Civica UK Limited

TranSend

TranSend electronic proof of delivery (ePOD) and integrated route planning applications help to reduce the cost, time and paper involved in managing deliveries and collections, provide accurate and timely delivery information, create visibility and operational efficiency for transport & logistics operators, or organisations with their own delivery fleet, including subcontractors.

Features

  • Electronic proof of delivery mobile app and back office system
  • Route planning, building and job management
  • Real-time job and vehicle tracking using device data
  • Real-time customer service information
  • Customer service analysis and reporting
  • Operational dashboards by department
  • Route Board with live job status summary
  • Predictive ETAs using live traffic information
  • Alerts, notifications and exception management
  • Incident & Accident reporting

Benefits

  • Make the most efficient use of vehicles and drivers
  • Remove paper processes & reduce admin overhead
  • Guarantee customer-specific job workflow
  • Update customers on real-time job status
  • Reduce driving time and failed deliveries
  • Improve invoice accuracy & cash flow
  • Reduce customer claims & disputes
  • Provide self-service access via a customer portal
  • Make changes dynamically to live routes

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints None
System requirements
  • No specific software requirements, see browser list below.
  • Web Interface for Management
  • PDA/Phone application for execution

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Typically 30 minutes and we do not currently provide weekend cover.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels The entire Transend support process and levels is fully defined in the TranSend document Service Level Agreement - Software and Hosting. This defines:
-TranSend Support Services (Level 1-3)
-Customer Obligations
-Call Centre & Help Desk (Level 1 Support)
-Technical Support (Level 2 Support)
-Programming Support (Level 3 Support)
-Priority levels and Resolution Targets
-System Availability
-Hosting Centre
-Major Incident and Disaster Recovery
-Exclusions
-Escalation Procedure
-Complaints
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Each TranSend customer is provided with a hosted instance of the TranSend. This is setup by The T/S operations team. Based on the client's specific requirements the T/S Project Manager will work with the users to configure the T/S system and load/setup all required static data, in addition consultancy will be provided to enable the user to interface live operational data into and from T/S. As part of the implementation client-specific documentation will be generated by the PM for the customer. The specific documentation for each project will vary based on client requirements, key documents normally include Solution Design, PDA user guide, Integration documentation.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction As all operational data is exported back to the client's own system in near real-time, there is generally no requirement for data to be extracted at the point of contract end. However in very rare circumstances if there is a requirement for certain data to be extracted this can be defined by the user and as a discreet project TranSend services and operations team can extract and copy the required to a portable drive.
End-of-contract process At contract end the client's TranSend instance and all data is deleted within the TranSend hosting environment.

As described above all operational data is exported back to the client's own system in near real-time there is generally no requirement for data to be extracted at the point of contract end. However in very rare circumstances if there is a requirement for certain data to be extracted this can be defined by the user and as a discreet project TranSend services and operations team can extract and copy the required to a portable drive. This would incur an additional project charge.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The application uses html5 and is built to scale to the screen size in use. Obviously the smaller the device, the more restrictive the working area is but this is not a feature of the application but the device itself.
Service interface Yes
Description of service interface Web browser
Accessibility standards None or don’t know
Description of accessibility Through a web browser.
Accessibility testing None
API Yes
What users can and can't do using the API Load Routes/Orders/Accounts/Vehicle/Drivers
API documentation Yes
API documentation formats
  • PDF
  • Other
API sandbox or test environment No
Customisation available Yes
Description of customisation The module and function access are limited to those a user requires to fulfil their role and that are configured in the system. The appearance can be customised with your own logos and colour schemes plus all text can be translated to either an alternative language or simply for terminology.

This configuration is controlled with a mix of both central and individual user.

Scaling

Scaling
Independence of resources Management software is used to monitor Underlying Hardware to ensure additional resources are allocated as required. Microsoft Hyper-V enables virtual servers to be migrated to different physical hardware so system availability is maintained during planned or unplanned maintenance. Storage is allocated via a flash storage array capable of maintaining high IOPS throughput.

Analytics

Analytics
Service usage metrics Yes
Metrics types TranSend does not provide service usage metrics, it does however enable the user to define and measure service performance metrics for the drivers, vehicles, routes and stops that TranSend is recording. These can be configured by the TranSend user and based on the nature of the metric can be provided in TranSend through an API, dashboard, report or enquiry.
Reporting types Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach All enquiry screens can be exported to Excel and there are various export functions that can be setup to provide data in various formats.
Data export formats CSV
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • Webservice Call

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Outside of any scheduled downtime, the Performance Target is for the system to be available 99.8% of the time measured over a period of one month.
Approach to resilience Available on request.
Outage reporting Email alerts.
Infrastructure related scheduled maintenance will not occur between 07:00 and 19:00 Monday to Friday excluding English Bank Holidays. Maintenance will be arranged with a minimum of 3 working days’ notice, and will include a detailed description of the planned works, planned outcomes, and a detailed back-out plan, unless otherwise stated.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Access is controlled with Roles that are applied to users and these roles define the access they have. Support will only accept calls from nominated individuals.
Access restriction testing frequency Never
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 ISOQAR
ISO/IEC 27001 accreditation date 06/12/2017
What the ISO/IEC 27001 doesn’t cover N/A
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • Cyber Essentials Plus
  • ISO22301

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes In order to provide a wide range of services to public and private sector organisations, Civica maintains an active information security programme. This programme requires regular internal and external audit inspection of both physical and logical data protection structures. The policies and procedures are aligned to ISO 27001 and Cyber Essentials Plus certifications.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach All hosted assets metadata is stored in a Configuration Management Data Base. This data base is access controlled to authorised staff only. The CMDB provides information essential to the secure hosting of client critical services.
Civica's Change Management process ensures that all changes are considered and planned, and appropriate, and that there is a clear audit trail of all changes.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Civica has vulnerability management processes in place for ISO27001 and PCI-DSS. These processes are externally audited on an annual basis to ensure continued compliance.
For external vulnerability scanning, Civica employs the services of an external ‘CHECK’ approved provider to perform an annual penetration test against the external management IP interface. Supporting this, Civica is also certified to the CESG approved Cyber Essentials scheme. For high value financial hosted system, Civica also maintains a PCI-DSS v3.1 certification. In scope systems are subject to month internal and external vulnerability scans as well as a full penetration test twice a year.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Civica take a proactive approach to information security through a process of continual monitoring and review. As part of a documented risk assessment methodology to identify and manage information security risks a dedicated security team update the risk register monthly.
Civica has a network monitoring solution in place ‘OpsView’ as well as a full antivirus and anti-malware solution. These technologies check the hosted services for errors, infections and unexpected network traffic and are support by Cisco IPS/IDS at the perimeter layer. This monitoring service provides defence in depth, against compromise, by detecting infections and suspicious networking activity within the environment.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Civica have developed an Incident Management process (PRM07) under ISO 20000 standards which details both the Incident and Service Request Management processes.
The Civica Service Desk manages end user Service Requests, Incidents and Requests for Change (RFCs) which can be logged by e-mail, telephone and web portal.
Monthly customer reports will detail incident information.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £52.00 per device per month
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions pdf document: Modern Slavery statement
Service documents
Return to top ↑