Jacobs U.K. Limited

Stakeholder Engagement and Consenting Risk Management (TrackRecord and ProjectMapper)

Effective stakeholder engagement is critical to success of infrastructure schemes/projects. Poor relationship management can lead to opposition, causing lengthy delays and spiralling costs. Integrating systems including TrackRecord (CRM tool) and ProjectMapper (geospatial tool) enables organisations to manage consenting risk and compliance at all stages of the planning and/or DCO process


  • Data capture into configurable database on any project type
  • Data available to all parties on projects in real-time
  • Visualisation of data through mapping of spatial data
  • Record correspondence with residents, stakeholders, land owners, agents
  • Monitor all engagements, commitments, consents and permitting requirements
  • Monitor assets in spatial-context and interrelationships with other features
  • Visualise transport options, changes/designs, safety, environment survey results
  • Dynamic action management and evidence storage
  • SafetyWeb component shares hazard, safety and welfare information
  • Easy retrieval and exporting of data and historical correspondence


  • Creates common data environment (single digital source of truth)
  • Increases transparency of engagement
  • Configurable, adaptable and scalable to any project
  • Reduces risk
  • Defines responsibility and accountability for tasks and actions
  • Links design changes in infrastructure projects back to engagement
  • Enables quick retrieval of data at public enquiry
  • Fully hosted web service and centrally stored data
  • Shares hazard, safety and welfare information in real time
  • Demonstrates and identifies gaps in compliance in real time


£10000 to £500000 per licence per year

  • Free trial available

Service documents


G-Cloud 11

Service ID

8 3 2 5 0 3 6 4 5 6 2 4 5 7 2


Jacobs U.K. Limited

Simon Jackson



Service scope

Software add-on or extension
Cloud deployment model
Hybrid cloud
Service constraints
TrackRecord and ProjectMapper are provided as a fully hosted web service. Users can access the tools via a web browser on a PC, tablet or smart phone.
System requirements
Access to any web browser

User support

Email or online ticketing support
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Technical helpdesk support is provided during office hours. Support can range from basic telephone helpdesk support through to administrative assistance with uploading data and on site support. These are configurable depending on client requirements. A dedicated project manager is allocated who will oversee the implementation and delivery of TrackRecord and ProjectMapper.
Support available to third parties

Onboarding and offboarding

Getting started
During the mobilisation phase we tailor and configure TrackRecord and ProjectMapper to client requirements. This includes providing technical support to import client data and technical reviews co-ordinated by a dedicated Project Manager for best practice use of the tools. User training can be delivered onsite, online or a combination of both. The tools have online documentation and user help and we also provide user guidance in the form of process mapping and guidance notes where required.
Service documentation
End-of-contract data extraction
Data is typically downloaded onto disc in an encrypted format which contains an HTML interface to access all data. An XML file is also provided which provides raw data that can be used to import into another database.
End-of-contract process
The demobilisation of TrackRecord and ProjectMapper is included in the price of contract. This consists of a download and export of all data held within the tools and is delivered via a disc in an encrypted format or via SFTP transfer (whichever is preferred). The data contains all documents, files and photos and an XML download of raw data.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
TrackRecord and ProjectMapper have a responsive user interface and will work comfortably on phones and tablet devices. TrackRecord also has companion Apps to increase functionality.
Service interface
What users can and can't do using the API
We use various API interfaces to transfer data between systems. These are developed on a case by case basis.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Terminology, client branding


Independence of resources
A dedicated level of support is agreed with customers during the proposal phase and this is detailed within the scope.

All clients are hosted in separate physical databases and servers are continually monitored to ensure that resource levels are adequate.


Service usage metrics
Metrics types
Modules within the tool to show user activity, e.g. logins, recent activity, etc.
Management reporting modules provide real time dashboards and are configurable to client requirements.
As part of a support function our support desk can produce reports on an agreed frequency and format to provide clients with figures and statistics.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Users can export entity, report and action data into Excel and also download files (e.g. PDF's) directly from the web site. Technical support is available should a mass download of data be required in a particular format.
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats
  • CSV
  • Other
Other data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
TrackRecord and ProjectMapper have guaranteed availability 24/7 365 days a year with the exception of scheduled downtime during out of office hours to run updates.
Approach to resilience
Jacobs Strategic Consulting and Digital Solutions has a “Cloud First” policy for all technical solutions we implement. We take a vendor agnostic approach when proposing solutions and will work with whichever provider makes the most sense for our clients. We have recently implemented a hybrid cloud hosting solution for our SasS (Software as a Service) platforms utilising Microsoft Azure and IOMart (a tier 4 data centre provider). Both MS Azure and IOMart are fully accredited for ISO 9001, 27001 and 20000 and the mix of cloud and dedicated data centre hosting ensures a highly resilient hosting solution with a fully independent infrastructure creating no ‘single point of failure’, assuring 100% scheduled uptime. We are also able to offer on-premise hosting on our client’s network or implement bespoke private cloud solutions.
Outage reporting
We use an external automated monitoring service to continually ensure our services are operational. In the event of any downtime or glitch the technical support team are notified by SMS and email.

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
TrackRecord and ProjectMapper has an admin interface accessed by the Jacobs support desk that enables full control of user and user team access to modules and user rights (e.g. ability to edit or delete).

User access can be locked upon request by the client or if there is no user activity for a specified period of time (6 months) then the user account is automatically locked.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
The leadership and management of Jacobs is totally committed to achieving this goal through total Security Management, ensuring compliance with UK Government requirements, the HMG Security Policy Framework, Contracting Authority instructions and any specific Contract requirements outlined in Security Aspects Letters.
Information security policies and processes
Jacobs offer integrated and truly secure enterprise-capable solutions that span the cybersecurity lifecycle. We are a market leader in cyber security offering the full breadth of security services. We offer a complete suite of cyber capabilities that range from holistic enterprise lifecycle security and secure business transformation, to threat assessment, risk management, security architecture, audit, review & penetrating testing, SOC and incident response (CIR). Because our services are engineered to align with the cybersecurity standards of our clients and market regulations (from the National Institute of Standards and Technology (NIST) to the Office of Nuclear Regulation and Ministry of Defence), the client is completely free choose the engagement model and service level that aligns with their needs. In particular, the Jacobs Cybernet secure network solution has been certified for use up to UK Official Sensitive and the highest Defence Cyber Protection Partnership level (usually reserved only for Secret). We also have a number of certified Secret networks across the UK

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
When a change is required/requested it is reviewed by the technical director before being sent to the development team for implementation. Changes are reviewed for their impact to existing configuration, how they might affect users and potential security implications. Change requests are stored in a central change request database for long term reference.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Depending on severity security patches are rolled out to live systems monthly, if a serious vulnerability is found a patch would be implemented as soon as possible.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Penetration testing is routinely carried out by a third party against our systems. Any findings are reviewed by the technical director and responded to by the TrackRecord security team.
Incident management type
Supplier-defined controls
Incident management approach
In the event of an incident the TrackRecord support team will often be the first point of contact. They will go through a pre-defined check list and determine if they can resolve the issue, if not they will contact the technical support team to follow up with the user. For a serious issue, such as a prolonged server outage, the TrackRecord disaster plan will come in effect. After the incident is resolved a downtime post-mortem will be carried out to establish the exact cause and what can be done in future to avoid a repeat situation.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£10000 to £500000 per licence per year
Discount for educational organisations
Free trial available
Description of free trial
We can provide a tailored demo site at no cost with some basic configuration to demonstrate to a client that our tools are capable of delivering client requirements. We also have existing non-client specific demo sites that potential clients can be invited to access upon request.

Service documents

Return to top ↑