Atkins Limited

CIRRUSmaps™ Web Mapping Platform

CIRRUSmaps™ is a flexible web mapping platform, built using industry leading Open Source software. It provides a scalable and configurable solution, for customers wishing to turn location-based data into valuable business information. Using the best open source software, CIRRUSmaps™ lowers the cost of ownership for a web-based GIS.


  • Layer filtering – see only what you want to see
  • Gazetteer search – intelligent, auto-completion of search criteria
  • Feature identification – drill down to retrieve attribute data
  • Measurements – straight and multi-line plus irregular polygon areas
  • Dynamic map scale – map scale auto-adjusts as you zoom
  • Data querying – understand the content of your business data
  • Layer control – grouping, display order and links to metadata
  • Toolbars – configurable for convenient, easy access to all functions
  • Simple interface – floating, draggable and closable dialog windows
  • Data exchange – powerful upload and download mechanism


  • Flexible – highly configurable to customer needs
  • Spatial data- in the right format at the right time
  • Data transformation - using industry leading FME Server
  • Mobile - access to business data on the move
  • Open Source – integrates best of breed components
  • Low cost of ownership through open source and cloud
  • EU INSPIRE compliance – Discovery, View, Download and Co-ordinate
  • Scalable to meet variable user demands
  • Resilient – multiple nodes, automatic restart after failover
  • High performance – through best of breed components and infrastructure


£9900 to £36000 per licence per year

  • Free trial available

Service documents


G-Cloud 11

Service ID

7 5 2 4 7 7 9 3 5 0 4 0 2 3 6


Atkins Limited

Jonny Hope

+44 1372 75 2633

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints No
System requirements A modern, standards compliant web browser

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times 1 Business Day Our dedicated Technical Support team supports external customers, during contracted hours of support. Response times are aligned to the following incident priority levels: A - Critical, respond in 2 working hours providing circumvention instructions where possible or fix. B - Major, respond in 4 working hours details as per priority A. C&D - Functional or intermittent Incident, respond in 8 working hours details as per priority A. Classification details are available for each Priority.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Standard Support - available during 08:00 – 18:00 hours, Monday to Friday (not English Public Holidays). Incidents may be logged via the web, telephone or email during these times. Additionally, Incidents may be logged via the web outside of these hours, but they will not be progressed until the next working day. Software fixes will be progressed during these hours, and a release made available in line with the Customers agreement. 7 days per week – see Standard Hours, the addition being able to log and receive responses to Incidents during the additional hours. Please note that we operate a Restoration of Service (RoS) approach to support on the additional days e.g. Saturday, Sunday and English public holidays – See below for RoS definition. 24/7 - see 7 days per week, the addition being able to log and receive responses on a 24/7 basis. Restoration of Service (RoS) – during extended hours of support the aim is to get the Customer operational as soon as possible. Software fixes will not be provided during the additional hours of support. Incidents remain the responsibility of the Technical Support team throughout the life cycle.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Data restoration and migration are not part of this service by default. Both of these options can be purchased separately. Atkins is able to migrate existing client data into a new CIRRUSMaps™ deployment. The price of this service is dependent upon the amount and variety of legacy data to be migrated and will be determined during a clarification exercise prior to the commissioning of any work.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction A standard database backup of the data will be made available to the client upon termination of the service.
End-of-contract process Once the contract has ended we will perform a full database backup of the “data” schema of the CIRRUSmaps™ database. The database backup is provided as a PostgreSQL dump file using the pg_dump tool. The buyer can then take this database backup file and use it to restore the data to an alternative environment of their choosing. In addition to the PostgreSQL data dump we shall also provide the Styled Layer Descriptor (SLD) files used in GeoServer to provide styling for the exported data. The buyer can then use these files to provide the styling for the exported data provided the new environment they are using supports the use of SLD files. If required we can also provide the data in other standard GIS formats, this will be an additional cost option for the buyer to choose at contract end. The cost will be determined by the export format required and the volume of data to be exported.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install Yes
Compatible operating systems Windows
Designed for use on mobile devices No
Service interface Yes
Description of service interface Via internet portal/ browser for customers to log incidents, and IE url for application users to administer incidents & application.
Accessibility standards None or don’t know
Description of accessibility N/A
Accessibility testing N/A
Customisation available Yes
Description of customisation CIRRUSmaps™ can be branded with users own branding.


Independence of resources We use a Private Cloud platform that has been scaled by our service provider to support a very large customer base. Each on-boarded customer is allocated virtual servers for the service to run on, these virtual servers have an allocation of resources dedicated to them and so users are not impacted by the demands of other users.


