Module Db
Technical Solution
Capita’s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL:
Cost is reduced through greater economies of scale, removal of duplication and our unified approach to service delivery and change
Quality and consistency of the customer experience is increased through a single view of customer and common service design approach
Risk to revenue collection and service delivery is minimised by removing inter-Lot dependencies
Commercial interests are aligned, removing any barriers to innovation and realising future opportunities
Interoperability and future strategic flexibility is maintained through a modular, ‘off the shelf’ solution design
Oversight and assurance is simplified through higher quality, comprehensive and transparent reporting and information sharing
Specific changes to this module in order to deliver these benefits are annotated throughout this document in this style
Contents
1 Enforcement Operations Solution Architecture ... 5
1.1 Introduction ... 5
2 Architectural Principles and Standards ... 6
2.1 Applicable Standards ... 7
3 Design methodologies ... 8
3.1 Solution Architecture ... 8
3.2 System Integration ... 9
3.3 COTS Configuration... Error! Bookmark not defined. 3.4 Management Information System ... Error! Bookmark not defined. 3.5 Testing and Assurance ... 9
3.6 Infrastructure Build ... 10
3.7 Data Migration ... 11
3.8 Security ... Error! Bookmark not defined. 3.9 Service Management ... 11
4 Application Architecture, Service Systems and Service System Integration 11 4.1 Introduction ... Error! Bookmark not defined. 4.2 Application Architecture ... Error! Bookmark not defined. 4.3 Service Systems ... Error! Bookmark not defined. 4.4 Service system Integration ... Error! Bookmark not defined. 4.5 Data Management ... Error! Bookmark not defined. 5 Functional view ... 11
5.1 General Notice Processing ... Error! Bookmark not defined.
5.2 Penalty Charge Processing ... Error! Bookmark not defined.
5.3 Foreign Vehicles ... Error! Bookmark not defined.
5.5 Representations ... Error! Bookmark not defined.
5.6 Representations – Additional Evidence ProcessError! Bookmark not defined.
5.7 Late Representations ... Error! Bookmark not defined.
5.8 Appeals ... Error! Bookmark not defined.
5.9 Appeals – Additional Evidence ... Error! Bookmark not defined.
5.10 Appeals – Outcome Receipt ... Error! Bookmark not defined.
5.11 Appeals – Review ... Error! Bookmark not defined.
5.12 Appeals – Withdrawn ... Error! Bookmark not defined.
5.13 Appeals – Costs ... Error! Bookmark not defined.
5.14 Application for Debt Registration ... Error! Bookmark not defined.
5.15 Receipt of Statutory Declarations .... Error! Bookmark not defined.
5.16 Issue of Bailiff Warrants of Execution to BailiffsError! Bookmark not defined.
5.17 Out of Time Statutory Declarations .. Error! Bookmark not defined.
5.18 N244 Applications ... Error! Bookmark not defined.
5.19 Legal Claims ... Error! Bookmark not defined.
5.20 Escalations ... Error! Bookmark not defined.
5.21 Complaints ... Error! Bookmark not defined.
5.22 Dispensation management ... Error! Bookmark not defined.
5.23 Payments... Error! Bookmark not defined.
5.24 Penalty Charge Cancellation ... Error! Bookmark not defined.
5.25 Penalty Charge Suspensions ... Error! Bookmark not defined.
5.26 Quality Monitoring ... Error! Bookmark not defined.
5.27 Batch Processing ... Error! Bookmark not defined.
5.28 Workflow ... Error! Bookmark not defined.
5.30 Payments... Error! Bookmark not defined.
5.31 Customer Interaction Management . Error! Bookmark not defined.
6 Technology and Infrastructure ... 11
6.1 Office/Data Centre locations ... Error! Bookmark not defined. 6.2 WAN network infrastructure ... Error! Bookmark not defined. 6.3 Data centre ... Error! Bookmark not defined. 6.4 Infrastructure Security ... Error! Bookmark not defined. 6.5 Performance and capacity view ... Error! Bookmark not defined. 7 Risks, Mitigations, Assumptions & Dependencies ... 12
7.2 Solution advantages ... 13
7.3 Ability to deliver ... 13
7.4 Licensing ... 14
1
Enforcement Operations Solution Architecture
1.1 Introduction
1. The technical solution has been designed to enable the delivery of a world
class road user charging enforcement and traffic enforcement service that enhances London's reputation and supports the following objectives:
Retains a focus on the Customer and their interaction with Capita and TfL
Cost reduction
Timely, accurate processes, auditing and reporting
Flexibility and agility supporting cost effective future change as the business requirements evolve.
