Mobile Inspection and Compliance
Exonaut® Mobile Inspection and Compliance provides a fully mobilised inspection and compliance solution supporting remote workers in the field. Inspections and audits can be managed and delivered using a mobile app which provides connectedness and increases efficiency. Inspection and audit findings are captured dynamically, reducing administration and generating instant reports.
Features
- Access inspection reference information on mobile devices remotely
- Alter inspection data live and sync with database
- Observe, assess or record inspection evidence using mobile devices
- Use a range of configurable grading systems
- Geo-tag your location to show live inspection coverage
- Capture and attach sound, video and photographs to inspection notes
- Be tasked, task others, edit tasks or close tasks
- Communicate with others working on the same inspection activity
- Generate instant reports and letters
Benefits
- Supports operational staff with mobile access in the field
- Increased field worker productivity by eliminating duplication and inefficiency
- Reduced travelling costs and increased time onsite
- Supports bring your own device concept
- Moves all inspection and compliance types onto a single platform
- Enhanced decision-making using single set of inspection and compliance data
- Supports work flow and improved decison making
Pricing
£700 a user a year
Service documents
Request an accessible format
Framework
G-Cloud 10
Service ID
5 6 5 0 4 0 8 4 9 3 7 7 4 8 6
Contact
4C Europe UK Ltd
Katie Smith
Telephone: 07592588653
Email: planning@4cstrategies.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- There are no constraints
- System requirements
-
- Client access requires Java 8 or newer.
- Client access requires up to date browser.
- Internet Explorer 11, Chrome or Firefox recommended.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- 4C Strategies Online support portal is available 24/7 365 where all issues logged are captured with an automatic email sent to the end user to confirm receipt.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
4C Standard Support available between 0700-1600 UK Working Day.
Standard Service Level as follows:
Availability: 99 percent
Maximum downtime per quarter = 21.9 h *
Recovery Time (RTO) 8 office hours
Telephone Support: Office hours **
Support Portal: 24/7
Response Time: 4 hours within Office hours **
Penalty 1 – 2 x downtime 25% of monthly fee***
Penalty > 2 – 2.5 x downtime 50% of monthly fee
Penalty > 2.5 x downtime 75% of monthly fee
Note:
* Fluctuations may occur on a quarterly basis, does not include pre-defined and pre-announced service windows
** 08.00 – 17.00 CET.
*** All potential penalty fee amounts shall be paid in the form of Service Credits in accordance with “4C Strategies Software as a Service – Terms and Conditions” - Support available to third parties
- No
Onboarding and offboarding
- Getting started
-
The 4C Account Manager will discuss your requirements at an early stage in the sales process. This will allow us to understand how you want to access your data, the level of configuration and customisation required (such as roles, permissions and access rights). We will also discuss your requirements for mobile working supporting laptop, smart phone or tablet access for remote/field based workers.
All SaaS implementations utilise a rapid implementation methodology ensuring that the service is tailored to fit each organisation and is tested adequately by the organisation prior to “Go Live”. The 4C Rapid implementation project takes twenty (20) days.
A standard training package is included in the Implementation Project, providing:
- 1 x 8 hour/full day Training Session for Super Users
- 2 x 4 hour/half day Training Session for Standard Users (max 8 participants per session)
Alternatively, 4C can work with the customer to provide a customisable training package
4C provide electronic versions of training guides relating to the solution deployed for the customer. Help files are also provided within the Exonaut™ suite of products to reduce skill fade. E-Learning is also provided for the Exonaut™ OBS (Mobile working) app which keeps training abstraction to a minimum - Service documentation
- Yes
- Documentation formats
-
- Other
- Other documentation formats
- Microsoft Word
- End-of-contract data extraction
-
Upon termination of the contract the customer has the option to receive a backup of all data. 4C will then delete and destroy all copies of the customer’s data.
