CACI Impulse - Education Management Information Software System EMIS [SW2]

Impulse is a modular, web-based education information system for LAs & Schools that enables greater efficiency by using a centralised, core pupil record. Impulse provides a holistic view of a child's educational activity and family circumstances, through advanced reporting functionality, portals and dashboards with optimised mobile accessibility to improve outcomes.


  • Single database application with a centralised core pupil record
  • Flexible, modular offering fulfilling specific education department requirements
  • Management information system with analytics & powerful reporting
  • Information portals for parents, schools, local authorities, professionals to access
  • Web-based, mobile optimised with self-service & service redesign
  • Secure, statutory compliance; enabling multi-user access & information dashboards
  • Admissions, Transfers, Appeals, SEND/ALN, Referrals, Early years, EHCPs
  • Education Psychology, Child Protection, Results & Tracking, Governors, Online PEP(ePEP)
  • Welfare, Benefits, Specialist Support Services & Virtual Schools (LAC attendance/exclusions)
  • Powerful HUB data-matching engine that synchronises, cleanses data


  • Dramatically improves internal processes, affordably & efficiently
  • Broadens view of child’s journey through the education system
  • Improves integration & quality of data from other agencies
  • Robust, mature system which works excellently at scale
  • Multi-professional case management; supports better collaboration to safeguard children
  • Intensive support provided by Trusted Advisors with domain expertise
  • Excellent value for money with tangible time-saving results
  • Experienced people, methodology & values; more effective implementation
  • Rapid data entry toolkit to save staff time and effort
  • Meaningful analytics, dashboards, visualisations using live data (with drilldown)


£35,000 a licence a year

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

7 1 0 2 3 3 4 2 5 9 1 7 5 8 7


CACI UK Ltd CACI Digital Marketplace Sales Team
Telephone: 0207 602 6000

Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
None, other than internet access
System requirements
Appropriate browser enabled device and connection to the internet.

User support

Email or online ticketing support
Email or online ticketing
Support response times
CACI provide web support and a helpdesk portal 24/7 to process customer issues, requests for support and software changes.

ChildView is a highly secure and available system and several aspects of the application are business-critical, so we aim to deliver maximum uptime.

Application and technical support is available 08:00 to 18:00 and at other times by arrangement. If a serious fault (Severity 1 & 2) is reported, and the system is not available or unusable, we will immediately respond and diagnose the issue using our technical consultants. This is typically within two hours if it relates to the software.
User can manage status and priority of support tickets
Online ticketing support accessibility
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Yes, at an extra cost
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
Web chat accessibility testing
CACI have reviewed inclusive features in Skype for Business:

- Users with vision impairments can get shared content on their own devices. This lets them use their favorite assistive technologies, such as a screen reader or magnifier.
- Users with hearing impairments can get transcription services in real time, through Communication Access Realtime Translation (CART).
Onsite support
Yes, at extra cost
Support levels
All CACI’s customers receive a comprehensive support package as standard. This is included in the annual support and maintenance charge. Support is an area CACI is confident it over performs in; it’s constantly cited as one of the reasons why our customers partner with us, and why they stay with CACI.

All first line customer care consultants are attuned to practice issues and know how important it is, and are committed to, turning technical issues around quickly when they are affecting a child’s life.

Although our Service Level Agreement (SLA) is focused on service requests, >80% of our support time is spent providing advice to help customers optimise their use of Impulse and its diverse features. We are proud of this level of engagement and certain this is a uniquely beneficial feature of our service, compared to other providers.

Another popular benefit is CACI’s regular engagement with our userbase. We hold regional user conferences, webinars, workshops and actively encourage our userbase to engage with each other, both to help with best practice and to communicate in relation to CACI’s services and the development of Impulse.
Support available to third parties

Onboarding and offboarding

Getting started
CACI will confirm all customer requirements for configuration and implementation including training as well as a service start date.

Typically, we offer an initial onsite kick-off meeting with the customer at a suitable location (onsite or nearby) and agree the method and types of users to receive training; this will depend on the customer service needs, number and location of users that require training.

Impulse training sessions are designed to be interactive and are delivered by knowledgeable and experienced consultants, with in-depth knowledge of the solution. Full training documentation will be supplied, as well as user and how-to guides, regular advice notices and webinars.

We continuously improve our software design, implementation, testing and deployment processes. We provide a complete service to manage Impulse, software upgrades and data backups, for example, to fully comply with statutory application and security requirements etc. Three service pack updates are scheduled in consultation with the customer annually.
Service documentation
Documentation formats
End-of-contract data extraction
Onboarding documentation is available on-line, complimentary to our on-site, specialist training package. Off boarding documentation is available on request.
End-of-contract process
If a customer chooses not to renew, and once written confirmation is received, we will agree a date on which we are to carry out the data extract. Once carried out it is then securely provided to the customer.

Upon confirmation that all is in order, we then clear Impulse and shut it down, providing written confirmation to the customer that this has taken place and that we have securely destroyed all their data.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The standard Impulse service works on mobile devices such as tablets and mobiles. Reporting Dashboards and Portals are fully optimised and able to be viewed on devices such as mobile telephones and tablets etc.
Service interface
Description of service interface
There is a secure, device-adaptive web browser interface to the service.
Accessibility standards
Accessibility testing
Testing has been carried out in order to meet specific customers requirements to assist their users with specific accessibility needs e.g. JAWS. CACI has experience of tailoring visual displays for users with visual impairment, for example. Upon contract start CACI's team will discuss any specific requirements before Impluse is implemented.
What users can and can't do using the API
Impulse can interface and integrate with a range of modern systems. We can provide straightforward integration with Electronic Document And Records Management System (EDRMS) using available webservices

CACI can reference examples of common standards education system interfacing and integration, for example, automatic updating of education training attendance and attainment from schools, care status and looked after children's placements, police notifications etc.

