FAQs

HomeFAQs

Technical, Security and Resilience

Crises Control is wholly owned by Transputec, a privately owned limited company. Transputec is an established IT services and solutions company with over 35 years of innovation, managed IT services and excellent customer service.

Crises Control is hosted on Microsoft Azure in Europe (Germany West Central and France Central) for high availability and geographical redundancy. Microsoft Azure runs in datacentres managed, monitored and administered by highly experienced Microsoft operational staff. Azure datacentres are compliant with key industry standards, such as ISO/IEC 27001:2013 and NIST SP 800-53. Crises control has implemented Microsoft Defender for Cloud to manage security across virtual networks, data, apps and other resources.

Crises Control is also an approved supplier on the G-Cloud 11 platform that supports hundreds of digital programs across the UK public sector. It is hosted with UKCloud, ISO 27001/27017/ 27018/20000/9001 accredited data Centre providing high security platform for Government and Public Sector clients.

Our Middle East and Africa cloud is hosted with Oman Data Park. Established in 2012, Oman Data Park is the Sultanate’s premier IT Managed Services provider offering superior Managed Data Centre, Cyber Security and Cloud Services utilising our locally hosted Tier 3 certified Data Centres. Oman Data Park serves over 500 local and international corporates ranging from large, mid-tier to small companies and Government sector organisations.

Our partner in Saudi Arabia, Oracle Cloud Infrastructure (OCI)  is one of the leading data centres in KSA with multiple highly available Data Centres in Saudi Arabia, a responsive 24/7/365 support, and high security accreditation standards. OCI offers an extended network which covers most of the major cities in the Kingdom. 

In the United Arab Emirates, Crises Control is hosted on Azure Cloud, a Microsoft solution launched in 2010. It is a Cloud Service Provider (CSP) trusted by many different customers across the Middle East and is known for delivering on privacy and security commitments in a compliant and transparent manner.

Crises Control data storage has high levels of security built into the architecture, we use MS SQL security framework to encrypt the data at rest.

Our service is a SaaS model as standard which has no touch points with a client’s own network. There is SSL encryption for traffic between the client device and the Crises Control application servers.

Our data is backed up every 10 minutes and replicated to the fail over data centre.

Crises Control provides GDPR compliance security for our customers by taking the necessary steps to protect data at all points from secure hosting, encryption of data both at rest,  and SSL data encryption in transit.  Learn more

No payment data, such as client’s bank account details, is held on the Crises Control systems. All credit card payment processing is done by our banking partner Worldpay. Worldpay’s secure online payment gateway provides:

  • Advanced fraud protection
  • Accept all major credit and debit cards as well as PayPal
  • Secure your payments with our fraud screening to help protect you and your customer
  • Manage your invoices and transactions with our simple online reporting tools
  • Set up recurring payments and subscription-based payment plans for your customers
  • Accept payments in over 116 currencies
  • Our payment processing systems are compliant with PCI DSS industry security standards

Crises Control uses WorldPay, who process any credit card payments. Crises Control does not hold any credit card information, all credit card transactions are processed throught WorldPay gateway.

Crises Control system has no touch points with the client operating environment and so will not breach your PCI compliant zone boundaries.

WorldPay are PCI compliant, Worldpay is a global leader in payments processing technology and solutions for our merchant customers.

We partner with different major telecom companies around the world to meet the specific needs of our clients.

Our primary messaging partner for SMS and voice calling is Twilio which is a leader in the industry.  Twilio maintains redundant inbound and outbound connectivity with dozens of network carriers around the world. Their real-time systems dynamically route each call or message via the carrier with the best connectivity at any point in time, responding automatically to carrier availability and reliability.

Other partners include CM.com and  Unifonic in the Middle East region

We partner with Apple, Google for PUSH notice alerts.

We partner with Microsoft and AWS for hight volume Email alerts.

Crises Control is available on the UK government digital service framework G-cloud. This service is operated from two distinct environments to provide public sector consumers with choice and price flexibility, dependent upon their information assurance requirements.

Our standard offering is hosted on a Government Community Cloud platform suitable for information assurance needs up-to “OFFICIAL” and is only connected to the public internet. Our secure offering is hosted on a Government Community Cloud platform which holds pan-government accreditation for information up-to and including the “OFFICIAL-SENSITIVE” impact level, with connections to GSI, PSN, N3 and PNN networks as well as the Internet.

We have carefully designed our infrastructure to minimise points of failure and ensure high availability, maximising the resilience of our platform. By leveraging our secure and scalable cloud environment, you can confidently rely on Crises Control to deliver uninterrupted services and support during critical situations. We do not offer on premise hosting for customers who wish to have their own private installation of the Crises Control software.

SeverityCriteriaSLATarget Achievement
1A fault exists that results in a total loss of service or functionality affecting a whole site (sites), or whole system or services.15 minutes to respond.
4 working hours to resolve.
95% of all Severity 1 Incidents will be resolved within the SLA
2A fault exists which results in partial loss of service or functionality affecting multiple users.15 minutes to respond.
8 working hours to resolve.
95% of all Severity 2 Incidents will be resolved within the SLA.
3A fault exists which results in loss of service or functionality for a single user.15 minutes to respond.
24 working hours to resolve.
95% of all Severity 3 Incidents will be resolved within the SLA.

Crises Control has several implementation partners worldwide. It shares ownership with Transputec Limited and Transputec is one of its leading implementation partners.

Transputec and other partners adheres to the following standards:

  • Transputec is fully certified to the ISO 9001:2015 standard.
  • Transputec is fully certified to the ISO 27001:2013 standard.
  • Transputec in the process of achieving ISO 14001:2013 standard.
  • Transputec is fully Cyber Essential certified.
  • Click here for Transputec accreditations.

Crises Control is a Corporate Partner of the Business Continuity Institute and Continiuity Forum. The Business Continuity Institute (BCI) is the world’s leading institute for business continuity. Established in 1994, the BCI has established itself as the leading membership and certifying organisation for Business Continuity professionals worldwide.

