Teknobuilt

Digital HSE system

The Nextgen HSE (Health, Safety, Environment) solution helps in implementation of HSE procedures and standards. Manage and conduct HSE audits digitally to ensure timely compliance. Validations & Verification completed and follow-on Action items logged and tracked to completion. Incident Management and reporting with audit trail.

Features

  • Cloud based HSE management
  • Real-time Data and forms
  • Collaboration for HSE procedures, orientation and training
  • Measures to identify potential hazards and eliminate
  • Share emergency response plan
  • Multiple project stake holders on same platform
  • Communicate HSE details and changes immediately
  • Manage health and safety policy
  • Manage schedule and procedures for regular inspection
  • Incident management and audit system

Benefits

  • Reduce work site incidents
  • Standardise procedures across site
  • Manage HSE policy and communicate changes
  • Audit trail and follow actions to completion
  • Real time reporting
  • Fact based decision making
  • Insights based on Leading and Lagging indicators
  • Ensure high quality of HSE standards
  • Reduce interruption to work flow

Pricing

£12600 per instance

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

1 9 7 8 6 4 4 0 7 2 7 2 3 7 9

Contact

Teknobuilt

Abhi Srivastava

07977171171

abhishek@teknobuilt.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
By default the system is hosted on a cloud provider which has close to a (99.95%) availability from the cloud provider side. Further, the application itself is designed to have a very high availability due to Load balancing and scaling built into the architecture.
System requirements
Standard browsers like Chrome/ IE/ Firefox are supported

User support

Email or online ticketing support
Email or online ticketing
Support response times
2-24 hours on weekdays, depending on severity level. Up to 48 hours on the weekend.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Yes, at an extra cost
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
For web chat testing, open source software tools for functions like screen readers were used. A report was generated to identify issues and then the errors were fixed.
Onsite support
Yes, at extra cost
Support levels
Local Support:
Initial support with Technological Program manager & Productivity specialist.
Ongoing support- Local as per SLA for project

Central Help Desk & Coordination: Ticket based / Online help
2 person service desk
Service hours: 24x7

Escalations / Global Support:
London, UK based;
Calgary, Canada based;
Delhi, India based.
All times can be covered as per requirements for project.

Costing for support starts from £2000 and up to £15000 per month depending on level and criticality required for project purpose.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Both on-site training and online training is provided as part of deployment. User documentation and online help is also provided.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
An archive of the project data is made available on demand for the users.
End-of-contract process
At the end of the contract or project, the data is generally archived. The Document repository that can be useful after work completion can be made accessible at additional cost. Further data archival access can be maintained at additional cost.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The application has been optimised to use on mobile devices, tablets and also desktops.
Service interface
No
API
No
Customisation available
Yes
Description of customisation
Project specific work flows and requirements can be customised in the system as per requirements. The system can also connect to APIs. Users can use the tools provided in the system to create their specific work flows. The permissions for type of access is set for each project and site by the designated administrator accounts. Access is different to cater for different roles in a project.

Scaling

Independence of resources
The system is hosted on a cloud provider which has 99.95% availability. Further, the application itself is designed for very high availability including Load balancing and scaling built into the architecture.The system is worked under a load balancer under a Virtual Private Cloud (VPC) for maximum security. It is designed for backend system to have disaster recovery. The load can be increased to any n number and no. of servers to sustain the traffic & scale under cloud provider. Database has multiple zone availability within data centre. If one server crashes then another server takes up. (Under load balancing environment).

Analytics

Service usage metrics
Yes
Metrics types
There is audit trail for work flow
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
Less than once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Users can export to Excel, PDF or Html. Other formats can be made available as per requirement.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • Excel
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
Excel

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
The system is designed to have a very high availability using load balancers and scalable architecture. The deployment instance can be designed to have user specific SLA for availability depending on criticality of usage. In the rare event if guaranteed levels of availability are not met, a refund policy can be agreed in the SLA.
Approach to resilience
A. At back end, our servers are hosted in a highly secure setup of a VPN within a VPC (Virtual Private Cloud). All application within the cloud provider are also further firewall protected, further also maximising security against SQL injection.
B. A very high level of security has been provided in the application at all levels from the front-end, transport layer to the back-end server/ database.
C. As per the architecture, the system can be worked under a load balancer under a Virtual Private Cloud (VPC) for maximum security. We also design it in such a way that the back end system can have disaster recovery. The load can be increased to any n number and no. of server to sustain the traffic & scale under AWS. Database has multiple zone availability within data centre. If one server crashes then another server takes up. (Under load balancing environment).
Outage reporting
Outages are reported on the portal by alerts. Email alerts are also provided.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
The access to management interfaces is strictly controlled and only available to administrators. There is secure-key and VPN based access in place. Further there is an audit trail of all actions.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Application Security is very important to us and we employ services from cyber security specialists for product architecture and review from time to time. The relevant information security framework is documented and the approach reviewed periodically to respond to new developments and upgrades to the application.
Information security policies and processes
Our information security policy follows the ISO 27001 framework and we are working towards achieving the certification. Security is very important to us and we employ services from cyber security specialists for product architecture and review from time to time. The policy is published in the employee handbook and reviewed with staff from time to time. The development team reports to Project leads who report to CTO/ CEO.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The developments and bug tracking is done in a prioritised manner using industry leading software development tool- Jira. The scrum method is used for agile product development. Release cycles are managed systematically. QA testing is done to verify changes and assess any potential security impact.
Vulnerability management type
Undisclosed
Vulnerability management approach
Our software team monitors for potential vulnerability and threats. We deploy mitigations and critical patches following a good practise guidelines. Information from potential threats are got from the application development providers, cloud providers and bulletin boards. Further a subscription for automated Vulberability management software is planned to be implemented for security scanning.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
A cloud provider (AWS Guardduty) for continuous security monitoring and threat detection. The Project leads are alerted on potential alerts and responded in a timely manner in case of incidents.
Incident management type
Supplier-defined controls
Incident management approach
Incident management process and escalation is in place for DoS type and significant attacks. Users report the incidents using online help desk or email. Incident alerts and reports are published on the portal.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£12600 per instance
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Nextgen HSE modules can be made available for trial usage for upto 30 days

Service documents

Return to top ↑