In addition to offering generic interfacing we offer advanced data matching and inter-operability with other 3rd party systems using the Impulse Hub. We have also developed RESTful interfacing with Impulse to enable interfacing with mobile software devices as well as for other purposes.
API documentation
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
API sandbox or test environment
Customisation available
Description of customisation
Impulse can be customised at a service level to include a number of different modules, generate specific reporting, dashboards, user permissions and role-based settings.

Users can also customise their personal dashboard, generate specific reports and include / remove certain windows and sections of information based on relevance to the users work.

We also offer systems integration options. These are configured as options and require the Impulse Hub matching and systems integration product. The number and type of feeds to Local, Regional and Government systems is virtually unlimited.


Independence of resources
Regular testing and enhancements to our service and hardware are conducted. Up-time and performance assurances are provided in our SLAs.


Service usage metrics
Metrics types
Service metrics can be provided on usage of Impulse with various user-defined variables.
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Impulse uses an integrated reporting and filtering system for users to define precisely the data that users want to extract themselves.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • PDF
  • HTML
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network
CACI use a mixture of these protection protocols across the CACI network, relating to different projects and the scale / security levels required.

Availability and resilience

Guaranteed availability
We guarantee 99% availability, using the following definitions:

• Network resilience is defined as recovery in less than 2 hours
• Physical Machine resilience is defined as less than 5 minutes
• Virtual Machine resilience is defined as less than 15 minutes
• Data Center recovery is defined as less than 1 hour (if secondary site option purchased)
Approach to resilience
CACI has various contingencies in place including:

- N+1 best practice and physical arrangements in our accredited UK data centres.
- Environmental protection includes gas and fire suppression systems, N+1 air-conditioning systems with nothing combustible stored on site.
- CACI also operate contingent power, computing and network capacity which includes highly resilient HP RAID technology.

Further information about availability resilience of our service is available on request.
Outage reporting
Email alerts and phone calls.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Username and password plus internal processes, audited in accordance with ISO 9001 and ISO 27001 protocols.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
Not applicable
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
  • ISO 9001 - this includes additional elements regarding security
  • Data Seal - DS 27001/1-2014
  • Cyber Essentials certification - CES-CSR-10006

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Security Plus
Information security policies and processes
CACI provides systems integration, software applications and consultancy services to customers from across the public and private sectors. We manage sensitive data on behalf of our customers ensuring that the confidentiality, integrity and availability of information is maintained always.

CACI is dedicated to protecting all customer data and systems using industry best practise for security. We have implemented an Information Security Management System (ISMS) containing policies, procedures and robust technical controls to systematically manage sensitive data, systems and processes in accordance with ISO 27001:2013.

Our customers demand the highest levels of data security, and our ISMS is subject to regular rigorous internal & external audits by our customers. CACI has been certified by the British standards Institute to ISO 27001 since 2006, cert # IS501477, covering all CACI offices and data centers, demonstrating our commitment to information security. We also hold Data Seal, cert # DS 27001/1-2014 and Cyber Essentials certification, cert # CES-CSR-10006.

All our systems are installed on highly available hardware in CACI owned data centres, backed up nightly on offsite encrypted media, patched regularly, while being protected by high-end firewall systems, intrusion detection and antivirus systems. Complete network penetration tests are performed annually by independent third parties.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Documented change management systems form part of ISMS. Major/significant changes are peer reviewed and approved by the change advisory board (CAB) which delivers support to a change management team by approve, assess, prioritise the requested changes.

All changes are subject to our Change Control Policy. Where there’s the possibility of an impact to user activity, the appropriate stakeholders are notified for feedback.

Changes are forwarded to Change managers for CAB approval, who may append plans when appropriate.

Robust systems acceptance testing processes have been established for all new information systems, upgrades and new versions, conducted by dedicated quality assurance team.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Independent penetration testing is conducted annually. Regular vulnerabilities scans are conducted utilising the Nessus vulnerability scanning product. CACI’s in-house cloud hosting solution has an independent IT Health Check and approved for government PSN standards.

Deployment of service packs / updates are in accordance with ISO27001 policy; first to a test group then after a successful testing period deployed to the remainder. Critical patches are applied immediately. Systems / applications are routinely updated/ patched to the latest release levels to ensure best practices for security via leading security applications, alerts, publications to counter new / emerging threats.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Active Directory event logging is enforced and captures all appropriate events to prevent security incidents and malpractices. Systems are additionally monitored via Quest Change Auditor software, a dedicated security logging tool, which audits the activities taking place within our infrastructure and delivers detailed information about vital changes and activities as they occur to all peer administrators, including the IP address of the originating workstation, where and when it occurred, along with before and after values.

Checkpoint's SmartCenter and HP Systems Insight Manager (HP SIM) is used to monitor systems and alert administrators of possible security, capacity or resource problems.
Incident management type
Supplier-defined controls
Incident management approach
All Security Incidents are recorded and documented in-line with our security incident policy and response procedure. For each incident a root cause analysis is conducted and a preventative action will be implemented to prevent or reduce the probability of the incident reoccurring in the future. A Security Incident Support call is raised to the Projects & Security team within the Technology Department. The support call requires analysis, corrective action and preventative action to be recorded.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Connected networks
  • Public Services Network (PSN)
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)
  • Other
Other public sector networks
CACI provide connectivity to DfE eligibility checking service.


£35,000 a licence a year
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.