Huawei phones, which run on the Android operating system, have encountered some challenges related to app downloads and usage due to a series of events that unfolded in 2019 and beyond. Here's a summary of the situation:

US Government Restrictions: In May 2019, the United States government placed Huawei on a trade blacklist, effectively prohibiting US companies from doing business with Huawei without special permission. This action was taken due to concerns about national security and Huawei's alleged ties to the Chinese government.

Google Services and Play Store Access: As a result of these restrictions, Huawei's newer phones, such as those released after May 2019, lost access to Google services, including the Google Play Store. This meant that users of these phones could not access the official Google Play Store to download apps like they normally would on other Android devices.

Huawei has been actively working on finding solutions to these challenges, and the availability of apps on Huawei devices might have improved or changed.

If you're using a Huawei device and facing issues with app downloads, it's a good idea to check the current state of Huawei's app ecosystem, any updates from Huawei on this matter, and online forums or communities where users might share their experiences and workarounds.

Systems Integrations

You can use Crises Control from your desktop, laptop, tablet or mobile phone anywhere in the world. All you need is an internet connection or mobile data to receive emails and push notifications, and phone signal to receive SMS and phone calls.

Crises Control offers the incident manager up to 5 communication channels: email, SMS, push notification, telephone call and web alert. Any combination of channels can be used to deliver the message to users. 

Messages can be cascaded with time gaps between channels to avoid spamming users and optimise reach and cost control.

There is no limit to the number of recipients an alert can be sent to.

  • Active Directory Integration
  • Azure Active Directory Provisioning (SCIM)
  • Single sign on (SSO) Azure AD/Okta
  • Open APIs
  • Fire detection systems
  • CCTV monitoring systems
  • Security monitoring systems
  • Cyber threat monitoring systems
  • Service desk systems
  • IT alerting systems
  • CRM systems
  • HR systems
  • Server monitoring systems
  • Ticketing systems (ITSM)

We can support single-on via Centrify  and OKTA  cloud identity service providers for single sign-on. The Crises Control application and API use SAML for integration with Centrify Identity Manager.  Additional service providers may be considered for future integration.

Notifications & Alerts

There can be several reasons why you may not receive emails. Here are some common factors to consider:

  1. Incorrect Email Address: Double-check if the email address provided to the sender is correct. Even a minor typo can result in emails being sent to the wrong address.
  2. Spam or Junk Folder: Check your spam or junk folder in your email client or webmail interface. Sometimes, legitimate emails can be filtered as spam and end up in these folders. Marking such emails as "not spam" can help avoid this in the future.
  3. Email Filtering: Spam filters are customisable and can block emails containing specific words, and some networks or organisations have strict rules that automatically block, or mark messages sent outside of their whitelist. Review your email settings to ensure they are not set to reject or filter out specific senders or types of emails.
  4. Full Mailbox: If your email account has reached its storage capacity, new emails may not be delivered. Ensure that your mailbox has sufficient space to receive new messages.
  5. Email Delivery Issues: Occasionally, there may be temporary issues with the sender's email server or your email provider's server that can result in delayed or failed email delivery. In such cases, it's advisable to wait and see if the issue resolves itself.
  6. Network or Connectivity Issues: Connectivity problems on your end, such as internet outages or firewall restrictions, can prevent you from receiving emails. Ensure that your internet connection is stable and that any network or firewall settings are properly configured.
  7. Whitelist Domains & IP Blocks: It is quite common for organisation’s firewalls to block access to traffic except for certain whitelisted. Your network administrator should check this and *.Crises-Control.com and *.Vimeo.com to the whitelist.  Please Note: - The asterisk (*) is a wildcard used to account for any subdomains we use. The last item in the list is for Vimeo, which we use to host video tutorials and training materials.

If you have ruled out these common reasons and are still not receiving emails, it may be worth contacting our support team Support@crises-conttol.com  for further assistance.

Yes. If you are not receiving them, make sure your phone number is correct on My Account, and the Phone and Text channels are enabled.

Learn more about SMS and phone call charges here.

Yes. To receive push notifications, you must download the Crises Control app and log in to your account on your device.

Emails and push alerts are free. More information about calls and SMS text charges can be viewed here.

No. The app cannot override your phone settings.

Yes, as long as the phone can receive phone calls and SMS messages. However, you will not receive push notifications.

To use the mobile app, your device will need to be Android 10.0+ or iOS 10.0+.

In spite of its popularity and ease-of-use across the world, SMS delivery is not always guaranteed, and several factors influence the successful delivery of sent messages. The top factors affecting SMS delivery are:

Phone number validity

  • Incorrect/non-existing phone number
  • Recipient phone number inactive
  • Incorrect international country code
  • Sending a message to a landline

Filtering content

  • Incorrect sender ID
  • Keyword filtering
  • Repeated messages

Routing factors

  • Using cheap routes
  • Portability issues

Other Factors
Message delivery can also be affected for reasons such as a full inbox, a frozen messaging application, roaming limitations, and errors on the operators’ SMS servers.

Some phones cannot accept some types of messages, such as WAP push messages, binary text messages, or texts with special characters.

Different operators and countries stipulate different SMS encoding standards. So, when a text message fails to send, it could mean the wrong encoding was used. For example, some carriers in Europe will not deliver messages sent in Unicode characters.

You can view if messages have failed to send on the Message Delivery Report, where you can download the failed report to find out why messages failed.

Crises Control will alert the relevant stakeholders when an incident is closed. This alert, like all other alerts, will require the user to acknowledge it. However, if you do not wish to alert users when closing an incident this can be disabled.

It only takes a few seconds. Within 10 seconds the user will have received the alert. In some cases, the phone call can take a little longer based on the volume of calls.

Currently the behaviour is dependent on the location of the recipient, some countries have the ability convert SMS message text into voice, if that service is enabled

When sending a message to a landline number in the US, Canada and the UK:

Crises Control will not check whether the number is a landline and will attempt to send it to our carrier for delivery. Some carriers (especially the ones in the UK where the landline numbers are text-enabled) will convert the SMS into text-to-speech messages via voice calls. This is normal operation and Crises Control will charge your project for the SMS.

When sending a message to a landline number in other countries:

The Crises Control REST API will throw the error below, and the message will not appear in the logs and your project will not be charged.

