Investigative Case Software and Licencing

Column Case Management is a best practice software for investigators to manage the life cycle of an investigation, from intake to case closed and all interactions in between. With features such as link analysis, file management, visually pleasing and intuitive screens, and reporting engine, investigators are more productive.


  • Link Analysis
  • Data Visualization
  • Add Drag, Drop, and Search Any Size Attachments (including video)
  • Solvability Matrix
  • Calendaring
  • Smart Reporting
  • Geo Mapping
  • Mobility
  • Community Policing
  • Offline Capability


  • Enhance Information Sharing
  • Improve Record, Document, and Evidence Management
  • Increase Data Quality
  • Improve Information Access from Search and Data Visualization Options
  • Increase Efficiency with Electronic Forms and Customizable Workflows
  • Access to Data with a Customizable, Web based Reports Console
  • Create Geo Heat Maps within Minutes, Location Based Heat Maps
  • Create or Edit Cases Offline via IOS or Android App


£60.00 a user a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@highmetric.com. Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

9 2 3 4 8 7 5 0 1 6 8 3 9 4 4


HIGHMETRIC UK LTD. UK Public Sector Team
Telephone: 07506583977
Email: hello@highmetric.com

Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
System requirements
  • Does not have any requirements around anti-virus technology
  • Architecture based on Linux
  • Browser must be Google Chrome

User support

Email or online ticketing support
Email or online ticketing
Support response times
Critical = 1 Clock Hour
High = 2 Business Hours
Medium = 2 Business Hours
Low = 2 Business Hours
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Onsite support
Yes, at extra cost
Support levels
We provide 24 by 7 standard support model.
Support available to third parties

Onboarding and offboarding

Getting started
We provide onsite training, online training, and user documentation.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
When the contract ends the customer can create an export of all relevant data stored in the system. No data is really unique to Okta, as we either read data from external sources, or push (generated) data out to other applications.
End-of-contract process
Upon termination of the SaaS Agreement or expiration of the Subscription Term, Column Case Management shall immediately cease providing the SaaS Services and all usage rights granted under this SaaS Agreement shall terminate. The contract (SaaS subscription) includes access to the service and customer support for the service.

Using the service

Web browser interface
Supported browsers
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
Column Case Mobile enables your users to submit intakes and cases, manage tasks, and access case information from anywhere without the need of a network connection using the Column Case Mobile app. Remove the friction from work

Native mobile for the enterprise
Deliver tailored mobile experiences on iOS (Android and Windows coming).

Off-line capability
Submit Cases in off-line mode and app will sync-up when connectivity is restored.

Consumer-like mobile interface
Make it easy for employees to get work done across departments.

Consolidated cases, attachments, photos, approvals and to-dos
Provide fast, easy mobile access to common tasks.
Service interface
Description of service interface
A web interface accessed via a standard mobile and desktop browser
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
Column Case Management has completed a manual assessment against WCAG 2.0 Levels A and AA with and without assistive technologies
What users can and can't do using the API
Every entity in the system has a restful endpoint available to use.
API documentation
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Customisation available
Description of customisation
Everything down to the field level can be configured.


Independence of resources
Column Case Management is a highly scalable SaaS solution. It automatically scales to handle load. The performance test strategy and benchmarks are continually evaluated in order to improve performance and increase the testing coverage.


Service usage metrics
Metrics types
We provide service usage metrics every quarter or on request.
Reporting types
  • Regular reports
  • Reports on request