2. The technical solution has been developed following a structured architectural
approach employed on Capita SI projects that consists of the following stages:
Architectural Goal - Capturing the business outcomes sought as outlined above aligned with TfL's requirements
Architectural principals - Principles defined to shape the solution,
Business architecture - Capturing the business functionality and aligned to the operational service
Architecture solution views (Information, Application, Integration,
Infrastructure, ICT Service, Security and Transition) reviewing the designs to reflect dialogue and further clarification.
3. This will deliver a business aligned, comprehensive solution that is understood
and as a consequence can be easily maintained. This response is structured as follows:
Section 2 Architectural Principals and Standards (international, and national) that will apply to the design and build of the service systems
Section 3 Design methodologies - description of the methodologies to be applied to the design, configuration, build, and integration of the Service System(s) and their components
Section 4 Data and Application Architecture, Service Systems and Service system interfaces - A description of the major software components, including whether they are Commercial Off-The-Shelf (COTS) and the detail and complexity of any development or customisation work required
Section 5 Functional Conformance - How the solution meets the
requirements and where the major functions are supported by the solution
Section 6 Technology and infrastructure view - including provision for systems resilience, systems security, availability and recovery from failure, performance and capacity. Includes a description of the major hardware components and geographic distribution of services
Section 7 Risks, Mitigations, Assumptions & Dependencies (on TfL)
Section 8 Solution advantages
Section 9 Ability to deliver
2
Architectural Principles and Standards
4. Capita have adopted the design principles presented in Table 1 below.
ID Principal Rational
1 Use established COTS products in preference to bespoke
developments
The use of COTS reduces the need for bespoke development, enables TfL to benefit from on-going product
investment and cost effectively deliver the functionality required.
2 Implement simple open API's to support interoperability
Enables agreed exploitation of the services by both TfL and delivery partners e.g. TfL Web Channel and BOps
3 Seek to deliver simple intuitive user interfaces and experiences,
Ease of use helps ensure efficient accurate system support for business processes.
4 Prefer configuration over development
Drives low cost of change
5 Minimise number of service
systems with a single central store for all key data
Reduces overall system complexity and supports low cost of change and information management.
6 Implement Enterprise Application Integration (EAI) technology to insulate Service Systems from 3rd party platforms and record an independent log of each transaction
Simplifies interface development and future change of both interfaces and potentially business applications.
7 Deliver a highly flexible web and mobile application API
Support a rich online user experience
8 Leverage existing Capita managed service solutions for commodity infrastructure
Securely provides a robust, scalable and highly flexible platform at a cost effective price point
9 Configurable solution. Facilitates rapid and efficient change. Table 1 - Architecture Principals
5. Derived from the TfL business aims requirements these principals have been
adopted to shape the solution development. All key design decisions are made with these in mind with a goal of optimising delivery and operational effectiveness.
Standardised & Efficient
2.1 Applicable
Standards
6. We will follow industry standards of modular design and best practice, using
COTS products wherever possible.
7. Capita has a set of Policies, Processes and Procedures aligned with ITIL
good practice, ISO20000 and ISO27001 standards. Where applicable, we will seek accreditation to these standards.
8. Other current standards include PRINCE2 and ISEB Testing. Our teams use
the basis of PRINCE2 and tailor this to complement existing project management methodologies.
9. We will provide security appropriate for processing and storing data (e.g. the
PES), taking into account the CESG Good Practice Guides (GPG).
The combined solution: As the standards are common between Lots in the combined solution the activities associated with compliance to these standards e.g. training, design review, testing and assurance, can be more efficiently and consistently applied. The impact is resource savings in programme governance and delivery during the implementation phase.
2.1.1 Development
10. Development standards conformed to include:
'AA' of the WAI's Web Content Accessibility Guidelines (WCAG 1.0)
W3C and XHTML 1.0 Transitional Accessibility Requirements
Where possible open data standards will be used, either from the UK Government or industry, for example BS7666 address standard, e-Government Interoperability Framework (e-GIF), ebXML (Electronic Business using eXtensible Markup Language).
2.1.2 Implementation
11. The following standards will be followed as appropriate for the TfL delivery:
BS ISO/IEC 6592 - Guidelines for the documentation of computer-based application Systems
BS EN ISO 9000-3 - Guidelines for the application of ISO 9001:2000 to the development, supply, installation and maintenance of computer software
BS EN 60950 - Specification for safety of information technology equipment, including electrical business equipment
BS EN 60529 - Specification for degrees of protection provided by enclosures (IPcodes)
BS EN 60073 -Basic and safety principles for man-machine interface, marking and identification. Coding principles for indication devices and actuators.