"code": 21614, "message": "To number: +86XXXXXXX, is not a mobile number", "more_info": https://www.twilio.com/docs/errors/21614, "status": 400

 

Yes, the Crises Control solution offers a Windows Desktop App that can be downloaded and installed from the Microsoft Store. This app provides a seamless and user-friendly experience for Windows users, allowing them to engage with Alerts received from the Crises Control platform. Click here to download.

The Crises Control Desktop App leverages PUSH notifications to alert users of important updates and alerts, even when they are offline. These push notifications are a powerful means of communication, ensuring that users are promptly informed of any critical information or actions required during a crisis. When a new alert is generated, a push notification will be delivered directly to the Windows Desktop App, serving as a prompt for users to log in to the Crises Control portal or their mobile app for comprehensive engagement with the crisis at hand. This functionality enables users to stay connected and informed, facilitating effective crisis management and response. Click here to download.

Yes, Crises Control does support two-way notification between the system and recipients via email. This means that recipients can not only receive notifications via email but can also respond or interact with the system through email. The user can also reply to the alert using any of the other channels like PUSH, Voice Call, SMS, allowing for effective communication and collaboration during crisis situations.

Our system is flexible and scalable, the throughput of voice calls can be configured to meet your requirement. There are a number of factors to be considered when determining the max and min voice call throughput that would be selected.

As a standard, we have the capacity to process voice calls at a rate of 600 segments per minute in aggregate. Our system is designed to scale to higher volumes if required. However, it's important to note that the exact number of voice calls delivered may vary depending on factors such as network conditions and the length of each voice call, phone device availability etc. Call us today to discuss your requirement.

As a standard, Crises Control can execute 15,000 emails per minute in aggregate. This provides a high level of efficiency and ensures timely delivery of email notifications. However, it's important to note that our service is highly scalable, meaning that we can easily increase this capacity to meet your specific requirements. Whether you need to send a larger volume of emails or require faster delivery, we have the flexibility to accommodate your needs.

Crises Control GDPR Compliance

The General Data Protection Regulation (GDPR) is a sweeping new EU law that went into effect in all EU Member States on May 25, 2018. It mandates how companies can collect, store, delete, modify and otherwise process personal data of EU citizens. It applies to any company that processes personal data of EU citizens, regardless of whether it has any physical presence in the EU, or even whether it has any EU customers. Companies are also required to pass these obligations down to all of their vendors and suppliers who may also handle personal data of EU citizens anywhere in the world. Despite Brexit, the UK is committed to stay compliant with the GDPR.

Under EU law, personal data means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. It doesn’t have to be confidential or sensitive to qualify as personal data.

Where we are the processors of your data, our obligation is to ensure that this data is processed lawfully, fairly and transparently as agreed by our clients and to maintain appropriate security controls. Processing here means maintaining the confidentiality, availability, integrity and security of the data, the servers and network where the data is held. Where it is exceptionally necessary to access a client database to investigate a client issue, we will always seek the client’s permission. We work hard to protect Crises Control and our users from unauthorised access to or unauthorised alteration, disclosure or destruction of information that we hold. In particular:

  • We encrypt many of our services using SSL.
  • We offer two factor authentication (2FA) verification when you access your Crises Control Account.
  • We use Cloudflare Advance Security to protect and secure the application and APIs against denial-of-service attacks, customer data compromise, and abusive bots.
  • We encrypt data whilst at rest.

    We use Cloudflare for fast Global Content Delivery Network, which speeds up web page loading times. Cloudflare are certified under the EU-US and Swiss-US Privacy Shield frameworks for onward transfers of EU data to the United States. (See https://www.cloudflare.com/privacyshield/).

     We have Data Protection Addendum (DPA), which is a contractual agreement in place with Cloudflare to protect our customer’s data to EU- GDPR standards.

  • We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorised access to systems.

  • We restrict access to personal information to Crises Control employees, contractors and agents who need to know that information in order to process it for us and who are subject to strict contractual confidentiality obligations. They may be disciplined, or their contract terminated if they fail to meet these obligations.
  • We are ISO 27001, ISO 9001 certified
  • We employ certified GDPR practitioners to maintain and improve security standards.

Our Privacy Policy can be found at the bottom of the Crises Control website. Click here to view the Privacy Policy.

Billing and Upgrades

If you sign up for Crises Control, you will pay for your membership annually in advance. You can discuss this and other payment option with us by calling the sales team on +44 (0)208 584 1485 or contact us via email at contactus@crises-control.com.

Push notifications and Emails are free, but there is a charge for telephone calls and SMS messages sent via the Crises Control application. More information about charges for calls and SMS text can be viewed here.

Credit is purchased in advance directly from the portal using credit card or through your account manager. When your account balance is low, your account manager will be in contact to remind you to top up. You can find a statement of your transactions on the portal to track your usage and costs. A monthly detailed account statement will be available on the web portal on the 1st day of the month.

SMS messages and phone calls are charged per unit according to the price package agreed with the customer. Price packages do offer the benefit of discounts for bulk purchases. Unit price varies according to the length and geographical location. One unit is equivalent to an SMS message containing less than 160 characters, or a local phone call of under 1-minute duration. Conference call rates vary according to the destination, the duration of the call and the number of participants on the call.

Your network service provider may charge you for receiving calls or SMS, you will need to check this with your provider in the terms of your contract. A small fee may be applied by your telecom provider when acknowledging via SMS. Check with your service provider to avoid any surprises. You will also need to check with your service provider, what charges are applied for receiving SMS and phone calls when you are abroad.

For our Enterprise solution, the POC is the best way to demonstrate whether Crises Control is the right solution for your organisation. We will support you during this month-long paid trial, helping you to get set up, populating your account and testing the message and incidents functions. At the end of the trial, you will know if Crises Control is the right option for your company and can start your annual Enterprise membership.

You can add users on the web portal in Settings > Setup Users and Add User. If you exceed the contracted number of users, an alert message will appear.

To increase your user allowance, contact your account manager.

If you would like to add another module or extension, such as Task Manager, SOS or Public Alerting, to your current license plan, please contact your account manager to obtain a quote for the module to be added to your account.

If you wish to cancel your membership, contact your account manager more than 30 days before your license is due for renewal, unless you are on a free trial and you cancel before the end of the 30 day period.

You can continue to use Crises Control until your account automatically closes at the end of your current billing period.

Definitely. We’d love to have you back.

We’ll keep your organisation’s account for one year after your account closes, so if you decide to come back during that time, you can pick up right where you left off. Your data will also be saved for one year after your account closes.

About iSOP Wizard

iSOP Wizard is an extension of the Incident Manager module. It allows you to create your own bespoke Incident Action Plans (IAP). Each document produced has an owner, version number, review date and review frequency to allow effective version control. When complete, these documents are stored in the Media Asset Manager where they can be accessed at any time.

Yes, Standard Operating Procedures can be created in iSOP Wizard. You can fill in the sections with the details of the SOP and attach it to the related incident plan. The SOP is then stored on Media Asset Manager and users will be sent the document as an attachment to the incident alert when it is launched.

Yes, if a Standard Operating Procedure is attached to the related incident, users will receive the SOP when the incident is launched.

Yes. The Standard Operating Procedure is stored in Media Asset Manager and iSOP Wizard on the web portal and can be accessed at any time. If the SOP is attached to the related incident, any user opening that incident on their app or web application will be able to access the SOP.

When creating a Standard Operating Procedure, you must select an owner of the file and a review date. Crises Control will send reminders to the owner to review the SOP either weekly, monthly, quarterly or annually.

You can store most file formats associated with the following:

  • Word, Excel and PDF documents
  • Images
  • Videos
  • Audio files
  • Hyperlinks

The System

You can use Crises Control from your desktop, laptop, tablet or mobile phone anywhere in the world. All you need is an internet connection or mobile data to receive emails and push notifications, and phone signal to receive SMS and phone calls.

Crises Control offers the incident manager up to 5 communication channels: email, SMS, push notification, telephone call and web alert. Any combination of channels can be used to deliver the message to users. 

Messages can be cascaded with time gaps between channels to avoid spamming users and optimise reach and cost control.

There is no limit to the number of recipients an alert can be sent to.

Once you press send, it takes seconds for the alert to be delivered to the recipient. 

Yes. We understand that crises don’t just happen one at a time. Crises commonly have knock on effects and trigger multiple simultaneous incidents.

Crises Control has a Public Alerting extension that allows you to send messages to large numbers of contacts via SMS only. The communication is one-way (recipients receive messages but there is no option for them to respond) and large volumes of messages can be executed rapidly and with ease. Unlike the Ping and Incident Manager, Public Alerting does not require contacts to be saved in the platform as registered Users, making it perfect to alert external stakeholders such as clients, suppliers and the general public.

Yes, you can attach media assets to messages, such as videos, pictures, audio files and documents.

Users can be allocated a department, and put into multiple groups and locations to ensure that you are notifying the right people at the right time when sending an alert. You can create as many departments, groups and locations as you need on your account.

 

Crises Control can be integrated with other systems and applications to improve triggers and alerts.

These applications include service desk software, CRM and HR databases, security monitoring systems and many more.

For example, you can launch an incident from an IT alerting system, or you can update your users adding new starters and removing leavers when a trigger is received from the HR system. 

We offer our customer flexibility and integration choices:

  • Active Directory integration
  • Folder Watcher integration
  • Trigger imports via email, SFT and SM. These can launch an incident or send mass notifications via Ping
  • Import users in bulk (CSV, excel file format)
  • Scheduled user data imports, export and much more
  • Data import and on-demand
  • Single-sign on integration (Azure and Okta)
  • Open APIs (for developers and accredited partners) 

Physical monitoring systems such as building alarms, fire alarms, or temp control systems can also be integrated with Crises Control, as can server monitoring software, antivirus software, or any system capable of generating an alert by Email, SMS or SFTP.

Sign up for and start a free trial in two simple steps.

  1. Click the FREE TRIAL link and set up your company.
  2. Start using the system after you have been through the basic tutorials. The tutorials are really simple to follow and you can run them at any time as a refresher.

You can then download the app for your mobile device.

If you need help along the way for whatever reason you can contact us on +44 (0) 208 5841385 or contact us using this link.

The App

Crises Control supports iPhone and Android phones, tablets and PCs. It also supports all mainstream browsers (Internet Explorer, Microsoft Edge, Safari, Google Chrome, Firefox etc.).

Yes, the service is available all over the world but an internet connection is required to use the app.

The app is available in the Apple Store or Google Play.

You can download the mobile app from this link.

Almost all Crises Control actions can be performed from the mobile app.

For example:

  • Send Ping messages (mass notifications) to a select group of users anywhere in the world
  • Create a conference call bridge on demand
  • Launch a business continuity incident, communicate with responders, share action plans, and track the progress of the incident until resolved
  • Receive, accept, manage, and complete incident tasks
  • Use the SOS panic button to alert your security teams if you are in danger or in need of immediate help
  • Enable ‘Track Me During Travel’ if you are entering a dangerous location and want to be tracked until you are safe
  • See your responsiveness ratings

Yes, Crises Control does not require a user to have the app installed on their phone.

Crises Control can still send alert messages to the user’s phone by SMS, telephone and emails, as these channels do not require the app. 

The app provides a richer experience, adding push notifications to the way you can reach users and providing a simpler way to view and manage tasks. The app is more cost effective because push alert messages are free of charge.

Yes, users must have registered their account on the web portal before logging into the app.

The registration process is quick and easy via a verification email invitation. Once this is completed, users are invited by email to download the app to your mobile phone and start using it right away.

About Ping

Ping is used to send messages between people in your organisation. Think of it as your own private and secure “WhatsApp” but much more powerful. It allows you to send short emergency alerts to your users through multiple communication channels (email, SMS, phone call, push and desktop notifications). 2-way communication is supported and real-time acknowledgement data is collected.