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Column Case Management, LLC

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Column Case Management has API’s and reports which the users can use to export their data into a variety of flat file formats
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
The SaaS Services will achieve System Availability of at least 99.9% during each calendar month of the Subscription Term. “System Availability” means the number of minutes in a month that the key components of the SaaS Services in a Customer production environment are operational as a percentage of the total number of minutes in such month, excluding downtime resulting from (a) scheduled maintenance, (b) events of Force Majeure, (c) malicious attacks on the system, (d) issues associated with the Customer’s computing devices, local area networks or internet service provider connections, or (e) inability to deliver services because of acts or omissions of Customer or any Identity Cube user. If Column Case Management fails to meet System Availability in an individual month, upon written request by Customer within 30 days after the end of the month, Column Case Management will issue a credit in Customer’s next invoice in an amount equal to ten percent (10%) of the monthly fee for the affected SaaS Services for each 1% loss of System Availability below stated SLA per SaaS Service, up to a maximum of fifty percent (50%) of the Customer’s monthly fee for the affected SaaS Services.
Approach to resilience
Column Case Management’s solution is provided utilising Amazon Web Services with each primary hosting location providing full redundancy of hardware, software, and network infrastructure across three AWS Availability Zones. Column Case Management provides fully automated failover and advanced backup and recovery measures to ensure that IAM services are available for operation and use. Additionally, controls are in place to provide quick restoration capabilities from backup, in the event that a site or overall service experiences a critical failure
Outage reporting
Column Case Management is a pure SaaS solution and Column Case Management service components are monitored by Column DevOps personnel. For serious issues, your customer success manager will reach out to you via email and/or phone. Column Case Management Assigns a Customer Success Manager to every client. The Customer Success Manager serves as your primary point of contact and your advocate within Column Case Management.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Column Case Management applies the principle of least privileged access.Employees are granted access based on pre-approved roles and job descriptions, which are reviewed and re-certified at least annually.In Okta, administrative access is restricted to DevOps. We utilize a support account, separate from customer access accounts.Access to the production environment by Column DevOps personnel requires remote access into the EC2 environment which is restricted through the use of a Secure Shell (SSH) connection from the Column corporate IP address and two-factor authentication.
Access restriction testing frequency
Less than once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
EY Certify Point
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
Full scope of the certification is available at https://aws.amazon.com/compliance/iso-certified/
ISO 28000:2007 certification
CSA STAR certification
CSA STAR accreditation date
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
Full scope of CSA certification is available at https://cloudsecurityalliance.org/star/registry/amazon-aws/
PCI certification
Who accredited the PCI DSS certification
PCI Security Standards Council
PCI DSS accreditation date
What the PCI DSS doesn’t cover
Full scope of compliance certificate can be found: https://aws.amazon.com/compliance/services-in-scope/
Other security certifications
Any other security certifications
  • CJIS
  • CSA
  • Cyber Essentials Plus
  • DoD SRG Levels 2 and 4
  • FedRAMP
  • ISO 9001
  • ISO 27017 and 27018
  • ITAR
  • MPAA

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Column Case Managment has completed a SOC 2 Type II audit. Column leverages Amazon Web Services (AWS) to host IdentityNow. AWS maintains compliance with ISO 9001, ISO 27001, HIPAA, PCI, SOC, CSA, FedRAMP, FERPA, and other compliance programs. More information is available at https://aws.amazon.com/compliance/.
Information security policies and processes
Column Case Management maintains IT Security policies which define IT security protocols in order to help minimize security risks. The policies (including incident response, change management, data handling, DR/Backup) are available on the Company’s intranet and are reviewed annually. All Column Case Management employees complete online computer-based security awareness training annually. The computer-based training covers traditional security awareness topics, including physical, email and mobile device security. The training also includes anti-phishing simulated attacks throughout the year and training designed to improve employees' recognition of baits and traps commonly found in phishing emails and spear phishing attacks. Employees learn to identify and avoid manipulative content, malicious and disguised links, dangerous attachments, inappropriate data requests, and other threats. Additional training is provided at the departmental level as appropriate for each role. All members of the engineering team are provided education about developing and testing secure applications including the Open Web Application Security Project (OWASP) Guide to Building Secure Web Applications and Web Services, the most current documents from the OWASP Top Ten Project, Essential Skills for Secure Programmers Using Java/JavaEE from the Secure Programming Council, and SANS’ Top 25 Programming Errors. CyberIAM are Cyber Essentials Certified.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Column Case Managment has formally documented change management procedures are in place to govern the modification and maintenance of production systems and address security, availability, and confidentiality requirements. The Company has adopted a formal systems development life cycle (SDLC) methodology that governs the development and deployment of application code.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Column Case Management completes both internal automated vulnerability scans, which are executed during regular verification cycles as part of each weekly release, and external penetration tests conducted by a third-party firm. AWS performs regular vulnerability scans on the host operating system, web application, and databases in the AWS environment using a variety of tools.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Column Case Management leverages Amazon Web Services (AWS) to host IdentityNow. AWS monitoring tools are designed to detect unusual or unauthorized activities and conditions at ingress and egress communication points. These tools monitor server and network usage, port scanning activities, application usage, and unauthorized intrusion attempts. AWS security monitoring tools help identify several types of denial of service (DoS) attacks, including distributed, flooding, and software/logic attacks.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Customers should report any issues with the Okta service to Column Case Management support via email or telephone. Column maintains a Security Incident Response Policy and Procedure, which specify the steps and roles and responsibilities should such an incident occur. These policies address remediation and follow-through to ensure the issue is understood and fully addressed. As it relates to a security issue with a Column product or service broadly impacting all customers. For serious issues, your customer success manager will reach out via email and/or phone.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Connected networks
Other public sector networks
We can Integrate with any system if they allow us


£60.00 a user a month
Discount for educational organisations
Free trial available
Description of free trial
90 day evaluation period with full access to the application.
Link to free trial

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@highmetric.com. Tell them what format you need. It will help if you say what assistive technology you use.