AFTER PREMISE LTD

APDocs Documentation Management

APDocs document management platform is perfect for the collation and management of project documentation. Turn the collation of documentation into streamlined, automated submission and review processes. Already available with pre-defined document templates for Health & Safety File and O&M collation including integration with Smartsheets and BIM Models.

Features

• Electronic Health and Safety file and O&M manual collation
• Track and manage compliance and key certification documents
• Flexible file formats: PDF, Office 365, Video, Image, BIM, CAD
• Consistent project and documentation delivery workflows across projects
• Template driven document structures and review workflows
• Web enabled software to provide access across multiple device types
• Multiple security levels ensure access to sensitive documents is controlled
• Tracking of documentation deliverables against plan
• Integration with Smartsheets and BIM Models
• Documents are fully searchable for improved visibility of building components

Benefits

• Define standard structures and workflows across projects
• Remote user access through a secure user authorisation portal
• Pre-defined filing structures and document standards provide clarity of requirements
• Deliver better quality handover documents in less time
• Virtual document controller increases management effectiveness
• Real-time reporting dashboards provide accurate progress reporting against plan
• Fully managed service allowing you to concentrate on outcomes
• Benefit from AWS security model. Highly resilient and highly available
• Tracks expiry dates on compliance documentation to facilitate re-certification
• No user licences - access for contractors and sub-contractors

£850 a unit a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Framework

G-Cloud 12

Service ID

424471471434361

Contact

Lesley Vanbeck
07468 565469
gcloud@afterpremise.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: APDocs is a completely serverless application that runs on the AWS Cloud. You need only an internet connection and a browser to use our service. There is browser support for Safari, Firefox, Chrome, Edge. The service is available 24x7x365 and planned maintenance access restrictions are rare. Documents are loaded to cloud storage so client should ensure that their internet connections have sufficient capacity to manage the transfer of their documents, particularly where large files are being stored.
• System requirements:
  • There are no specific licence requirements for system users.
  • One of the following browsers: Safari, Firefox, Chrome or Edge
  • Existing Smartsheet licences to use the Smartsheet integration
  • Existing BIM Modelling software to use the BIM model integration

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email support during normal business hours, 09:00-17:00 Mon-Fri. APDocs has a unique logging system built in that aims to provide a more proactive, rather than ticket-based support service. Any error message, e.g. read, update or login attempt, is automatically routed to the support email. The support team see errors in real time giving a quicker response. Extended support can be provided and pricing will be based on requirements using the SFIA rate card.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Each account will be allocated a key support contact who will be responsible for provision of all support to the client. Onsite support can be supplied at the appropriate rate as quoted in the SFIA framework for this service depending on the support requirement. Fees and support will be agreed with the account lead once support requirements are defined. There is also a dedicated support email: team@afterpremise.com
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Each form on the APDocs solution has specific help text. We provide onsite training based on the client's final template & workflow selection. Courses are the structured around roles and responsibilities: content providers, content reviewers, administrators.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: APDocs is designed to physically file documents to match your selected data structure. It is, therefore, possible to copy your files to a local datastore in an understandable format.
• End-of-contract process: Free file structure copy to your local file store. We can extract all your history from our Blockchain but this will be at additional cost. In order to do this will employ the 'Solution configuration and implementation' resource as per our rate card. The work will be regarded as Professional Service as seen in our pricing document.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The service is a web application that has been designed to be fully responsive for mobile devices. All forms are built around the responsive Twitter bootstrap.
• Service interface: No
• API: Yes
• What users can and can't do using the API: APDocs is entirely API driven. All our forms receive and send data using open API POST calls. Users will require a set of API keys and a Cognito authentication token.
• API documentation: No
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The service is template driven both in terms of manual structure and workflows. New templates can be developed for buyers. Functionality amendments will be discussed with buyers for inclusion in either their own specific service configuration or for inclusion in the overall product as open source amendments. In this case the enhancements will be developed at reduced SFIA rates.

Scaling

• Independence of resources: APDocs runs as a serverless solution. Every access to APDocs triggers an AWS Lambda process that reads and writes data for you. AWS Lambda is designed to readily scale allowing for massive parallel processing.

Analytics

• Service usage metrics: Yes
• Metrics types: APDocs is used on a consumption model. You can track how many or how much of each consumption category you have used at and point. These are amount used of purchased storage, document upload processing and document read processing.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Never
• Protecting data at rest:
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: AWS adheres to independently validated privacy, data protection, security protections and control processes. (Listed under “certifications”).
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: We recommend a free solution called Cloudberry to download from your project repository. We issue you with limited life Amazon AWS access keys to enable a secure connection.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • PDF *data would be exported in the original submission format
  • XLSX
  • CAD(DWG)
  • DOCX
  • BIM(IFC)
  • JPG
  • MP4
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • PDF
  • XLSX
  • CAD(DWG)
  • DOCX
  • BIM(IFC)
  • JPG
  • MP4
  • BIM Model - IFC

