DMRC CONSULTING LTD

Allo, The Construction Data Engine

Complete data management platform for construction operations. Manage site data, including work summaries, daily allocations, time sheets, reporting and more. Enables automation of time-consuming manual tasks and, integrates seamlessly with site access systems, Oracle Primavera P6 as well as procurement, estimating systems.

Features

  • Integration of 3rd party and legacy data feeds
  • Automated validation of personnel and labour on-site
  • Scheduling of personnel and labour to cost codes
  • Digital sign-off and validation of allocation sheets
  • Recording of delay reasons, site evidence and site conditions
  • Detailed reporting on assets, activities, resources and conditions
  • Flexible REST API

Benefits

  • Identification of cost and time savings opportunities
  • Accelerated cost reporting
  • Enhanced accuracy and control
  • Enhanced cost to quality insights to optimise site-performance
  • Productivity insights
  • Identification of process optimisation opportunities
  • Minimisation of manual activities
  • Automatic attendance detection

Pricing

£45 a person a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at raj@dmrc.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

2 9 9 0 1 2 1 2 8 2 7 6 0 3 4

Contact

DMRC CONSULTING LTD Raj Chawla
Telephone: 07788950030
Email: raj@dmrc.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
A mobile app is not currently available but can be created on request at additional cost.
System requirements
  • Availability to connect to system REST API
  • Ability to transfer data securely between applications

User support

Email or online ticketing support
Email or online ticketing
Support response times
Service level agreements and operational level agreements to be agreed with the buyer. Typical response time agreed is between 6 hours and 12 hours.
User can manage status and priority of support tickets
No
Phone support
No
Web chat support
Yes, at an extra cost
Web chat support availability
9 to 5 (UK time), 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
If webchat support is required, it can be provided as an additional service at extra cost. The webchat is available directly to logged-in users via the user interface.

Users can 1.) raise defects 2.) can ask questions on how to use specific elements and functionality of the software 3.) users can receive information to helpful material and frequently asked questions. Users can't 1.) receive training via the web chat 2.) receive confidential information or password resets.
Web chat accessibility testing
None at this point. Necessary testing can be done with users requiring special assistance as required.
Onsite support
Yes, at extra cost
Support levels
Support levels are agreed with the buyer to meet needs, specifically, SLAs and OLAs will be agreed in advance. The cost of the support will be accounted for in any quote provided. The provided rate card should be used as a guideline. Account managers and cloud support engineers are provided as part of the ticket solution process as required, rates for personnel will be agreed as part of the rate card and depending on skills required.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The application comes with full documentation that explains the application and its functionality including step by step user guides. In addition, we provide thorough onsite implementation support which includes training sessions with users and a team that supports users during the implementation and adoption phase. We perform periodic assessments through surveys to assess how well users understand the service and to identify areas for further training. Virtual training can also be provided for personnel in remote or satellite locations.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
At the end of the contract, the buyer will be provided with an access token to their respective database container, that allows the migration of data to own or 3rd party services. Individual users are able to download files they wish to keep directly via their user interface at any point via their user interface.
End-of-contract process
At the end of the contract, the buyer can request batch access to its data container, to migrate any data to a location of its choosing. At an additional cost, we provide services to migrate data on behalf of the buyer to a location of its choosing in the source format or any other specified format.

Using the service

Web browser interface
Yes
Supported browsers
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Currently, the service can be accessed via any modern mobile web browser. A mobile app is not currently available but can be provided upon request at extra cost.
Service interface
No
API
Yes
What users can and can't do using the API
An API is available to push and pull data from and to the system. The API's primary purpose is the integration of 3rd party data feeds into the system such as time & attendance, estimation and planning and resource data. The API does not provide the ability to make changes to the system.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Data feeds are fully customisable and additional fields can be imported. Users are able to integrate data feeds from project management and planning, ERP, time and attendance, finance and site access systems. Customisation is undertaken by DMRC at setup and by request to meet buyer needs. Data for reporting and insights are also customisable. Data feeds are published to a data visualisation tool agreed with the buyer and users are able to customise the reports produces based on the raw data feed that is agreed during set up.

Scaling

Independence of resources
Our service monitors network capacity on an ongoing basis and uses dynamic cloud to prevent capacity constraints. Additionally, we operate on a 50% capacity buffer ensuring enough resources during peak usage at all times.