The buyer can complete basic data extraction by using Microsoft Excel at any stage of the contract. - End-of-contract process
- 4C will provide an extract of the customer data as part of the contract.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- Windows
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The Exonaut Observer App allows users to access and update information held in the Exonaut database. This information is then shared with other users of the system. Information is updated dynamically in an online mode. When the device is offline it is stored locally and updated when the device is back online. Functionality extends to geotagging, creating and updating files, capture of multi media and accessing supporting documentation. A messaging facility is also provided allowing mobile users to interact with those using the desktop version of the system.
- Accessibility standards
- WCAG 2.0 AA or EN 301 549
- Accessibility testing
- We are engaging with the Shaw Trust to test
- API
- Yes
- What users can and can't do using the API
- There are several different APIs available. One has full access to the system (read/write/delete) based on the credentials used when calling the API. In addition there are other APIs with reduced functionality to enable simpler integration. In general any implementation of an API integration would involve an initial consultation to define the appropriate data transfer configuration.
- API documentation
- Yes
- API documentation formats
-
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- During the implementation stage of the project 4C will work with the buyer to understand how the system will be configured to fit their individual requirements. System administrators will then be trained in how to make changes to the configuration and customisation. Customisation of the system comprises adding logo's, changes to certain data tags and the creation of bespoke system attributes for form creation. Only users with specific permissions can make changes to the system.
Scaling
- Independence of resources
- All clients have a single and unique front end instance of the system where we can set bandwidth limitations or limit the usage of different type of IOPS e.g CPU usage, in order to balance load between individual services.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Using Mircrosoft Excel
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
Availability: 99 percent
Maximum downtime per quarter = 21.9 h *
Recovery Time (RTO) 8 office hours
Telephone Support: Office hours **
Support Portal: 24/7
Response Time: 4 hours within Office hours **
Penalty 1 – 2 x downtime 25% of monthly fee***
Penalty > 2 – 2.5 x downtime 50% of monthly fee
Penalty > 2.5 x downtime 75% of monthly fee
Note:
* Fluctuations may occur on a quarterly basis, does not include pre-defined and pre-announced service windows
** 08.00 – 17.00 CET.
*** All potential penalty fee amounts shall be paid in the form of Service Credits in accordance with “4C Strategies Software as a Service – Terms and Conditions” - Approach to resilience
- Our services run in a fully redundant and clustered infrastructure on Site A. All systems are then replicated to a fully redundant clustered infrastructure on Site B. In case of an emergency the delivery of services will switch from Site A to Site B. Details available on request.
- Outage reporting
- Email alerts to appointed contacts within customer organization. If outage is endangering SLA breach escalation to a management incident team who will contact customer by phone or other agreed means.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
- Restricted to named users with access control and regular review.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- Dedicated link (for example VPN)
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
-
- UK Cyber Essentials
- IASME
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- UK Cyber Essentials
- Information security policies and processes
- 4C closely follow standard set out in ISO27001 and are working towards acrreditation at 4C Group Level.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- IT Service management is in line with ISO27001 and certified through IASME. Our hosting environment uses automated configuration tools to maintain an overview of system status. Planned significant changes are extensively tested in a sandbox environment prior to deployment. Monthly management checks are used to assure this process.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- IT Service management is in line with ISO27001 and certified through IASME. Our hosting environment is patched in accordance with normal industry practice and timescales. Automated reporting tools are used to maintain configuration control. Monthly management checks and annual penetration testing is used to assure this process.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- IT Service management is in line with ISO27001 and certified through IASME. Our hosting environment uses automated monitoring scanning tools to identify and handle potential incidents. Alerts are generated and handled by support personnel as appropriate. Monthly management checks are used to assure this process.
- Incident management type
- Supplier-defined controls
- Incident management approach
- Depending on the type of incident it is always directly escalated to a responsible manager who then does an assessment and escalates further if needed. Incidents are either reported by automatic alarms or reported through any of our available support channels: web / email / phone. Affected clients are always notified through their POC and an incident report made available afterword either by request or automatically sent out depending on the contractual agreement.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £700 a user a year
- Discount for educational organisations
- No
- Free trial available
- No