Virtual Viewing Ltd

Health and Safety App - Report-It

Health and Safety mobile app. Report on all health and safety incidents from your mobile device. Cloud based reporting. Record Near Misses, Recordable Instances, Quality Control Matters and Snags.

Empower your staff and contractors to capture information and report issues on Health & Safety, quality control, snagging and personal observations.


  • Onsite real-time reporting
  • Cross platform - iOS and Android
  • Take and add photos to the report
  • QR Codes allow quick and easy identification of report location
  • Reports queued for sending once internet connection is re-established
  • Relevant response teams notified subject to report category selected
  • Report description using voice input in different languages


  • Quickly and simply report - 3 steps (Scan, Record, Report)
  • Reduce RIDDOR count
  • Increase reporting levels
  • Cross platform - iOS, Android, Windows


£5500 per instance

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

2 7 5 8 2 9 4 6 5 9 0 1 5 7 1


Virtual Viewing Ltd

Stewart Bailey

02037 148 710

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints None
System requirements Scanning via Device Camera

User support

User support
Email or online ticketing support Email or online ticketing
Support response times All support features 30-minute response time within the working week (Mon-Fri 9pm – 5:30pm) – excluding bank holidays and a 1 hour commencement of resolution commitment.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible The platform for our web chat is currently working towards adhering to a WCAG 2.1 standard.

The chat facility is customisable, but in it's simplest form it allows users to enter their name and email address and a message to initiate the chat.
Web chat accessibility testing None
Onsite support No
Support levels Free of charge 9:00 – 5:30 excluding weekends and bank holidays
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Online training, help and guides including video tutorials are available
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction All archived assets can be downloaded in a zip file
End-of-contract process Once a users stops paying their subscription, services are suspended.

Using the service

Using the service
Web browser interface No
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service None
Service interface Yes
Description of service interface Mobile device app interface. Scan, voice / text input, photo upload.
Accessibility standards None or don’t know
Description of accessibility Colour is not used as the only visual means of conveying information, indicating an action, prompting a response, or distinguishing a visual element
Accessibility testing None
Customisation available Yes
Description of customisation Client logos and branding preferences can be set


Independence of resources Cloud part may be installed on Google Cloud, or Microsoft Azure platform. These platforms are reported as hyper-scale cloud services with minimum SLAs.


Service usage metrics Yes
Metrics types Number of reports per category per month
Number of reported incidents in the month
Number of resolved incidents in the month
3 x earliest reported unresolved incidents
Top 3 most recent activities
Number of accident hotspots by location
Reporting types Real-time dashboards


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency Never
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Download CSV
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Our service is based on GSuite and therefore the service availability is subject to the GSuite SLA.

Currently there's no refund agreement in place.
Approach to resilience It's available on request.
Outage reporting Accessibility of the service is monitored periodically and administrators are notified by email.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Other
Other user authentication The application requires a QR code from a specific set identifying the location of the report in order to continue using it
Access restrictions in management interfaces and support channels Application is open to general members
Dashboard is access controlled to administrators
Access restriction testing frequency At least once a year
Management access authentication Other
Description of management access authentication Access to the dashboard is restricted to users with specific email addresses

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach A single executive is ultimately responsible for security governance, developing and implementing an information security strategy, policies and architecture and communicating these to senior management.

This should be formally approved and periodically reviewed.
Information security policies and processes - Physical access control policy
- Acceptable use policy
- Removeble media policy
- Data breach policy
- Password protection policy

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Software updates are manually managed and rolled out as necessery outside of operational hours. All software updates are tested for integrity before deployment.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Our infrastructure is based on Google G Suite platform and therefore subscribes to the Google vulnerability management process.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Our infrastructure is based on Google G Suite platform and therefore subscribes to the Google protective monitoring process.
Incident management type Supplier-defined controls
Incident management approach Our infrastructure is based on Google G Suite platform and therefore subscribes to the Google incident management process.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £5500 per instance
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Fully featured trial for 7 days

Service documents

Return to top ↑