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: We also use the AWS Web application Firewall (WAF) which helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives control over which traffic to allow or block to web applications by defining customizable web security rules.
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: AWS currently provides SLAs for several services. Due to the rapidly evolving nature of AWS’s product offerings, SLAs are best reviewed directly on the AWS website via the link below: https://aws.amazon.com/legal/service-level-agreements/
• Approach to resilience: The AWS Business Continuity plan details the process that AWS follows in the case of an outage, from detection to deactivation. AWS has developed a three-phased approach: Activation and Notification Phase, Recovery Phase, and Reconstitution Phase. This approach ensures that AWS performs system recovery and reconstitution efforts in a methodical sequence, maximizing the effectiveness of the recovery and reconstitution efforts and minimizing system outage time due to errors and omissions. ; ; AWS maintains a ubiquitous security control environment across all regions. Each data centre is built to physical, environmental, and security standards in an active-active configuration, employing an n+1 redundancy model, ensuring system availability in the event of component failure. Components (N) have at least one independent backup component. All data centres are online and serving traffic. In case of failure, there is sufficient capacity to enable traffic to be load-balanced to the remaining sites. ; ; Customers are responsible for implementing contingency planning, training and testing for their systems hosted on AWS. AWS provides customers with the capability to implement a robust continuity plan, including the utilization of frequent server instance back-ups, data redundancy replication, and the flexibility to place instances and store data within multiple geographic regions across multiple Availability Zones.
• Outage reporting: Public dashboard; personalised dashboard with API and events; configurable alerting (email / SMS / messaging).

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Other user authentication: APDocs follows the AWS shared responsibility model. Users first have to login to obtain an access token. We use AWS Cognito. All APDocs forms require this token. At the API level we test check for this token and, additionally, a client specific API key. Next we check what APDocs knows about this user and the form being used. We verify that do we know this user on the specific project they are trying to access. Once here the user's role and security level are then tested to see if any further data restrictions are necessary.
• Access restrictions in management interfaces and support channels: APDocs uses a role-based and security-level based matrix. All management interfaces test for management roles. Document access levels are : open, restricted, secure and secret. Additionally, each stage of the workflow has the concept of a team. For example, you might have a reviewer role, but, for this document at this stage of the workflow you are not on the team. Following the AWS security model, in this case, your access would degrade to read-only. It is possible to set your system up to expressly require end-users/read-only users to be on the team even to read.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Username or password
  • Other
• Description of management access authentication: Management access follows the same model as user access. It is possible to give a management role but still restrict which documents can be accessed.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: After Premise builds applications based on the security by design principle. Our in-house governance process ensures that all aspects of the solution use the available AWS security features for each of the application elements thereby both security of the cloud and security in the cloud.
• Information security policies and processes: After Premise is a small company and responsibility for the security policies lies with the two directors. All implementations are reviewed by the directors to ensure that our principle of security by design has been followed.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We have separate AWS accounts for development, staging and production. Changes are promoted from our MS Team Development portal and allocated a unique change id. All source code is held on AWS Code Commit. ; The development cycle is test driven. Only once every test has passed the code branch is it then merged back into our master branch to have a solution test set run in our staging area. We use AWS CodeDeploy which helps maximize our application availability during the software deployment process. Software deployments can easily be stopped and rolled back if there are errors.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: AWS Security performs vulnerability scans on the host operating system, web applications, and databases in the AWS environment. Approved 3rd party vendors conduct external assessments (minimum frequency: quarterly). Identified vulnerabilities are monitored and evaluated. Countermeasures are designed and implemented to neutralise known/newly identified vulnerabilities.; ; AWS Security monitors newsfeeds/vendor sites for patches and receives customer intelligence via http://aws.amazon.com/security/vulnerability-reporting/.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: AWS deploys (pan-environmental) monitoring devices to collect information on unauthorized intrusion attempts, usage abuse, and network/application bandwidth-usage. Devices monitor:; ; • Port scanning attacks; • Usage (CPU, processes, disk utilization, swap rates, software-error generated losses); • Application metrics; • Unauthorized connection attempts; ; Near real-time alerts flag incidents, based on AWS Service/Security Team- set thresholds.; ; Requests to AWS KMS are logged and visible via our account’s AWS CloudTrail Amazon S3 bucket. Logs provide request information, under which CMK, and identify the AWS resource protected through the CMK use.
• Incident management type: Supplier-defined controls
• Incident management approach: Changes to AWS services and features follow secure software development practices, including security risk reviews prior to launch. Developer access to production environments is via explicit access system requests, subject to owner review and authorisation. ; ; Teams set bespoke change management standards per service, underpinned by standard AWS guidelines.; ; All production environment changes are reviewed, tested and approved. Stages include design, documentation, implementation (including rollback procedures), testing (non-production environment), peer to peer review (business impact/technical rigour/code), final approval by authorised party.; ; Emergency changes follow AWS incident response procedures. Exceptions to change management processes are documented and escalated to AWS management.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Pricing

• Price: £850 a unit a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Our trial allows for one project to be configured for 10 users, using up to 10GB of storage to load up to 100 documents over three months. This requires configuration and setup of users. Buyers are encouraged to contact gcloud@afterpremise.com to discuss requirements and agree the templates to be used.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF