Bramble Hub Limited

Bramble Hub Imperial Civil Enforcement - 3sixty Notice Processing with self-service

3sixty is our powerful back-office software solution that offers automated, end-to-end notice processing with very little need for manual intervention. 3sixty and its public facing self-service portal, 3sixty Citizen will enable you to transform the way you deliver your parking services and interact with customers.


  • Managed infrastructure available 24/7
  • Business Processing Unit
  • End-to-end notice processing for both PCNs and environmental
  • Workflow management
  • Automated processes
  • Compliant with all relevant legislation
  • Browser based accessibility
  • Real-time handheld device using smartphone technology
  • Reporting and management information tools
  • Public facing, branded portal offering fully transactional service


  • Enables customers to meet digital objectives and transform service delivery
  • Introduces significant cost savings and added value
  • Provides a fully transactional web service for motorists
  • Has additional tools and interfaces that will facilitate community engagement
  • Hosting boosts efficiency of budget negating need for capital outlays
  • Business processing service offering improved recovery rates
  • Flexible solution to accommodate specific customer needs and requirements
  • Management tools promote intelligence led enforcement
  • Constantly evolving solution with customer led upgrades twice yearly
  • Seamless and rapid implementation – integration with multiple third parties


£1920.00 per user per year

Service documents

G-Cloud 9


Bramble Hub Limited

Roland Cunningham

+44 (0) 2077350030

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints None
System requirements
  • Desktop capable of running Citrix XenApp client
  • At least 1Mbit internet connection
  • Firewall to secure client-server connection

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Depending on priority level, clients` questions are attended to between 1 to 8 hours on workdays between 8.00am and 6.00pm
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels ICES provides on-site training and technical support. As part of these, a trainer and or consultant is dispatched. For pricing and daily rates, please refer to the SFIA score card.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Following a discovery meeting, where user requirements are assessed, clients are handed over a fully tailored system. The onboarding service includes a one day user training. ICES support services are available from the outset should the client require.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction At the of the contract, the client is provided with a copy of the database tables containing their data.
End-of-contract process At the end of the contract, the service is switched off, the client is provided with a copy of the database tables containing their data. All client data in possession of ICES is securely deleted. In case this coincides with decommissioning of hardware then the hardware is also securely disposed of.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install Yes
Compatible operating systems Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The self-service portal is mobile optimised, no functional differences exist
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing None
Customisation available Yes
Description of customisation Users can cusomtise progression trees and letter templates in the back-office notice processing system. ICES will tailor the look and feel of the self-service portal according to the client`s requirement


Independence of resources Infrastructure is designed with considerable headroom to cope with peak traffic and is monitored for issues.


Service usage metrics No


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Standard in-built data export facilities enable users to export DVLA data, enforcement agents` data, any report generated as well as case search results. To allow for 3rd party printing, all required data can be exported
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • XLS
Data import formats Other
Other data import formats XML

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks IPsec or TLS VPN gateway
Data protection within supplier network Other
Other protection within supplier network We have an MPLS link between our offices.

Availability and resilience

Availability and resilience
Guaranteed availability Owing to the headroom, redundancies and monitoring incorporated into our infrastructure, we are able to guarantee 99.9 per cent uptime. ICES works in accordance with its hosted service SLA, which lays down incident severity levels and resolution times. ICES will take all reasonable step to achieve a Resolution of Incidents within the Target Resolution Times. In the event ICES fails to meet a service level, service credits will be calculated which can be used for ICES services or training.
Approach to resilience The system is hosted at our head office in Bristol with a disaster recovery site at our operations centre in Northampton.
We have built our network infrastructure with double redundancies:
- Server resilience is achieved through virtualisation using Vmware
- Storage resilience is achieved through SANs
- Network resilience through virtualised network
using redundant hardware. All servers, power, firewall (SonicWall), switches (Arista) and network connections are duplicated for resilience in the data centres. The primary and disaster recovery data centres are triangulated using a KCom/BT 21st Century Network.
In addition, there are essentially four levels of data security to ensure the Council is protected from loss due to any system failure or type of disaster:
• A snapshot of the data is taken automatically every 15 minutes;
• Any changes on the Storage Area Network (SAN) are replicated from Bristol to Northampton and vice versa every ten minutes;
• Daily back-up to a separate server;
• Weekly transfer from server to tape.
Consequently, at any one time there are effectively five copies of the data: live, snapshot, replicated, backup (disc) and backup (tape).
Outage reporting Instant messaging, e-mail and SMS alerts to Support Team.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Dedicated link (for example VPN)
Access restrictions in management interfaces and support channels Access is restricted through elevated accounts in active directory.
Access restriction testing frequency At least once a year
Management access authentication Dedicated link (for example VPN)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security No
Security governance accreditation No
Security governance approach In accordance with an ISO27001 approach the different risks to the business are analysed and either resolved, mitigated or accepted. Different aspects of the operations have different policies and recovery strategies in place.
Information security policies and processes Access Control systems are in place to protect the interests of all users of the Company computer systems by providing a safe, secure and readily accessible environment in which to work. A formal process is conducted at regular intervals by system owners and data owners in conjunction with the Infrastructure Department to review users’ access rights. Confidentiality and data protection clauses are integral part of the employment contracts as well as contracts with business entities. In addition ICES has Data Protection and Information Security Policies in place.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We follow the agile software development methodology. Typically we release 2-3 new versions of our system annually however the release dates depend on when tangible business benefits using the new version can be delivered.
When a new release is available all users are emailed with a set of detailed release notes documenting the changes, additions and fixes in the release. Where a change, addition or fix is of a particular benefit to a specific customer they are contacted directly by ICES Support.
Vulnerability management type Undisclosed
Vulnerability management approach Undisclosed
Protective monitoring type Undisclosed
Protective monitoring approach Undisclosed
Incident management type Undisclosed
Incident management approach Undisclosed

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £1920.00 per user per year
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