In order to comply with GDPR rules requiring PII to be protected from unauthorized or unconsented distribution, messages are encrypted before they are transmitted from device to device. Photos and videos sent via Ping are not sent directly to the message receiver so that they are not downloaded to their device, but kept in our cloud. They are accessed via the link sent to the message receiver.

Photos and videos can be sent in messages. In order to comply with GDPR rules requiring PII to be protected from unauthorized or unconsented distribution, photos and videos are sent to the user as a link to a secure space on the Crises Control cloud.

Yes, you can reply to any person or combination of people, groups, and locations that you have rights to.

Ping messages have a length limit of 250 characters.

All messages in transit are SSL encrypted (256bit).

SSL (Secure Sockets Layer) is a standard security protocol for establishing encrypted links between a web server and a browser in an online communication. SSL technology ensures that all data transmitted between the web server and browser remains encrypted.

When a photo or video is sent to you from another user, you do not receive the photo or video with the message, you receive a link to the Crises Control cloud where you can view it.

Ping messages can be sent through up to five communication channels: SMS, push notification, email, voice call, or desktop notification.

You can choose which channel or channels will reach more of users. The more channels you use the greater the certainty that your message will be received by the recipient.  

The system allows you to configure priority and severity settings for any configuration of channels.

Messages can be cascaded with time gaps between channels to avoid spamming users, and to optimise reach and cost control.

The Crises Control app and the web portal both display the people who have acknowledged the message, or those who have yet to see it in real time.

All messages sent are logged on the Message Delivery Report, where you can view how many messages were sent, which were successful and which failed. You can download the failed report for information on why the message did not get through.

Yes, you can set up multiple choice response options. This information is collected and can be viewed on the web portal or mobile app.

Yes, our communication network is very extensive and covers most of the world.

Communication services may be partially blocked in countries such as China for geopolitical reasons.

Yes, a Ping message can be scheduled to go out at a certain time in the future. They can be sent out once or set to go out repeatedly, such as daily or weekly.

Yes, external systems can be configured to send emails to Crises Control which will trigger an alert.

About Incidents

An incident is an unexpected event that can cause disruption to the normal running of your business.

An incident could be a fire, flood, denial of access, loss of internet, loss of telecommunications, injury or death at the workplace, power outage, cyber crime, data breach, supply chain disruption by severe weather, damage to an aircraft, bomb, terrorism or something else that requires you to alert people immediately and share information with them.

For example, an incident in the context of information technology, is an event that is not part of normal operations that disrupts IT systems and operational processes. An incident may involve the failure of a feature or service that should have been delivered or some other type of operation failure.

There is no limit to the number of people you can send an alert to.

The number of users on your account depends on your license agreement. This can be increased anytime by contacting your account manager.

Yes, you can send alerts to users all over the world.

Yes, users can be organised into groups, locations and departments, so that when sending an alert you can include a mix of groups, departments, locations and individual users.

Yes, you can select the exact location of the incident by searching for the address, coordinates or DMS longitude and latitude when launching an incident.

Yes, every incident can have media assets attached to complement the incident workflow. For example, these can be documents, diagrams, photos, web links, videos, and sound files.

Yes, you can easily organise a virtual meeting using our conference call facility via the Crises Control mobile app or web portal. Select the participants you wish to contact and they will join via their phone. These calls can be recorded for auditable evidence of your phone conference.

Yes, the Incident Control Centre contains up-to-the-minute information regarding every aspect of the incident, including the incident timeline, task timeline, message reports and acknowledgements, location data and more.

Yes, if an incident has tracking enabled, users will be tracked for the duration of the incident. Users must be logged into the mobile app and have granted it permission to track their location.

Yes, if a user is travelling and would like their organisation to know their whereabouts, they can enable ‘Track Me During Travel’ on the mobile app, which allows Crises Control to collect the user’s location data until the user disables it.

Yes, the SOS emergency panic button is available on the Crises Control app. Any user can tap the button in an emergency situation and the team responsible will be alerted and can view the location of the user and communicate with them.

Yes, you can run a simulation exercise on any incident type anytime.

Yes, Incidents or Pings can be scheduled to go out at any time in the future. They can be programmed to go out once or repeatedly.

Yes, any monitoring application can be integrated with Crises Control as long as it has the ability to send an email.

Incidents can be configured to be launched by one user with key holder rights or two users with key holder rights. Incidents that only require one key for launch will be launched immediately, whereas incidents requiring two keys will need an additional user to launch the incident. Users with administrator rights can launch two key incidents without needing an additional user.

You can create as many incidents as you need. There is no limit. 

You can create your own incident plans from scratch, or you can choose the templates from our incident library. These can be modified to suit your business continuity plans.

There are over 200 incident templates in the Incident Library, which includes incidents relating to fires, floods, natural disasters, cyber attacks, bomb alerts and more.

Yes, go to the incident you want to clone and click on edit. Once you are inside the incident, click clone incident at the top right of your screen.

Yes, once you have created your incident plan, you can select the Test On Me option which will simulate the incident with you as the sole recipient for all alerts and tasks.

About Tasks

A task is a guided action for your responders or teams to follow in an incident.

Tasks can be assigned to users to carry out during the incident response. They can be escalated or reassigned in real time.

A Task Checklist is a list of activities for the task assignee to complete as they progress through the task. The checklist can have simple tick checkboxes or selectable answers. The task assignee can also write comments giving more information and updates related to the checklist.

The Task Manager is an extension to the Incident Manager Module. It allows your organisation to allocate, track and monitor tasks with relevant checklists and task assets.

Each task can be assigned to a user or group(s) with a defined KPI for acceptance and completion. If a task is not accepted or completed on time, Crises Control can automatically escalate it to your desired user or group(s).

Tasks can have checklists for the users to complete as part of their task. It helps incident managers keep track of Tasks and deadlines and ensures the Task assignees don’t forget any important steps.

  • It distributes and manages the assignment of tasks to incident response teams.
  • It helps responders report progress by disseminating information to other stakeholders.
  • It makes it easier for incident managers to monitor responders’ activities and progress.
  • It speeds up the time to recovery.
  • The data collected helps your organisation learn and improve.
  • It provides audit and compliance data.