Service usage metrics Yes
Metrics types We utilise the Piwik Analytics platform to capture service metrics and provide customers with access to their service metrics through a web portal. Details of the capabilities of the Piwik Analytics platform can be found at
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency Never
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach For customers choosing the extra-cost FME integration option they will be able to configure which layers in the system can be downloaded by users. The formats available can be flexible to meet the requirements of the buyer, however the standard formats provided out-of-the-box are: • Esri File Geodatabase • Esri Shapefile • MapInfo TAB file • Autodesk DWG
Data export formats Other
Other data export formats
  • Esri File Geodatabase
  • Esri Shapefile
  • MapInfo TAB files
  • Most other GIS formats
Data import formats
  • CSV
  • Other
Other data import formats
  • Customers choosing extracost FME integration option
  • Esri File Geodatabase
  • Esri Shapefile
  • MapInfo TAB format

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network Other
Other protection within supplier network Data is stored in a PostgreSQL database with security enabled, the database holds the information for the service and is not accessible from other systems. Access controls in place prevent users from accessing the database. Access to the data by Atkins staff is strictly controlled. Staff from our service provider only have access to servers in order to provide support and maintenance, they do not have access to the information held within the databases. Physical access is tightly controlled within the data centre, no member of staff has access without appropriate permissions, once logged on they cannot access the databases.

Availability and resilience

Availability and resilience
Guaranteed availability Our service provides 99% uptime during the agreed hours of service.
Approach to resilience We utilise a Private Cloud environment built using the OnApp Cloud Management platform. It provides an environment that is: - Scalable through auto-scaling (up and out) - Highly available through automatic failover and full active-active High Availability The system is deployed across a multi-node environment ensuring that node failures do not bring the system down, the cloud management platform continually balances load across nodes and moves running services across nodes when issues are detected.
Outage reporting Real-time server monitoring provides alerts to our Cloud providers when services have failed, these outages are then reported to our clients through the Technical Support helpdesk.

Identity and authentication

Identity and authentication
User authentication needed No
Access restrictions in management interfaces and support channels Users with administrative access are assigned an “Administrators” role. Only those users belonging to the “Administrators” role can access management interfaces.
Access restriction testing frequency At least once a year
Management access authentication
  • Username or password
  • Other
Description of management access authentication Management access authentication

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Lloyd’s Register Quality Assurance Limited
ISO/IEC 27001 accreditation date 16/06/2010
What the ISO/IEC 27001 doesn’t cover This certificate covers the client bids and projects managed by the ADS&T division within Atkins UK&E sector, it excludes information handled within client specific secure environments that operate under more stringent security controls.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Atkins Aerospace, Defence, Security and Technology (ADS&T) holds ISO 27001 and all our UK businesses are independently certified as achieving the ISO 9001:2008 quality management standard. Atkins follows a Business Management System (BMS) approach that brings together all of our business processes in one place. The BMS assures our clients through the certification of ISO 9001, OHSAS 18001 and ISO 14001, and forms a key part of the Atkins Governance Framework, which also includes our Group Policy Statements and Code of Conduct. BMS is key part of our governance process, translating the Group controls into a set of core processes that are applicable across the business.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Configuration control is performed using source code management and version numbering. Our change management process is invoked whenever a change to the system is required. A change management plan is created, including identification of risks and associated mitigation. Software changes are managed in accordance with TickITplus accredited quality framework and taken through rigorous testing cycles. Before installing in the live environment, a rollback plan is formulated and any required downtime agreed. The changes are installed in live environment and checks performed to ascertain the change was successful. Where problems arise the rollback plan is initiated restoring system to baseline state.
Vulnerability management type Undisclosed
Vulnerability management approach None
Protective monitoring type Undisclosed
Protective monitoring approach Atkins shall provide: • 24 / 7 / 365 monitoring of server availability and performance with a restart option should the server fail out of hours • Threshold monitoring to ensure potential problems are detected and addressed before they become critical • Failover at any time of the day or night in the event of complete server failure • Secure off site data backup • Disaster Recovery procedures and management Business hours support services for non-critical incidents
Incident management type Supplier-defined controls
Incident management approach Service failure severity types: Severity1 •Constitutes Service loss, preventing system usage •Critically impacts activities of Authority that depend system use; •Causes corruption of Authority Data. Severity2 •Prevents operation of particular sub-system. Could potentially: •Adversely (majorly) impact Authority activities that depend on system use. No workaround available •Cause disruption to Authority - more than trivial but less severe Severity1 Severity3 •Reproducible, has adverse impact on the activities of Authority. Can be reduced to moderate adverse impact, if workaround available. Severity4 •Intermittent/ non-reproducible. Minor adverse impact on End user service provision. Severity5 •Cosmetic flaw. Doesn’t undermine End User's confidence in displayed information.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £9900 to £36000 per licence per year
Discount for educational organisations No
Free trial available Yes
Description of free trial Full licence for limited time.

Service documents

Return to top ↑