Zipporah Ltd

Vehicle licensing appointments and MOT bookings

An online booking and appointment solution for MOTs and Private Hire/Hackney carriage licenses (taxis). Empower your citizens to manage themselves though an easy online process. Accelerate first-time applications and renewals while freeing-up staff through the implementation of a simple, clear and staged processes. Improve communication between local authority and customer.

Features

  • Complete booking capabilities, multiple calendars and resources with daily
  • Staged process - including interactive reminders
  • Create your own processes to suit you
  • Public facing and browser based 24/7
  • Comprehensive reporting and MI
  • Flexible and scalable appointment and booking
  • Reduce telephone and on-site enquiries

Benefits

  • 24 hours a day availability, increased traffic
  • Visibility, reduce transaction costs
  • direct integration to third party payment and finance systems,
  • Workflow busy citizens and provide a better service
  • Improve efficiency by maximising bay and appointment usage

Pricing

£9600 per licence per year

Service documents

Framework

G-Cloud 11

Service ID

9 7 5 4 3 2 8 2 6 0 4 8 9 3 7

Contact

Zipporah Ltd

Jonathan or Jobe

02920 647048

gcloud@zipporah.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
None
System requirements
Internet browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
Zipporah support requests will fall into two categories dependent on the severity of the problem. Category A: The failure of the services to function in accordance with the specification renders the Customer’s system inoperable and business operations are halted. Category B: The Services contain errors or omissions or functional problems that the Customer is able to work around. Category A response time: Respond within 1 hour, every endeavour will be made to correct the issue(s) within 1 working day. Category B response time: Respond within 24 hours, every endeavour will be made to correct the issue(s) within 7 working days.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Zipporah support provides first line support telephone and email support is included within service charge for the annual use of the software solutions. This is support is provided Monday to Friday from 08:30 - 17:30. A dedicated support team is provided to support any issues that you might experience. In addition the up-time guarantee for the service is 99.9% based on 24/7/365 days of the year.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Zipporah uses a phased approach to deliver a controlled and logical project roll out to make the process of on-boarding as straightforward as possible. Every project is led by an experienced Zipporah project manager who will co-ordinate a cross functional team within Zipporah and liaise with client side staff. Initially Zipporah will provide a base lined version of the system in order to ensure an understanding of the client's full requirements and how the system delivers these. This will form the basis of meetings between Zipporah and the various business users to identify system changes and configurations needed. These will be confirmed by the client and Zipporah through a clear document for both parties to sign-off. Zipporah provides training for system end users as a 'train the trainer' approach. We provide user guides where each process and function is detailed and explained. The training sessions are a 'hands on' experience with scenarios set for attendees to ensure a full understanding of how to use the system. Zipporah also provide a Product Specialist resource who users can contact as well as videos showing step by step guides. Zipporah will work with existing suppliers to migrate data as needed.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Zipporah is able to provide the customer with a complete database in Microsoft CSV, XML or Excel formats as standard. We are also able to offer a number of other formats which would be discussed on a case-by-case basis.
End-of-contract process
There are no additional costs at the end of the contract. Zipporah provide customers with it's data in Microsoft formats.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None.
Service interface
Yes
Description of service interface
Customers are able to access Zipporah's services in a number of ways, all of which can be wholly accessed from any internet enabled device - booking, cancelling, amending details or otherwise. Customers are also able to raise, review and update support cases through our online portal, again, wholly accessible by any internet enabled device.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
Zipporah test accessibility for assistive technology using a broad range of methods. We constantly strive to improve our customer service and journey, ensuring the system is accessible to the broadest range of users - while booking, confirming, amending, cancelling or reporting cases and more.
API
Yes
What users can and can't do using the API
Through Zipporah's API, users are able to perform any actions relating to their bookings - such as search, book, amend, cancel etc. The API will automatically utilise all business rules and configuration setup to ensure valid results. Any API required would be attached to the relevant Zipporah solutions purchased by the client.
API documentation
Yes
API documentation formats
  • PDF
  • Other
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The Zipporah solution is a highly configurable and customisable solution that allows the user to control and customise almost all of public facing elements and back office views as desired.

Intuitive tools, provided through the user-interface allows the user the ability to edit buttons, emails and page content so that they can create a solution which has their full look and feel.

Users are able to customise a wide-variety of the booking processes, including the toggling of options to have facilities such as 'document upload' or terms and conditions switched on or off. The status and workflow of bookings received can also be defined through customisation of booking types.

The system also includes the ability for roles to be defined which determines user access. This customisation of roles allows the system administrator to define who has the authority to customise various elements of the system.

Form builders within the module also allow for the customisation of the booking process to define what information you want to capture based on what somebody is looking to book.

