versions on all common browsers but may need to be tested with very old browser versions.
Depending on the sensitivity of your data you can access using internet or a secure intranet; we will work with your data-owner to set up appropriate controls to protect your data.
Service Desk support is currently 08:00 to 18:00 on working days. Extended support up to 24/7 can be provided on request.
Maintenance is currently done at weekends. Maintenance windows can be agreed with individual customers.
System requirements
  • A PC, laptop or tablet
  • Modern Browser
  • Data owner/accreditor may decide on added security features

User support

Email or online ticketing support
Email or online ticketing
Support response times
Incidents can be raised with the Service Desk by email or telephone and will be responded to within 15 minutes during office hours. Normal office hours are 08:00 to 18:00 weekdays (except public holidays), calls or emails received outside of these hours will be responded to within 15 minutes of the start of the next working day. Extended cover up to 24/7 can be arranged if required with the same response times as working days.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Yes, at an extra cost
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
Web Chat support is provided by a COTS product that has been extensively tested for assistive technology support and conforms to W3C AA Standards for Accessibility. AT compliance of Web Chat is verified with each IM release and tested with a variety of AT Users including some who are visually impaired.
Onsite support
Yes, at extra cost
Support levels
Interventions Manager is a Software-as-a-Service product with Service Desk, Hosting, Infrastructure Support all included in the cost. Standard Service Desk support is the same for all customers: Service Desk hours 08:00 to 18:00 weekdays (except public holidays), accessed via email, customer portal (with Web Chat support) or phone, responses within 15 minutes, severity one incidents resolved within 4 hours (see detailed SLA). The i2N Service Desk is staffed with ITIL trained, SC Cleared Analysts, fully trained on the IM application able to resolve the majority of incidents on the first call. Extended Service hours up to 24/7 quoted on request at individual customer rate depending on requirements.
Support available to third parties
No

Onboarding and offboarding

Getting started
The standard onboarding process is free and consists of the initial set-up of authentication and loading of reference data. Interventions Manager comes with a self-service portal for password maintenance with administrator facilities for on-going security management. We can set up the administrators who can then manage the rest of the staff or we can perform an initial loading by importing a CSV file. Each customer will have an account manager who takes care of the onboarding process, ensuring the correct set-up of authentication and reference data. IM has an individual instance of the IM training system for each customer and comes with a free train-the-trainer session.
Additional on-boarding including cascade training, development of bespoke modules or APIs or individual infrastructure will be quoted on an individual basis.
The standard IM offering is a multi-tenanted offering utilised by multiple customers with individual authentication paths to segregate their data. Customers with particularly sensitive data may request an individual bespoke hosting environment (in the cloud hosting environment of their choice) with addition security and defence architecture. MOJ customers already have an accredited multi-tenanted infrastructure in UKCloud Elevated so additional on-boarding infrastructure is quick and cost-effective.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
At the end of the contract customers will be provided with their production data using a CESG certified procedure. The data is extracted from the production system and can be provided in a number of formats including SQL Server, CSV and Excel. If the data is sensitive, we will protect it on a CESG approved encrypted drive that will be securely transported to the customer using a process approved by the customer data owner. Once the data has been extracted the cloud data storage will be erased using CESG approved techniques.
End-of-contract process
Interventions Manager is a cloud hosted Software-as-a-Service Product and is charged on a usage basis plus a basic monthly subscription. At the start of the contract each customer is provided with a URL to access IM and their users are set up with valid authentication to access the system. At the end of the contract, after the customer data has been returned, access will be removed and the customer’s databases (including the authentication) will be erased using CESG approved techniques. There is no additional cost to provision of the data extract or termination.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Interventions Manager is built using modern application frameworks which allow an easy transition between desktop to mobile devices. The i2N development team are working on additional rendering benefits to improve usability for smaller devices. Device-aware components automatically switch appearance and behaviour to best suit the device, providing a better experience for touch screens. Finger taps and gestures arrive as normal mouse events, so your event handlers work. Context menus/hovers trigger via touch-and-hold, and drag and drop via finger slides.
As a cloud application, IM is compatible with many browsers on tablets, allowing use without the need to install an app.
Service interface
Yes
Description of service interface
I2N's applications are built to use modern, lightweight REST/JSON web service interfaces; to best enable open and extensible architectures that can integrate between systems, data mining and application extensions.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
I2N’s utilises modern frameworks and technologies which deliver the basic set of requirements for semantic and accessible UI code. We perform assistive technology testing using ZoomText, JAWS and Dragon Naturally Speaking and ensure we are in compliance of W3C AA Standards for Accessibility. With each new release of Interventions Manager, we engage with AT users to get feedback and respond to any concerns identified. Interventions Manager, has been delivered across the Probation Estate and tested with a variety of AT Users including some who are visually impaired.
API
Yes
What users can and can't do using the API
Interventions Manager has an easily configurable API for interfacing with Case Management Systems. The standard interface (currently implemented for the National Probation Service) automatically transmits all new intervention requirements from the CMS to IM. In IM, the referrals are accepted and enrolled and the schedule of intervention sessions is sent back o the CMS for inclusion in the diary. As sessions are attended the relevant information (attendance/ non-attendance and other option information) is fed back to the CMS. Enforcement is configurable and can happen in either system. The standard API operates between any SOAP / RESTful interface on the CMS and is quick to implement at On-Boarding. Changes to the interface can be requested and new interfaces developed to interface with other applications (Enterprise Resource Planning, HR and other systems) are bespoke development developed prior to on-boarding at additional cost.
API documentation
Yes
API documentation formats
Other
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Because Interventions Manager has been developed using a micro-services architecture it is easy to customise. The IM Roadmap is reviewed at bi-annual User Group Meetings and the user community agrees on priorities. Representatives from the User Group also participate in Agile development of the releases ensuring that each enhancement benefits from practitioner input. The Bi-annual releases are included in the SaaS license subscription but individual customers can also request bespoke development. Customer funded bespoke modules are held in individual micro-services only executed for that customer; these enhancements are developed with the customer using the agile methodology, the IP is retained by the customer and source and object code are owned by the customer enabling the customer to exploit the same service in other applications. This is useful for non-CMS APIs, standard services such as internal reference data and also useful for innovative interventions developed by a customer that the customer wants to keep confidential.