Tasks are created in your incident plans. You can set a user who will be responsible for updating the tasks and will be sent reminders to review them at regular intervals. Tasks must be created with a title, description, recipient, escalation team and acceptance and completion time KPIs.

Yes, a task summary is available for every incident, giving you a quick overview of events. Incident managers can view all open tasks and can assign new or additional users to a task while the incident is in progress.

Yes, all tasks are created with a timeline for response and completion. If the task recipient does not accept or complete the task within the predefined timeline, the task ownership automatically moves to the escalation team.

If the task is not accepted within the predefined time KPI, it will be escalated to a specified user or group who will then take ownership of the task.

Yes, tasks can be created while an incident is in progress by adding an Instant Task. Incident managers can then input the task details, assignees, escalation members and time KPIs.

 

Yes. If you need assistance in completing a task, you can delegate or reassign the task to another user.

Yes, users can provide updates to the incident managers and their team members while completing tasks. They can also write comments on Task Checklists to give additional information

About iSOP Wizard

iSOP Wizard is an extension of the Incident Manager module. It allows you to create your own bespoke Incident Action Plans (IAP). Each document produced has an owner, version number, review date and review frequency to allow effective version control. When complete, these documents are stored in the Media Asset Manager where they can be accessed at any time.

Yes, Standard Operating Procedures can be created in iSOP Wizard. You can fill in the sections with the details of the SOP and attach it to the related incident plan. The SOP is then stored on Media Asset Manager and users will be sent the document as an attachment to the incident alert when it is launched.

Yes, if a Standard Operating Procedure is attached to the related incident, users will receive the SOP when the incident is launched.

Yes. The Standard Operating Procedure is stored in Media Asset Manager and iSOP Wizard on the web portal and can be accessed at any time. If the SOP is attached to the related incident, any user opening that incident on their app or web application will be able to access the SOP.

When creating a Standard Operating Procedure, you must select an owner of the file and a review date. Crises Control will send reminders to the owner to review the SOP either weekly, monthly, quarterly or annually.

You can store most file formats associated with the following:

  • Word, Excel and PDF documents
  • Images
  • Videos
  • Audio files
  • Hyperlinks

Notifications & Alerts

During the registration process Crises Control will send you an email with instructions to complete your registration and download the app. The process of registration is automated and the email originates from noreply@crises-control.com.

If you do not receive this email from Crises Control it may be because your network spam filter has blocked incoming emails from us or is diverting them to your Junk folder.

Spam filters are customisable and can block emails containing specific words, and some networks or organisations have strict rules that automatically block or mark messages sent outside of a whitelist. You can whitelist www.Crises-Control.com so that emails from us aren’t blocked by your organisation.

Whitelist Information for Crises Control:
Domains & IP Blocks
If you’re behind a firewall that blocks access to all traffic except for certain domains or IPs and the network has granted access to just www.crises-control.com, the network administrator needs to add all our domains, subdomains, and IP blocks for the site to work properly. Otherwise, you might experience issues, for example certain pages won’t load or you won’t be able to upload or view files.

Domains
*.Crises-Control.com
*.Vimeo.com
The asterisk (*) is a wildcard used to account for any subdomains we use. The last item in the list is for Vimeo, which we use to host video tutorials and training materials.

Yes. If you are not receiving them, make sure your phone number is correct on My Account, and the Phone and Text channels are enabled.

Learn more about SMS and phone call charges here.

Yes. To receive push notifications, you must download the Crises Control app and log in to your account on your device.

Emails and push alerts are free. More information about calls and SMS text charges can be viewed here.

No. The app cannot override your phone settings.

Yes, as long as the phone can receive phone calls and SMS messages. However, you will not receive push notifications.

To use the mobile app, your device will need to be Android 5.0+ or iOS 10.0+.

In spite of its popularity and ease-of-use across the world, SMS delivery is not always guaranteed, and several factors influence the successful delivery of sent messages. The top factors affecting SMS delivery are:

Phone number validity

  • Incorrect/non-existing phone number
  • Recipient phone number inactive
  • Incorrect international country code
  • Sending a message to a landline

Filtering content

  • Incorrect sender ID
  • Keyword filtering
  • Repeated messages

Routing factors

  • Using cheap routes
  • Portability issues

Other Factors
Message delivery can also be affected for reasons such as a full inbox, a frozen messaging application, roaming limitations, and errors on the operators’ SMS servers.

Some phones cannot accept some types of messages, such as WAP push messages, binary text messages, or texts with special characters.

Different operators and countries stipulate different SMS encoding standards. So, when a text message fails to send, it could mean the wrong encoding was used. For example, some carriers in Europe will not deliver messages sent in Unicode characters.

You can view if messages have failed to send on the Message Delivery Report, where you can download the failed report to find out why messages failed.

Crises Control will alert the relevant stakeholders when an incident is closed. This alert, like all other alerts, will require the user to acknowledge it. However, if you do not wish to alert users when closing an incident this can be disabled.

It only takes a few seconds. Within 10 seconds the user will have received the alert. In some cases, the phone call can take a little longer based on the volume of calls.

GDPR

The General Data Protection Regulation (GDPR) is a sweeping new EU law that went into effect in all EU Member States on May 25, 2018. It mandates how companies can collect, store, delete, modify and otherwise process personal data of EU citizens. It applies to any company that processes personal data of EU citizens, regardless of whether it has any physical presence in the EU, or even whether it has any EU customers. Companies are also required to pass these obligations down to all of their vendors and suppliers who may also handle personal data of EU citizens anywhere in the world. Despite Brexit, the UK is committed to stay compliant with the GDPR.

Under EU law, personal data means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. It doesn’t have to be confidential or sensitive to qualify as personal data.

Where we are the processors of your data, our obligation is to ensure that this data is processed lawfully, fairly and transparently as agreed by our clients and to maintain appropriate security controls. Processing here means maintaining the confidentiality, availability, integrity and security of the data, the servers and network where the data is held. Where it is exceptionally necessary to access a client database to investigate a client issue, we will always seek the client’s permission. We work hard to protect Crises Control and our users from unauthorised access to or unauthorised alteration, disclosure or destruction of information that we hold. In particular:

  • We encrypt many of our services using SSL.
  • We offer two factor authentication (2FA) verification when you access your Crises Control Account.
  • We use Cloudflare Advance Security to protect and secure the application and APIs against denial-of-service attacks, customer data compromise, and abusive bots.
  • We encrypt data whilst at rest.