Analytics

Service usage metrics
Yes
Metrics types
The following usage metrics are available: Number of users, number of active users, last logged in timestamp per user.

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
Never
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
No
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Depending on the initial set-up, the application is integrated with the buyers existing systems and all required information will be transferred automatically to any system that requires the data downstream. Should users be required to download individual data for analysis and reporting purposes they are able to download CSV extracts in the user's dashboard interface. On request and at extra cost, customised data extracts can be created and shared with users via secure file transfer.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • PDF
  • PowerPoint (PPT/PPTX)
  • Excel (XLS/XLSX)
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • PDF
  • PowerPoint (PPT/PPTX)
  • Excel (XLS/XSLX)

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
N the case of service outages, our standard SLA is to have services operational within 12 hours of any reported outages. At this time we do not operate a refund policy for service outages.
Approach to resilience
Available on request.
Outage reporting
Service status is reported on a public dashboard which lists any incidents that may affect the service and a generic description of the incidence. In case of severe incidents, users will be notified via email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Super admin and support interfaces and read access to all instances but are restricted from writing and editing.
Access restriction testing frequency
At least once a year
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Security governance is controlled through DMRC’s policies which manage tiers of risk associated with different activities that are carried out as business as usual. The core principles around security governance are formed through:
• allocation of duty to key persons to make decisions on security and its policy
• clear formation of security decisions
• the information require to make the decisions
The security governance will be reviewed and update every 12 months.
Information security policies and processes
DMRC’s cyber security policy outlines our guidelines and provisions for preserving the security of our data and technology infrastructure. This policy applies to all our employees, contractors, volunteers and anyone who has permanent or temporary access to our systems and hardware.
There are processes in place for that comply with latest regulations and the b:
• Handling and managing confidential data
• Protect personal and company devices
• Keep emails safe
• Manage passwords properly
• Transfer data securely
• Measures for breaches
• Managing remote employees
• Disciplinary actions
• Prophecy of taking security seriously

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
DMRC’s policy on configuration management is to ensure that resources and components maintain a consistent state; referred to as a baseline.
Configuration management policy statements and requirements are based on the following:
• Identification of configurable items
• Labeling of configurable
• Protection of configurable items
• Keeping of baseline information
• Configuration Verification and Audit
• Defining Responsibilities
Change management policy statements and requirements are based on the following:
• Identification of needed change
• Determining the impact of the change
• Change request
• Change strategy aligned configuration management strategy
• Execution of change; establishing the new baseline
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We understand and identify high risk areas and where patches are most relevant. As a company that develops software, DMRC address vulnerabilities within two domains; internal vulnerabilities and product vulnerabilities. Internal vulnerabilities: where software products are deployed for day to day operations within the business e.g. Microsoft Office etc. Product vulnerabilities is where DMRC develops its own products. DMRC follow three core principles; Assess, Triage and Prioritize fixes. Assessment is scheduled once every month or more frequently where needed. Potential threat is informed through software vendor updates and proprietary tools and deploy VAS (vulnerability assessment system) where appropriate.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
DMRC have thorough understanding of how our systems, services and information are being used. We detect for attacks as a result of deliberate or accidental user activity. We react to attacks from awareness that it is happening, be responsive to stop the attack, and minimize the impact. To manage our risk; established a monitoring strategy and supporting policies; monitor all systems; monitor both inbound and outbound network traffic; monitor user activity within all legal or regulatory constraints; incident management policies and processes are in place; we conduct a 'lessons learned' review to ensure improve the efficiency of the monitoring capability.
Incident management type
Supplier-defined controls
Incident management approach
DMRC has an incident management capability to detect, manage, and analyse security through business continuity plans. DMRC sees areas of risk around; business harm and impact; continued disruption; legal and regulatory requirements. DMRC’s risk mitigation addresses; incident response through policies, processes, plans; specialist training-knowledge; defined roles and responsibilities; systematic approach of data recovery; periodical testing of incident management plans; sharing of information during and after an incident; collate post-incident evidence to analysis root cause; lessons learned review to update policies and training; user awareness of responsibilities on reporting; report security weaknesses and incident asap; report criminal incidents to law enforcement.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£45 a person a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at raj@dmrc.uk. Tell them what format you need. It will help if you say what assistive technology you use.