Enviro-Regs.Net is a monthly update on environmental legislation for the construction industry. It highlights changes in law and new requirements and what a construction company might have to do as a result. Useful for helping your supply chain keep up to date with this fast changing legal environment.
- Remote access, cloud-based.
- Accessible on computer and onsite on smart phones.
- Email notifications let you know to login to view changes.
- Accessible by Google Translate.
- Separate instance per customer.
- Tailored to type of construction company.
- Automatic monthly updates.
- Updates stored automatically.
- Responsive site design.
- No internal costs looking for laws.
- Immediately start getting updates.
- Low cost route for reducing risk in organisations.
- Plain English used to help interpret requirements.
- Warm start on whether a law applies.
- Mitigate your risk from your supply chain.
- Help your supply chain understand what they should be doing.
- Applicable to construction industry in England.
- Helps demonstrate compliance with UK law.
£240 per licence per year
- Free trial available
Sustainable Direction Ltd.
John Henry Looney
+44 (0) 1452 382218
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Service constraints||PDF Reader required.|
|System requirements||PDF Reader required.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||9-5 during workdays, response within 1 working day.|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||We provide an account manager to welcome you and get you started via phone and email. It is expected that you will need an initial call and one call thereafter. If you require additional support, we can provide onsite support charging our normal rates (see SFIA rate card).|
|Support available to third parties||No|
Onboarding and offboarding
|Getting started||We provide phone-supported training and it is anticipated that users will require one "welcome" phone call and one support call thereafter.|
|End-of-contract data extraction||Users can save updates that they have received up to this point.|
|End-of-contract process||Users will receive no further updates within their module at the end of their contract. They will be invited to download the updates they have received up to now in order for their instance to be deleted.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Users may experience smaller text on mobiles.|
|Accessibility standards||WCAG 2.0 A|
|Accessibility testing||Website is responsive and can be read by Google Translate. It is assumed that assistive programs can also read the site.|
|Description of customisation||Users can specify which sector of the construction industry they are in and receive tailored updates accordingly.|
|Independence of resources||Updates are sent out automatically from our database. This will occur once a month. Users will receive their update within each month.|
|Service usage metrics||No|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||Never|
|Protecting data at rest||Physical access control, complying with another standard|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||N/A|
|Data export formats||Other|
|Other data export formats||N/A|
|Data import formats||Other|
|Other data import formats||N/A|
|Data protection between buyer and supplier networks||Legacy SSL and TLS (under version 1.2)|
|Data protection within supplier network||Legacy SSL and TLS (under version 1.2)|
Availability and resilience
|Guaranteed availability||Datacentre is Uptime Institute Tier 2. Service availability is 99.5% assured by contractual commitment. Service is facilitated by email to alert users to a new update; if an error is received back from an email we will endeavour to contact user by phone.|
|Approach to resilience||Available on request.|
|Outage reporting||Email alerts are sent to the account managers who will appraise their clients of the situation.|
Identity and authentication
|User authentication needed||No|
|Access restrictions in management interfaces and support channels||N/A|
|Access restriction testing frequency||Less than once a year|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||Less than 1 month|
|Access to supplier activity audit information||No audit information available|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||No|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||No|
|Security governance approach||This is managed by the director with support from all levels of the organisation.|
|Information security policies and processes||We have signed up to the local Cyber Commitment. This is managed by the director with support from all levels of the organisation.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||We have ISO9001:2008 in place, soon to be 2015 standard. This includes procedures for managing product development in response to feedback.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Vulnerability would be through the email service providers and database hosted on servers; therefore this is independently managed.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||This is managed by the director with support from all levels of the organisation.|
|Incident management type||Supplier-defined controls|
|Incident management approach||Our initial response is to suspend operations. We identify and define the specific incident, and address it from there. We notify customers through their account manager.|
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£240 per licence per year|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||One example update.|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|