provision of 3d city modelling, 4D and 5D city analysis, smart city reporting and destination / inward investment promotion
- 3d city modelling
- lidar conversion
- real-time reporting
- smart building data reporting
- smart city data reporting
- transport data reporting
- augmented reality
- application development
- engage with citizen
- affect behavioural change
- publish content on iOS, Android and Windows
- dynamic, real-time data
- inward investment search criteria
- tourist engagement
- gamification of big data
£15000 to £180000 per instance per year
- Education pricing available
Virtual Viewing Ltd
02037 148 710
|Service constraints||IOS, Android and Windows are supported. Planned maintenance occurs with OS updates and with periodic enhancements to the service. Downtime is planned to be <0.1%|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
During working hours (Mon-Fri 9am 7pm)
1/4/8/24 hour response times available subject to SLA.
Weekend response cover available subject to SLA.
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
In support of services detailed under this SLA, Virtual Viewing will apply hourly charges in accordance with the following level rates:
Programming/Coding:£135 per hour
Project management: :£80 per hour
Graphic design:£75 per hour
Testing:£55 per hour
Any item raised under the Issue Type : Urgent and business critical issue will be subject to a 20% levy
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||There is on site training, online training and online documentation|
|End-of-contract data extraction||CSV export|
|End-of-contract process||Users are entitled to all database content. This does not include the 3D model unless explicitly negotiated to be included|
Using the service
|Web browser interface||Yes|
|Using the web interface||Users can edit notifications, building type and database entries.|
|Web interface accessibility standard||None or don’t know|
|How the web interface is accessible||Users can not modify the 3D geomtery of the buildings|
|Web interface accessibility testing||None|
|Command line interface||No|
|Independence of resources||Each installation instance is hosted on a dedicated server where load-balancing is monitored to ensure no single installation instance can reduce the service provided to the other installations.|
|Infrastructure or application metrics||Yes|
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a CHECK service provider|
|Protecting data at rest||
|Data sanitisation process||No|
|Equipment disposal approach||In-house destruction process|
Backup and recovery
|Backup and recovery||Yes|
|What’s backed up||
|Backup controls||Our cloud platform performs the backups|
|Datacentre setup||Multiple datacentres with disaster recovery|
|Scheduling backups||Supplier controls the whole backup schedule|
|Backup recovery||Users contact the support team|
|Data protection between buyer and supplier networks||Legacy SSL and TLS (under version 1.2)|
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||99.99% service availability in any one year|
|Approach to resilience||
Our cloud based system ensures that the service is spread across multiple service providers.
Use of the Apple App Store and Google Play Store as gateways to the main application ensures massive resiliency.
Tier-4 secure data-centre which is certified ISO 27001.
|Outage reporting||Email alerts|
Identity and authentication
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||To be completed|
|Access restriction testing frequency||At least once a year|
|Management access authentication||Username or password|
|Devices users manage the service through||Dedicated device over multiple services or networks|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||You control when users can access audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||No|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||No|
|Security governance approach||We comply with the routines and standards placed upon us through our work with Youngman's Group (we are A graded for our MOD work), NaCTSO and local goverment security measures|
|Information security policies and processes||
We use a risk based approach when assessing and understanding the risks and will use physical, personnel, technical and procedural means to achieve appropriate security policies and procedures.
We take into account developments in technology and the costs of implementation in order to achieve a level of security appropriate to the nature of the information and the harm which may result from a security or process breach.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
A Change Request (CR) is required for any change to the environment(s) that are subject to the policy as designated by the IT Director.
The scope of an approved CR cannot be modified.
A CR must be submitted for approval in a complete format.
CRs must be approved as stated in Change Management Process.
An Impact Analysis is required for all production environment changes.
Functionality testing must be performed to verify that the change does not adversely impact the functionality of the application/system.
Risk analysis for all changes is required.
A back-out plan must be provided.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
Patch management systems deploy critical security patches within 24 hours of release.
3rd party independent network vulnerability analysis.
Internal logging and pro-active maintenance.
On-site real-time intruder network detection systems.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Real-time network intruder detection systems.
Wi-Fi device monitoring.
Application level proxy packet filtering and detection.
Pro-active logging and maintenance.
Incidents responded to within 4 hours in-line with our security policy.
|Incident management type||Supplier-defined controls|
|Incident management approach||
We have pre-defined processes for all common events including network intrusion, hard-disk failure, network outages and catastrophic failures.
Incidents are reported to our cloud based incident reporting portal.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||Yes|
|Who implements virtualisation||Supplier|
|Virtualisation technologies used||Hyper-V|
|How shared infrastructure is kept separate||Extensive use of the Hyper-V virtualisation|
|Price||£15000 to £180000 per instance per year|
|Discount for educational organisations||Yes|
|Free trial available||No|
|Pricing document||View uploaded document|
|Terms and conditions document||View uploaded document|