Scaling

Independence of resources
Performance on all customer systems is monitored with real-time dashboard displaying utilisation of processor, memory and disk. Automatic alerting provides timely warning or the need to augment resource and new virtualised resource can be implemented before any impact occurs. Network analysis tools display all internal traffic within applications so any constraints building on any system node are anticipated and managed. Customers with particularly sensitive data may opt to operate on dedicated virtual cloud infrastructure for security reasons; regardless of whether running on dedicated or shared infrastructure resources are maintained well above thresholds and monitored to ensure better that SLA performance.

Analytics

Service usage metrics
Yes
Metrics types
Interventions Manager provides detailed usage metrics. The Software-as-a-Service charge is calculated on a combination of a fixed fee per business unit and a variable fee based on usage and customers are provided with the number of user logged-on each day, the number of unique users logged-on (as opposed to someone who takes a break and comes back into the system), number of clients / offenders, the number of open interventions and a history of he completed interventions. Service Desk statistics on incident management and SLA performance are also available to users and to the User Group.
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Interventions Manager is designed to provide easy access to data within and outside the application. The micro-services architecture facilitates interfacing through APIs including a standardised CMS interface which passes all attendance and progress data back to the CMS and the potential for customised interfaces with other customer applications. Standard reporting provides comprehensive dashboards and KPI monitoring and users are able to build their own reports and data extracts. Search screens are customisable and the data from any search can be exported to Excel.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Interventions Manager SLA is 99.9% availability during core hours (08:00hrs to 18:00hrs weekdays and Saturday mornings to 14:00hrs) expect public holidays) and 99% outside core hours with the exception of agreed maintenance windows. Maintenance windows for application enhancements and system patching and security updates are agreed with the User Group (currently Wednesday night after 22:00hrs and Saturday night from 18:00hrs to Sunday at 12:00 midday). Individual customers on dedicated cloud infrastructure can agree different maintenance windows to suit their operations. Refunds operate on the following scale:
Availability achieved falls below 99.9% in core hours - 10% of license fee,
if it falls below 95% in core hours - 15% of license fee
and anything below 95% in core hour - 20% of license fee.
Approach to resilience
Interventions Manager is designed for resilience. Defence-in-depth architecture requires single purposed servers so for security purposes web-front-end-servers are separated from applications servers, database servers and authentication servers with firewall controls on access between. Each function has redundant servers so for example if one web-front-end server should fail user access automatically fails over to another working server. Monitoring ensures that any outage is immediately recognised and dealt with quickly so single component failures are short and do not impact the service. We also provide a range of cost-effective site disaster recover scenarios to cover the unlikely event of a full site disaster. More detailed resilience design information is available to customers on request. In addition to the standard high-resilience offering, there are a number of individually tailored, cost-effective options available.
Outage reporting
The i2N Service Desk maintains a list of key stakeholders for each Interventions Manager customer. In the unlikely event of an unplanned outage, emails are sent to those stakeholders notifying them of the outage. Periodically, they are given updates as to Incident Management progress, estimated time of resumption and eventually, root-cause analysis. Additionally, the URL is re-directed to a screen informing users of the outage and offering an anticipated recovery time. Planned maintenance outages are agreed with the User Group or with individual customers (running on dedicated cloud infrastructure) and posted in advance on the logon splash screen.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Interventions Manager is supported by the i2N Service Desk supported by second-line Live Services support and applications support. Access to the live environment is strictly controlled to SC cleared staff on the principle of least privilege. Access is issued by security management to specific individuals for specific tasks for specific periods and controlled through rigorous authentication policies. A full audit trail of all interventions is maintained for forensic purposes.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
DNV GL
ISO/IEC 27001 accreditation date
26/03/2019
What the ISO/IEC 27001 doesn’t cover
The scope of the Information Security Policy includes the entire company. Specifics are: all identified company assets, based in Suffolk office, the corporate communications infrastructure that supports all company business areas and functions. All staff -all employees and all Associates contracted to i2N at any time.​ All company assets are listed within the i2N Configuration Management database are considered to be within the scope of the information security policy. All company assets are included in scope of ISO27001 accreditation apart from 2 Meeting rooms located in Unit 1A, Copdock.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials Certificate of Compliance
  • I2N PSN Connection Compliance Certificate
  • Formerly MoJ-CESG PGA i2N dev, test and AGN network