Standardised & Efficient 2.1.3 Payments
12. Credit / Debit card payments will be handled in accordance with the following
standards all of which are adhered to by Capita Payment services:
APACS 29
APACS 30
APACS 40
APACS 70 (this is technically an overarching standard for the above)
PCI DSS
PA DSS
EMV L1 & L2
P2PE (currently in development).
13. Capita are a member of the PCI SSC to remain abreast of emerging
standards. We understand that not all standards presented are relevant to TfL at this time but believe that there support demonstrates our ability to react and deliver future requirements.
2.1.4 Data Centre standards
14. We propose to utilise {Information redacted} which has been designed and
constructed in accordance with:
The 2009 EU Code of Conduct, Best Practice Guide
ANSI/TIA942-2 (March2010) Telecommunications Infrastructure Standard for Data Centres to the standard of a Tier-III infrastructure and facility
The Uptime Institute, White Paper: Tier Classifications Define Site Infrastructure Performance; Turner, Seader, Renaud and Brill (2008)
ASHRAE Terhaml Guidelines (2009), published by the Technical
Committee 9.9 of the American Society of Heating, Refrigeration and Air Conditioning Engineers, for Class-1 devices
Equipped to comply with the requirements of the UK Department of Energy and Climate Change 2008 CRC Energy Efficiency Scheme
In line with UK Governments drive for ‘Green ICT’
Security up to RESTRICTED (IL3)
Accreditation to BS25999 Business Continuity.
3 Design
methodologies
15. The following industry standard design methodologies have or will be adopted
as in the delivery of the ICT services.
3.1 Solution
Architecture
16. We will adopt an architectural approach, aligned TOGAF ADM Industry Best
Practice, to System Integration. Business and Information models are constructed to articulate the TfL requirement, these are then mapped to a set of ICT components (software and hardware) as presented in response Module Ia Mobilisation. During the Mobilisation phase, the solution design team led by the Technical Design Authority and supported by a number of architecture
stream leads will be formed and the high level architectural solution developed and refined.
17. This approach mitigates delivery risk, ensures requirements compliance and
conformance to design principals in a pragmatic way.
18. The implementation team will be structured around a number of delivery work
streams coordinated and supported by the TDA organisation previously described. The following sections give and overview of the delivery approach in each.
The combined solution: The combined solution will enable resource consolidation as many aspects of the solution design and implementation activities within the two Lots are similar, examples include:
Messaging standards and the adapter patters
Data centre design and implementation
Server build specification
Common product configuration and support guides
Service management design and development of operational procedures
API design and implementation.
As a consequence the combined management team providing governance and assurance will also be smaller than the standalone Lot totals.
3.2 System
Integration
{Information redacted}
3.3 Testing
and
Assurance
19. Capita Assurance and Testing has a proven approach to the full end-to-end
management of testing (Figure 1). Our process addresses all the key activities and deliverables needed for successful project delivery in a controlled manner and in line with ISO9001:2008. The key stages are:
Initiate Test
Analyse Test Requirements
Iterative Testing Construct Tests COTS Configuration Execute Tests Close Testing. Standardised & Efficient
20. The test manager will undertake management of the project stakeholders
throughout the work, and liaise with the support functions if they do not have direct control over these items.
The combined solution: The combined testing solution will see saving associated with efficiencies in scale of the testing activity. Details are presented in "Quality Module Df Testing Combined".
{Information redacted}
3.4 Infrastructure
Build
21. The approach to be followed will build on the high level design activities
initiated in the Mobilisation phase. The high level design will be broken down into a number of detailed designs that will address each aspect of the infrastructure, servers, network, desktop services, and management tools.
22. The designs will be used to implement each environment in turn:
Integration Test
Pre-Production
Disaster Recovery
Production and Training.
23. Each implementation configuration will be fully documented and the lessons
learnt input into the overall design and build scripts. This progressively improves the design of both the infrastructure and the implementation approach, resulting in a reliable consistent implementation.
The combined solution: The build approach for the combined infrastructure benefits from a large number of common modules within the infrastructure e.g.:
Reduce DC requirements due to shared resource
WAN links shared
Common Security services – Firewalls, SIEM, AV support etc.
Shared virtualised infrastructure,
Shared Environments e.g. Development, Test, Integration Test, Pre-Production and Production environments.
Common LAN Network
Shared SAN infrastructure
Utilities – Backup, monitoring, service management, policies and procedures
As a consequence there is less infrastructure to build, configure and support making savings in both implementation and operation.
