MilestonePlanner Project Tracker
MilestonePlanner delivers web-based project and portfolio planning, tracking and reporting. Managing collaboration with project timelines and trackers for actions, tasks, risks and resources, while focusing on outcomes and success measurement. It is used by teams, departments and organisations to enable efficient and effective planning and execution, and project portfolio management.
- Project planning, with full milestone, action and task tracking.
- Easy, collaborative access via desktop, mobile or tablet devices.
- Visual project timeline, kanban, lists views and dashboard.
- Filter views by owner/resource and status to identify issues.
- Real-time export of project data, including risk registers.
- Automated status and change reporting with change log and history.
- Repeat or copy projects, workstreams, milestones and tasks or checklists.
- Track progress, activity, outcomes and outputs across users and projects.
- RSS Activity feeds and syncing to desktop calendar.
- Track risks and issues, roles, outcomes and impact.
- Fast and easy to use, with secure plan sharing.
- Manage through definition, initiation, planning, execution, monitoring and control, closure.
- Frees up time and expertise to focus on achieving goals.
- Ensures stakeholders always have access to up-to-date project plans.
- Track progress, making slippages and bottlenecks easy to identify.
- Clear ownership and visibility of all programme work items.
- Enables real-time, collaborative planning, to speed project delivery.
- More effective project reviews with access to project history.
- Supports leading planning methodologies, including PRINCE2, agile and lean.
- Project templates to reduce time required to create plans.
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Within 4hrs of receipt within office hours.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.1 AAA|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.1 AAA|
|Web chat accessibility testing||Tested using validation tools and manual testing.|
|Onsite support||Yes, at extra cost|
SocialOptic prides itself on providing friendly and effective customer service and support. Standard support hours are from 8am to 6pm Monday to Friday, excluding bank and public holidays.
The service is available and monitored on a 24x7 basis, via the SocialOptic service assurance infrastructure, and support requests can be raised electronically 24x7. The support service includes telephone, email, web-based and in-app support for all issues and queries.
Calls are handled by our highly skilled staff, and call severity will be categorised under the following three levels:
Severity 1 – Complete loss of service affecting multiple users. Response time < 30 minutes.
Severity 2 – Partial loss of service affecting a minority of users. Response time < 60 minutes.
Severity 3 – Issue affecting and individual user. Response time < 4 hours.
We provide a named support contact for each account, so that there is someone familiar with the particular use case, and able to answer questions within the organisational context.
|Support available to third parties||Yes|
Onboarding and offboarding
The on boarding process is managed according to PRINCE 2 project management principles or Agile, according to customer preference. SocialOptic allocates a named contact to provide support, who will work with you to understand your objectives and requirements, and build a milestone-based project plan that will include the process for go-live. SocialOptic provide user documentation that assumes no prior experience, including a "Getting started" guide. The platform is intuitive and online/telephone training sessions are conducted directly with users, supported with pdf documentation. Post launch, the account team are available to answer any questions or provide support to ensure successful implementation of the system.
Optional tailored web-based or on-site training is available for groups. There is an optional import service, to automate importing of existing data, and our support staff are on hand to help with questions.
|End-of-contract data extraction||CSV export|
|End-of-contract process||Users can remove their own user accounts, or accounts can be disabled (locked) via an administrator account. Users can export data as text CSV (comma separated variable) files, with descriptive headers, prior to deleting their account. Data is exported over a secure TLS encrypted link, using a standard web browser. Exporting of data is freely available via the web interface. Data is also available via the REST API (Application Programming Interface), in JSON format. High volume requests may be rate limited. Key data may also be exported in PDF format, as reports. Our team are available to help with off-boarding, and there is no charge for exporting data. At the end-of-contract all user accounts and user data will be removed from live systems within 7 days, and expired from backups by rotation, within 30 days.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Timeline page not available on low resolution devices.|
|What users can and can't do using the API||
The API allows for creating and disabling user accounts.
MilestonePlanner APIs allow users and application developers to create, update and delete items in MilestonePlanner. APIs are secured by API keys and protected by configuration. Both REST and WebHook APIs are available.
Users can create, edit and remove projects, work streams, milestones and actions.
|API documentation formats|
|API sandbox or test environment||Yes|
|Independence of resources||Each user is handled in an independent process, with separately managed memory and processor resources. A resource scheduling algorithm limits the maximum resources allocated to a specific user thread, protecting other threads from resource starvation.|
|Service usage metrics||Yes|
Number of users
Number of plans, workstreams and milestones
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||CSV export, RSS feed, calendar feed, PDF reports, API|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||SocialOptic has extensive operational experience, and has been running Software as a Service platforms for nearly 10 years. All systems are monitored 24x7 and target a 99.999% availability level, by using redundant systems with automated switch over. There are no scheduled maintenance windows that are excluded from the SLA, and SocialOptic operates a "zero-downtime" methodology for system updates. Should availability fall below the target SLA, a support request can be raised to obtain a pro rata refund for any outage over 30 minutes. Availability is measured to the edge of the data centre, and does not cover users' Internet Access or third party remote systems.|
|Approach to resilience||Primary, secondary and tertiary facilities are used, with redundant mirroring. Further details available on request.|
|Outage reporting||Public status page|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||User credentials are used to secure management interfaces and support channels and provide strong authentication. All communications make use of session level encryption to protect confidentiality and integrity. Access controls are subject to regular review, as part of the overall security policy, and scanning and penetration testing is used to increase assurance.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||Between 1 month and 6 months|
|Access to supplier activity audit information||You control when users can access audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||IASME and Cyber Essentials|
|Information security policies and processes||Information Security is a board level responsibility, and is a standing agenda item at all board meetings. Security policies and procedures are regularly reviewed. SocialOptic meets the requirements of Cyber Essentials and is IASME certified, operating the core controls of the ISO27001 standard. We adhere to the model of the Cabinet Office Security Policy Framework and implement the CESG Cloud Security Principles and the requirements of new GDPR legislation. Change control systems are used throughout the service process, and regular security scans are part of the release and operate process.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||All components and system configurations are managed through a version control system, with a full audit log, and impact assessment process. All newly developed software goes through a code review, and is subject to vulnerability scanning as part of the release process, both in development and in the live environment.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||SocialOptic operates a distributed patch management and monitoring system. All operating system patches and enhancements are automatically applied to production systems, with an automated rollback where required. This ensures that updates are applied in a regular, timely manner, with the minimum impact to service. SociaIOptic operates regular scans for vulnerabilities and malware, together with log auditing. SocialOptic subscribes to the relevant advisory feeds for OS and major software components and monitors emerging threats through engagement with vendors, CERTS, specialist groups and community partners.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||SocialOptic's protective monitoring process logs all user session activity, backup status and suspicious device boundary activity. Logs are collected, analysed for potential compromises or inappropriate use, and archived. Where incidents are identified, the Incident Management Process is followed, and remedial action taken, if required.|
|Incident management type||Supplier-defined controls|
|Incident management approach||SocialOptic has a defined Incident Management Process. This includes Incident identification, Incident logging, Incident categorisation, Incident prioritisation, Initial diagnosis and Escalation. It is a closed loop process including resolution and communication throughout the lifecycle of the incident. Global incidents are reported via the status page & public feeds, while individual user incidents are communicated via the user's preferred communications channel.|
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£2.25 per user per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||The free trial is limited to 30 days is and of the full Professional Edition product.|
|Link to free trial||https://milestoneplanner.com/|