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials

PSN Compliance Certificate
Information security policies and processes
I2N has a number of inter-connected governance frameworks in place which control how the company operates and provides its services to customers. The most relevant of these is certification to ISO/IEC27001:2013, the international standard for Information Security Management Systems. Various policies refer to: SPG016P-Acceptable use of i2N resources & assets; SIM009P – User account security instructions and password management; SIM033P-User access control instructions; SPG017P-Physical security procedures; SPG018P-Data handling procedures; SPG019P-Data access procedures; SPG020P Network access procedures; SPG022P-Change management; SPG026P-Incident management; SPG027D- Business and service continuity; SPG032P-Backup procedures; SIM011P – i2N Network Administrator SyOps; SIM039N – i2N Infrastructure Group Policies; SIM020N – Log Monitoring Guide; SPG023P Internal IS Audit Procedures; SPG029P Document Management Procedure; SPG030P Compliance Checking Procedures; SPG036P Software Patching Procedures; SPG037P Hardware Lifecycle Management; SPG038P Software Lifecycle Management; SPG042P Software Development - Testing; SPG045P Agile Software Development Policy; SPG046P Secure Services Engineering; SIM003P Illegal Working checklist; SIM034P Staff Recruitment Checklist; SIM041P Infrastructure Outage Instructions; SIM043P Acceptance into Service Checklist There are several other Technical server builds, client builds, vulnerability management, firewall controls baselined documents. All policies are covered by i2N review procedure. Policies for critical assets are reviewed six monthly and other are reviewed at least annually.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
I2N is ISO27001 accredited and follows rigorous Configuration and Change Management processes. All proposed Change Requests (CRs) to Interventions manager are reviewed and must be approved in advance by the Product Management, Infrastructure Management and Information Security. The CR specifies all Configurations Items (CIs) that will be impacted by the change and, once the change has been completed, tested and implemented the ISMS Manager verifies that the Configuration Management Database(CMDB) is updated. The ITIL Service Desk tracks all incidents against CIs giving a lifetime history of that item and the ability to analyse CIs that are the root-cause of incidents.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
I2N has operated for twenty years in the management of sensitive data; we are ISO27001 and Cyber Security accredited, all staff are SC cleared and Interventions Manager is accredited to hold Official-Sensitive data. Vulnerability Management is an on-going process led by CESG-certified security consultants; Risk Management and Accreditation Document Set (RMADS) are maintained, full Health check by external certified check consultants are conducted annually and internal software in the SIEM security set monitors all components for up-to-date patching and virus definitions. Enterprise-class security toolset is maintained by suppliers with latest threat information.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Interventions Manager is protected by the i2N Secure Operations Centre (iSOC). The application has in-build, GPG-compliant logging and all application and system logs have been reviewed and any that indicate a potential threat are alerted. The iSOC team monitors alerts displayed on consoles in the secure area. Potential threats have been analysed with clear escalation paths to second-level support and proceduralised responses to specific threats. The ISOC team also monitors trends of user activity through reporting looking for suspicious or anomalous behaviours. All messages, application and infrastructure are retained is the system log (with integrity protection) for forensic purposes.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
The i2N Service Desk has an excellent reputation for support of front-line users. All staff are fully trained in Interventions Manager, able to resolve any training issues and, wherever possible, to find a workaround to any issue. They have access to a Near-Live-Environment (NLE) to enable them to replicate and diagnose any issues. All incidents are managed using the ITIL best-practice methodology and all staff are fully trained. Incidents can be raised by phone, email or on the Help-Desk Portal and are managed to strict service levels (available on request). Incident Management reporting is made available to User Group members.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
Public Services Network (PSN)

Pricing

Price
£500 per unit per month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
A free trial is provided covering software, service desk and hosting. This is suitable for non-secure trial usage. More secure trial environments can be provided although this is likely to involve some up front costs. Please contact i2N to discuss security requirements for a trial.

Service documents

Return to top ↑