    We use Cloudflare for fast Global Content Delivery Network, which speeds up web page loading times. Cloudflare are certified under the EU-US and Swiss-US Privacy Shield frameworks for onward transfers of EU data to the United States. (See https://www.cloudflare.com/privacyshield/).

     We have Data Protection Addendum (DPA), which is a contractual agreement in place with Cloudflare to protect our customer’s data to EU- GDPR standards.

  • We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorised access to systems.

  • We restrict access to personal information to Crises Control employees, contractors and agents who need to know that information in order to process it for us and who are subject to strict contractual confidentiality obligations. They may be disciplined, or their contract terminated if they fail to meet these obligations.
  • We are ISO 27001, ISO 9001 certified
  • We employ certified GDPR practitioners to maintain and improve security standards.

Our Privacy Policy can be found at the bottom of the Crises Control website. Click here to view the Privacy Policy.

Billing and Upgrades

If you sign up for Crises Control, you will pay for your membership annually in advance. You can discuss this and other payment option with us by calling the sales team on +44 (0)208 584 1485 or contact us via email at contactus@crises-control.com.

Push notifications and Emails are free, but there is a charge for telephone calls and SMS messages sent via the Crises Control application. More information about charges for calls and SMS text can be viewed here.

Credit is purchased in advance directly from the portal using credit card or through your account manager. When your account balance is low, your account manager will be in contact to remind you to top up. You can find a statement of your transactions on the portal to track your usage and costs. A monthly detailed account statement will be available on the web portal on the 1st day of the month.

SMS messages and phone calls are charged per unit according to the price package agreed with the customer. Price packages do offer the benefit of discounts for bulk purchases. Unit price varies according to the length and geographical location. One unit is equivalent to an SMS message containing less than 160 characters, or a local phone call of under 1-minute duration. Conference call rates vary according to the destination, the duration of the call and the number of participants on the call.

Your network service provider may charge you for receiving calls or SMS, you will need to check this with your provider in the terms of your contract. A small fee may be applied by your telecom provider when acknowledging via SMS. Check with your service provider to avoid any surprises. You will also need to check with your service provider, what charges are applied for receiving SMS and phone calls when you are abroad.

For our Enterprise solution, the POC is the best way to demonstrate whether Crises Control is the right solution for your organisation. We will support you during this month-long paid trial, helping you to get set up, populating your account and testing the message and incidents functions. At the end of the trial, you will know if Crises Control is the right option for your company and can start your annual Enterprise membership.

You can add users on the web portal in Settings > Setup Users and Add User. If you exceed the contracted number of users, an alert message will appear.

To increase your user allowance, contact your account manager.

If you would like to add another module or extension, such as Task Manager, SOS or Public Alerting, to your current license plan, please contact your account manager to obtain a quote for the module to be added to your account.

If you wish to cancel your membership, contact your account manager more than 30 days before your license is due for renewal, unless you are on a free trial and you cancel before the end of the 30 day period.

You can continue to use Crises Control until your account automatically closes at the end of your current billing period.

Definitely. We’d love to have you back.

We’ll keep your organisation’s account for one year after your account closes, so if you decide to come back during that time, you can pick up right where you left off. Your data will also be saved for one year after your account closes.

Technical, Security and Resilience

Crises Control is wholly owned by Transputec, a privately owned limited company. Transputec is an established IT services and solutions company with over 35 years of innovation, managed IT services and excellent customer service.

Crises Control is hosted on Microsoft Azure in Europe (Germany West Central and France Central) for high availability and geographical redundancy. Microsoft Azure runs in datacentres managed, monitored and administered by highly experienced Microsoft operational staff. Azure datacentres are compliant with key industry standards, such as ISO/IEC 27001:2013 and NIST SP 800-53. Crises control has implemented Microsoft Defender for Cloud to manage security across virtual networks, data, apps and other resources.

Crises Control is also an approved supplier on the G-Cloud 11 platform that supports hundreds of digital programs across the UK public sector. It is hosted with UKCloud, ISO 27001/27017/ 27018/20000/9001 accredited data Centre providing high security platform for Government and Public Sector clients.

Our Middle East and Africa cloud is hosted with Oman Data Park. Established in 2012, Oman Data Park is the Sultanate’s premier IT Managed Services provider offering superior Managed Data Centre, Cyber Security and Cloud Services utilising our locally hosted Tier 3 certified Data Centres. Oman Data Park serves over 500 local and international corporates ranging from large, mid-tier to small companies and Government sector organisations.

Our partner in Saudi Arabia, Sahara Net is one of the leading ISP in KSA with multiple highly available Data Centres in Saudi Arabia, a responsive 24/7/365 support, and high security accreditation standards. Sahara Net offers an extended network which covers most of the major cities in the Kingdom. They are the only “Carrier Neutral” provider in the market utilising all the active Data Service Providers networks.

In the United Arab Emirates, Crises Control is hosted on Azure Cloud, a Microsoft solution launched in 2010. It is a Cloud Service Provider (CSP) trusted by many different customers across the Middle East and is known for delivering on privacy and security commitments in a compliant and transparent manner.

Crises Control data storage has high levels of security built into the architecture, we use MS SQL security framework to encrypt the data at rest.

Our service is a SaaS model as standard which has no touch points with a client’s own network. There is SSL encryption for traffic between the client device and the Crises Control application servers.

Our data is backed up every 10 minutes and replicated to the fail over data centre.