Scaling

Independence of resources
We supply individual hosting for clients based on their needs or requirements. Clients therefore have their own, dedicated server which ensures no interference with the solution. Clients are able to opt for shared hosting, with client specific, independent databases - where we isolate every client through the options provided to us via IIS and put upper limits on each individual site. Zipporah utilise real time monitoring tools to review speed and uptime tolerances of all clients as well as utilising CPU usage alerts which are set to alert Zipporah should any CPU reach 75% utilisation.

Analytics

Service usage metrics
Yes
Metrics types
The service metrics we provide are within an array of application specific reporting suites. These reports allow clients to access a wide range of metrics from systems and provide comprehensive and clear information about how the service is functioning.
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
There are a number of standard reports that contain all system information - the user is able to export these in a number of Microsoft formats.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • Spreadsheet
  • PDF
Data import formats
Other
Other data import formats
  • XML
  • Spreadsheet

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
The Standard SLA covers: 99.9% monthly network up-time guarantee, 5-hour hardware failure response time Credit allowances for hardware or network failure beyond SLAs 24.7 automated SLA monitoring and notification. On top of this we offer a network guarantee of 99.9% monthly network up-time for our ISP network. In the event of a network fault that takes your server off-line, we will offer a credit allowance.
Approach to resilience
Networks are continuously and automatically monitored. Zipporah are immediately informed of any potential problem so that it is normally rectified before your service is affected. If any complications arise, the support team will be in regular contact to update clients of on-going progress and expected resolution time-frames. This service would usually be provided via email.
Outage reporting
The Zipporah information security policy covers all forms of information security such as data stored on computers, transmitted across networks, printed or written on paper, stored on discs and drives, stored in the Cloud or spoken in conversation or over the telephone. All managers are directly responsible for implementing the Policy within their business areas, and for adherence by their staff. It is the responsibility of each employee to adhere to the policy. Disciplinary processes will be applicable in those instances where staff fail to abide by this or any other Zipporah Ltd security policy. It is the policy of the company to ensure that information will be protected against unauthorised access, that confidentiality of information is assured, that integrity of information is maintained, that regulatory and legislative requirements regarding intellectual property rights, data protection and privacy of personal information are met, that business continuity & disaster recovery plans will be produced, maintained and tested, that staff shall receive sufficient information security training and that all risks are identified, measured, communicated, controlled and where necessary, reduced in magnitude. All breaches of information security, actual or suspected are reported and investigated by the Zipporah Security and Risk Committee.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Identity and authentication controls restrict access through the following mechanisms: Authentication federation, Username and password, Two factor authentication, Username and strong password/passphrase enforcement.
Access restriction testing frequency
At least once a year
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
CfA
ISO/IEC 27001 accreditation date
24/01/2019
What the ISO/IEC 27001 doesn’t cover
Everything is covered by our ISO 27001 accreditation.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • ISO 27001
  • Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
We have a Cisco ASA 5516 firewall with Firepower. Windows updates through GFI, deploying Critical updates automatically. We obtain all the cyber threats through firesight management and have also been given a portal to Mi5’s Cyber security.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Zipporah use SVN as our code library which maintains all changes and check-ins performed on Zipporah code, allowing us to compare any check-ins to review what was done. The use of SVN allows us to manage branching of our solutions to maintain versions for specific clients. Zipporah operate a job monitoring system allowing monitoring of support and development jobs. Jobs are matched to check-ins to reference change and reasons for change. In achieving accreditation for ISO27001:2017 we have processes for designing and writing software including security considerations and impacts. This includes stages of peer review for security and pen testing.
Vulnerability management type
Undisclosed
Vulnerability management approach
We have a Cisco ASA 5516 firewall with Firepower. Windows updates through GFI, deploying Critical updates automatically. We obtain all the cyber threats through firesight management and have also been given a portal to Mi5’s Cyber security.
Protective monitoring type
Undisclosed
Protective monitoring approach
Our data centre deploys the Cisco Firesight Management Center alongside Cisco 5516x firePOWER IPS, Apps, AMP and URL with Smartnet.
Incident management type
Undisclosed
Incident management approach
As part of our ISO 27001 and 9001 certifications Zipporah has a complete process to for Non-Conformance Control, Information Security Incidents & Corrective Actions. Any non conformance report can be submitted via telephone or email. Corrective Actions and Actions to Prevent Recurrence are identified and recorded on the NCR. Once complete NCR’s when appropriate are returned to the customer, then filed and reviewed at the Management Review Meeting.

Incidents can be reported through a variety of means whether directly to our support system or via telephone. Equally where we have automated tools this may issue us alerts.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£9600 per licence per year
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