Business Systems (UK) Ltd

Business Systems Digital Interview Recording for the Ministry of Justice (MOJ)

Interview Recording solutions from Business Systems incorporate digital, video and audio recording capabilities. Secure and accurate Interview Recording with military-grade security and storage for Ministry of Justice agencies.

The digital Interview Recording solution turns conversations into powerful insight. Record, review and analyse conversations on or off site.


  • Digital video and audio Interview Recording capabilities for courts, tribunals
  • Portable units available for offsite Interview Recording
  • Access and share Interview Recordings with authorised users anywhere
  • Segment dialogue into key themes based on organisation's unique metrics
  • Proprietary Interview Recording and transcription technology
  • Digital video and audio Interview Recording for courts and tribunals
  • Long-term military grade storage and unique microphone technology
  • Fast and fully tailored Interview Review process
  • Conduct and record interviews taking place over videoconferencing
  • Sophisticated artificial intelligence for powerful risk analysis and complete visibility


  • Reduce paper files and management costs through digitised Interview Recording
  • Reduce time spent interviewing and focus on addressing specific problems
  • Achieve compliance and improve conduct - PACE, GDPR and DPA
  • Increased public security through safer information sharing
  • Quickly identify interview trends and patterns
  • Honest and unbiased representation of an interview
  • Conduct secure Interview Recording on-site or out in the field
  • Improve training and development of staff through Interview Recording evidence
  • No tapes, CD's or 2nd-tier storage archive required
  • Improved Management Information with easier information sharing


£12 to £50 per user per month

  • Free trial available

Service documents

G-Cloud 11


Business Systems (UK) Ltd

Julie Kerman

0208 326 8326

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Available for iOS devices, Android coming soon.
System requirements
  • IPhones running iOS 8.0 and later.
  • The compliance console is web-based and supports modern internet browsers.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 98% of support phone calls answered within 5 seconds by our Customer Service centre. They will log a case and assign the priority of the query or problem. Typically Business Systems provide technical 1st response within 20 minutes for Support related issues. Response times differ outside core business hours due to automated routing of calls. A 24 hour facility is available where cases can be logged 24/7 (calls are routed to Out Of Hours Team; emails are logged and picked up the first business day). Tailored support is also possible e.g. manned 24/7 help desk.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support No
Support levels Business Systems provides five levels of support (remote access is a pre requisite) including: 1. Platinum - Full support, 2 hour response for P1 faults (24 hours a day, 365 days a year). 4 hour response for P2 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 2. Gold - Full support, 2 hour response for P1 faults (08:00 – 20:00 hours a day, 365 days a year) 8 hour response for P2 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 3. Silver - 2 hour response for P1 faults (0800-2000 Mon - Fri, includes UK Bank Holidays) 8 hour response for P2 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 4. Bronze - Basic on-site support 4 hour response for P1 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 8 hour response for P2 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 5. Tailored Service Level based on the customer's requirements e.g. custom support hours, on-site support, technical account manager etc.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started To correctly provision and bill new customers, the following Account information is required:
• Account name
• Account reference number
• Account address including post code
• Authorised contact name
• Authorised contact email address
• Authorised contact phone

All new users will receive a "Welcome" email that contains the information needed to commence using the service. Users will have access to a web-based "Help Centre" that covers all aspects of how to use the service. Business Systems also provides a manned service desk during business hours as well as a 24/7 online facility for logging cases. Authorised contacts will also have access to the full Service Description from the Digital Marketplace and will be allocated a Business Systems account manager for the duration of the working relationship.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction There are a number of options available for extraction of data at the end of the contract. This will be discussed with the Business Systems account manager assigned to the contract.
End-of-contract process Within the subscription charge support will be provided to assist in moving to a new supplier or to close down the service. If there are large amounts of data to be extracted then there may be a charge for this as stated in the pricing document.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • Android
  • IOS
Designed for use on mobile devices Yes
Differences between the mobile and desktop service There are separate desktop applications for service administration and for access to compliance recordings.
Service interface Yes
Description of service interface The Service provides two interfaces; one for face to face recording device and one for search and replay of those recordings. The User interface on the portable recording device is a simple mobile phone smartphone application. Application captures standard metadata of Start Time and Duration providing the user with the option to capture further metadata to cover the user details & the client participating in the conversation. User access for search and replay of recorded conversations carried out via a web based interface. Users can search, analyse and play back recordings through the eDiscovery solution, compliance console.
Accessibility standards None or don’t know
Description of accessibility Users can access the mobile smartphone application to record conversations and access a web based portal on commonly supported Browsers.
Accessibility testing Not Applicable.
What users can and can't do using the API The API provides customers the ability to export their data for on premise storage and analysis. An API role needs to be setup to access the API through the customer service desk.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available No


Independence of resources Capacity Management is a process to ensure that the demands of the entire user base are guaranteed even with significant infrastructure failure. Capacity is monitored on a monthly basis and increased as required to keep ahead of user demand.


Service usage metrics Yes
Metrics types Administrators have access to a web portal with details of service usage per user.
Reporting types
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Other
Other data at rest protection approach We protect data at rest with an access control policy that states AES-256 encryption.
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Customers contact the support desk or their Business Systems account manager. User setup data could be provided as CSV. Calls/SMS provided through a web API.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Our service SLA is 99.999% call routing availability.
Approach to resilience There are no single points of failure in the cloud infrastructure. All services are hosted across 3 geographically resilient datacentres.
Outage reporting Email Alerts are sent to the authorised contacts for each customer.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Login/Password and VPN link.
Access restriction testing frequency At least once a year
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 UKAS
ISO/IEC 27001 accreditation date 06/11/2017
What the ISO/IEC 27001 doesn’t cover All operational areas are covered.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials Certificate

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes The cloud infrastructure is subject to IASME control principles ; delivered through a set of internal information security policies and processes. The quality of these policies is managed through the ISO9001 quality managed system. The reporting structure is through the Head of Infrastructure and Security to VP Board Member Head of Operations.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The solution architecture and source code are version controlled using various version control systems. Changes to the solution undergo a formal peer review for functional and non functional aspects, which include safety and security of the system. Implementation of these changes on to the production platform undergoes a further formal review through the Change Approval Board. Both of the peer reviews are tracked using an auditable change management system.
Vulnerability management type Supplier-defined controls
Vulnerability management approach The "Tenable - Security Centre" solution is deployed within its networks, which updates all potential vulnerabilities on a daily basis. Weekly assessments are run against the estate (both infrastructure and applications) to report any potential threats. These reports can then trigger a defined patching process if required sooner than the scheduled patching process.
Protective monitoring type Supplier-defined controls
Protective monitoring approach A combination of "Checkpoint Next Generation Security applications (inc IDS)" throughout the manufacturer's networks (external and internal facing) is deployed; this internal "Splunk" (application) reports into the 'Network Operations Centre' which monitors and responds to any incidents based on internal SLAs.
Incident management type Supplier-defined controls
Incident management approach Business Systems' incident management procedures operate in line with ISO 27001 accredited governance procedures.

The cloud service provided is subject to an Incident Process which is based on the ITIL incident management process. All incidents are raised as tickets within the 3rd party support application and tracked and reported by its support desk. This will be managed by Business Systems on behalf of the customer.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £12 to £50 per user per month
Discount for educational organisations No
Free trial available Yes
Description of free trial A free trial is available for a limited trial period.

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