3.5 Data
Migration
{Information redacted}
3.6 Service
Management
{Information redacted}
4
Application Architecture, Service Systems and Service
System Integration
{Information redacted}
5 Functional
view
{Information redacted}
6
Technology and Infrastructure
7
Risks, Mitigations, Assumptions & Dependencies
7.1.1 Risks and Mitigations24. We have a high level of confidence in our proposed solution and our
Implementation Plan. Our governance and assurance methodologies include rigorous risk management; identifying, mitigating and monitoring risks. The table below provides visibility of some of the more notable technical risks assessed:
ID Risk Severity Mitigation
1 Third party dependencies delay programme -
Dependencies on the third party supplier (e.g. the incumbent supplier) for data, information, resource or service fail to be met impacting the delivery time table.
Medium Capita will ensure that there are clear dependency requirements on third parties and schedule early engagement with them where possible.
2 Transition of service to live fails due to a third party or unforeseen event.
Low Extensive system and operational testing will be undertaken including the ‘Simulated Operation’ and ‘Service Readiness’. Back-out procedures and mechanisms will be agreed and tested prior to the service transition taking place. 3 Fail to meet security
standards -Solution fails to meet the Security
standards required for the processing of evidential data and credit card payments.
Medium Capita has and will continue to engage specialists in HMG and PCI standards to assure that the technology and procedures will address the business need. We will seek early engagement with the TfL accreditor to ensure appropriate and acceptable risk mitigation mechanisms are in place.
Table 2 - Risks and mitigations 7.1.2 Dependencies
25. During the Commercial dialogue meetings we reviewed the list of potential
dependencies on TfL and agreed that a jointly developed statement would be included in our ITS Final Offer. This statement has been included within Quality Module Ib and Module Dc which in turn will form Schedule 28 within the contract.
7.2 Solution
advantages
26. Our solution will fully meet the needs of the business requirements for
Enforcement Operations, delivering excellent customer service, and offering a number of advantages to TfL.
27. Through a combination of innovative design, incorporating the use of
leading-edge COTS products across all aspects of charging and enforcement operations, Capita will deliver systems that will reliably meet today’s operational needs and have the potential to stretch to meet the emerging, and currently unforeseen, needs of operations well into the future.
Improved handling of representations and appeals
Efficient and cost effective Customer interactions
Enhanced Customer experience and safeguarded customer rights
Optimised Service Systems
A world class road user charging service that enhances London's reputation
28. The main advantages of our solution are as follows:
Experienced programme and implementation team, with robust
methodology delivering a low risk transition and cut over to new systems and infrastructure
{Information redacted}
Heavily COTS focused delivery to provide the majority of the required functionality, which will provide both scalability and flexibility by default to reduce risks associated with delivery and on-going support
Each COTS product provides a product roadmap that will deliver new capability into the products that TfL can benefit from
Use of proven managed service solution components (Payments, telephony, document handling), thereby reducing risk and enabling efficiency gains, while simultaneously minimising capital setup costs.
Innovative use of technology such as Automated Speech Recognition and mobile applications to deliver a fresh, effective and reliable experience to the public
Use of Capita’s dynamic hosting and flexible network services to allow the IT to scale up or down, responding easily to changes in demand from TfL customers.
29. We are highly confident that our solution will deliver excellent value for money
and also the functionality, security, reliability and performance sought by TfL to support an effective public and customer experience.
7.3
Ability to deliver
30. Through the size and scope of its operations, Capita employs the full range of
skilled UK based staff required to support these implementation teams, in conjunction with its chosen COTS providers. This includes over 800 employees skilled and experienced in applications design, development and testing and a further 370 skilled and employed in ICT infrastructure design,
Standardised & Efficient Customer Satisfaction
build and testing. Service Management is delivered via ITIL certified staff with over 350 employees certified to foundation level of ITIL (either version 2 or 3), with a further 42 staff certified in other ITIL disciplines.
31. The domain knowledge includes staff with Security experience delivering ICT
systems and services.
7.4 Licensing
32. Capita has proposed transferable “Perpetual right to use” based licences for
the majority of software.
33. For those elements of our software solution to which TfL have access, Capita
will put in place suitable licensing arrangements with the relevant third party suppliers to enable TfL to receive the Services.
Appendix DbA Shared Systems
With reference to Clause 6.2.3, and without prejudice to Clauses 45 and 49, the following categories of Hardware, Software and Systems may not be dedicated to provision of the Services under this Agreement and may also be used in the provision of services to other clients of Capita and / or in the provision of services under the BOps Services Agreement:
Networks
Telephony (including IVR) Firewalls
Storage
Virtual Server Infrastructure Security Systems
Finance System
Knowledge Management System Service Desk