Crises Control provides GDPR compliance security for our customers by taking the necessary steps to protect data at all points from secure hosting, encryption of data both at rest,  and SSL data encryption in transit.  Learn more

No payment data, such as client’s bank account details, is held on the Crises Control systems. All credit card payment processing is done by our banking partner Worldpay. Worldpay’s secure online payment gateway provides:

  • Advanced fraud protection
  • Accept all major credit and debit cards as well as PayPal
  • Secure your payments with our fraud screening to help protect you and your customer
  • Manage your invoices and transactions with our simple online reporting tools
  • Set up recurring payments and subscription-based payment plans for your customers
  • Accept payments in over 116 currencies
  • Our payment processing systems are compliant with PCI DSS industry security standards

Crises Control uses WorldPay, who process any credit card payments. Crises Control does not hold any credit card information, all credit card transactions are processed throught WorldPay gateway.

Crises Control system has no touch points with the client operating environment and so will not breach your PCI compliant zone boundaries.

WorldPay are PCI compliant, Worldpay is a global leader in payments processing technology and solutions for our merchant customers.

Our primary messaging partner (SMS and voice calling) is Twilio which is a leader in the industry. Twilio maintains redundant inbound and outbound connectivity with dozens of network carriers around the world. Their real-time systems dynamically route each call or message via the carrier with the best connectivity at any point in time, responding automatically to carrier availability and reliability.

Crises Control is available on the UK government digital service framework G-cloud. This service is operated from two distinct environments to provide public sector consumers with choice and price flexibility, dependent upon their information assurance requirements.

Our standard offering is hosted on a Government Community Cloud platform suitable for information assurance needs up-to “OFFICIAL” and is only connected to the public internet. Our secure offering is hosted on a Government Community Cloud platform which holds pan-government accreditation for information up-to and including the “OFFICIAL-SENSITIVE” impact level, with connections to GSI, PSN, N3 and PNN networks as well as the Internet.

In addition to our standard SaaS service and the G-Cloud platform for government customers, we also offer on premise hosting for customers who wish to have their own private installation of the Crises Control software.

We can support single-on via Centrify a Cloud Identity Service provider for single sign-on. The Crises Control application and API use SAML for integration with Centrify Identity Manager.  Additional service providers may be considered for future integration.

SeverityCriteriaSLATarget Achievement
1A fault exists that results in a total loss of service or functionality affecting a whole site (sites), or whole system or services.15 minutes to respond.
4 working hours to resolve.
95% of all Severity 1 Incidents will be resolved within the SLA
2A fault exists which results in partial loss of service or functionality affecting multiple users.15 minutes to respond.
8 working hours to resolve.
95% of all Severity 2 Incidents will be resolved within the SLA.
3A fault exists which results in loss of service or functionality for a single user.15 minutes to respond.
24 working hours to resolve.
95% of all Severity 3 Incidents will be resolved within the SLA.

Crises Control is owned by Transputec. Transputec adheres to the following standards:

Transputec is fully certified to the ISO 9001:2015 standard

Transputec is fully certified to the ISO 27001:2013 standard

Transputec in the process of achieving ISO 14001:2013 standard

Crises Control is a Corporate Partner of the Business Continuity Institute and Continiuity Forum. The Business Continuity Institute (BCI) is the world’s leading institute for business continuity. Established in 1994, the BCI has established itself as the leading membership and certifying organisation for Business Continuity professionals worldwide.

Support

We offer you full 24/7 technical support to assist you when you need it. We recognise the importance of a rapid response to and resolution of any issues that you encounter. Our team will aim to resolve your issue immediately over the phone.

Standard Support is provided by e-mail for day-to-day questions and issues for Business solution customers. We will aim to respond to your query within 2 hours and resolve it within 8 hours. Exceptionally, where you need urgent assistance for an emergency notification and you are experiencing difficulties, all users can call our Emergency Live Operator phone line and a representative will assist you in sending a broadcast notification.

Premium Support is provided by e-mail or by telephone for day-to-day questions and issues for Enterprise solution customers. We will aim to respond to your query within 2 hours and resolve it within 4 hours. In addition to the support options noted above, we also offer a Concierge Service. This includes proactive assistance in helping you to get the most out of your Crises Control service.

If you are the registered administrator you can get support at any time of the day.

Email Support
We offer 24/7 English email support for all customers – even on holidays! (Email support in a variety of languages is available during limited hours.) 

Email us at support@crises-control.com or click here and we will respond to your request as quickly as possible, and issue you a support ticket for that instance.

Phone Support
English phone support is a Premier feature. We offer phone support 24/7 via our service desk. Call our Help Desk on: +44 (0) 20 8584 1385 (option 2).

Tickets
Regardless of the type of support you have, the one constant for all support organisations is that we are here to help resolve issues.

  • Send an email
  • Call you on the telephone

All support requests, from all channels, become Crises Control Support tickets. Tickets capture your initial request for support and all the conversations your people have with our agents along the way to solving the support issue.

Transputec is fully certified to the ISO 9001:2015 Quality Management Standard. This requires an organisation to:

  • Demonstrate its ability to consistently provide product that meets customer and applicable statutory and regulatory requirements.
  • Aims to enhance customer satisfaction through the effective application of the system, including processes for continual improvement of the system and the assurance of conformity to customer and applicable statutory and regulatory requirements.
  • The QMS is applicable to the design, build, integration, implementation and support of business software and hardware solutions, hardware and software product sales, with associated support, provision of fully managed service contracts, including full infrastructure and platform services, support contracts, contract fulfilment and consultancy services.

Crises Control is a Corporate Partner of the Business Continuity Institute. The Business Continuity Institute (BCI) is the world’s leading institute for business continuity. Established in 1994, the BCI has established itself as the leading membership and certifying organization for Business Continuity professionals worldwide.

Transputec is also fully certified according to the ISO 27001 Information Security Management Standard. In order to achieve the certification, Transputec’s compliance with ISO 27001 standards was validated by a leading independent audit firm, Lloyds Register Quality Assurance, after demonstrating an ongoing and systematic approach to managing and protecting company and customer data.

ISO 27001 certification ensures that controls are in place to reduce the risk of security threats and avoid any system weaknesses being exploited. It provides assurance and confidence to customers, suppliers and trading partners that all security risks are being addressed on an ongoing basis.

The scope of the ISO certification includes design, build, integration, implementation and support of business software and hardware solutions. It also includes the provision of full IT managed services, including infrastructure platform services, support contracts, contract fulfilment and consultancy services.