4C Europe UK Ltd

Mobile Inspection and Compliance

Exonaut® Mobile Inspection and Compliance provides a fully mobilised inspection and compliance solution supporting remote workers in the field. Inspections and audits can be managed and delivered using a mobile app which provides connectedness and increases efficiency. Inspection and audit findings are captured dynamically, reducing administration and generating instant reports.

Features

  • Access inspection reference information on mobile devices remotely
  • Alter inspection data live and sync with database
  • Observe, assess or record inspection evidence using mobile devices
  • Use a range of configurable grading systems
  • Geo-tag your location to show live inspection coverage
  • Capture and attach sound, video and photographs to inspection notes
  • Be tasked, task others, edit tasks or close tasks
  • Communicate with others working on the same inspection activity
  • Generate instant reports and letters

Benefits

  • Supports operational staff with mobile access in the field
  • Increased field worker productivity by eliminating duplication and inefficiency
  • Reduced travelling costs and increased time onsite
  • Supports bring your own device concept
  • Moves all inspection and compliance types onto a single platform
  • Enhanced decision-making using single set of inspection and compliance data
  • Supports work flow and improved decison making

Pricing

£700 per user per year

Service documents

G-Cloud 10

565040849377486

4C Europe UK Ltd

Chris Wildman

07786 268848

chris.wildman@4cstrategies.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints There are no constraints
System requirements
  • Client access requires Java 8 or newer.
  • Client access requires up to date browser.
  • Internet Explorer 11, Chrome or Firefox recommended.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 4C Strategies Online support portal is available 24/7 365 where all issues logged are captured with an automatic email sent to the end user to confirm receipt.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels 4C Standard Support available between 0700-1600 UK Working Day.
Standard Service Level as follows:
Availability: 99 percent
Maximum downtime per quarter = 21.9 h *
Recovery Time (RTO) 8 office hours
Telephone Support: Office hours **
Support Portal: 24/7
Response Time: 4 hours within Office hours **
Penalty 1 – 2 x downtime 25% of monthly fee***
Penalty > 2 – 2.5 x downtime 50% of monthly fee
Penalty > 2.5 x downtime 75% of monthly fee

Note:
* Fluctuations may occur on a quarterly basis, does not include pre-defined and pre-announced service windows
** 08.00 – 17.00 CET.
*** All potential penalty fee amounts shall be paid in the form of Service Credits in accordance with “4C Strategies Software as a Service – Terms and Conditions”
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started The 4C Account Manager will discuss your requirements at an early stage in the sales process. This will allow us to understand how you want to access your data, the level of configuration and customisation required (such as roles, permissions and access rights). We will also discuss your requirements for mobile working supporting laptop, smart phone or tablet access for remote/field based workers.

All SaaS implementations utilise a rapid implementation methodology ensuring that the service is tailored to fit each organisation and is tested adequately by the organisation prior to “Go Live”. The 4C Rapid implementation project takes twenty (20) days.

A standard training package is included in the Implementation Project, providing:
- 1 x 8 hour/full day Training Session for Super Users
- 2 x 4 hour/half day Training Session for Standard Users (max 8 participants per session)

Alternatively, 4C can work with the customer to provide a customisable training package

4C provide electronic versions of training guides relating to the solution deployed for the customer. Help files are also provided within the Exonaut™ suite of products to reduce skill fade. E-Learning is also provided for the Exonaut™ OBS (Mobile working) app which keeps training abstraction to a minimum
Service documentation Yes
Documentation formats
  • PDF
  • Other
Other documentation formats Microsoft Word
End-of-contract data extraction Upon termination of the contract the customer has the option to receive a backup of all data. 4C will then delete and destroy all copies of the customer’s data.

The buyer can complete basic data extraction by using Microsoft Excel at any stage of the contract.
End-of-contract process 4C will provide an extract of the customer data as part of the contract.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The Exonaut Observer App allows users to access and update information held in the Exonaut database. This information is then shared with other users of the system. Information is updated dynamically in an online mode. When the device is offline it is stored locally and updated when the device is back online. Functionality extends to geotagging, creating and updating files, capture of multi media and accessing supporting documentation. A messaging facility is also provided allowing mobile users to interact with those using the desktop version of the system.
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing We are engaging with the Shaw Trust to test
API Yes
What users can and can't do using the API There are several different APIs available. One has full access to the system (read/write/delete) based on the credentials used when calling the API. In addition there are other APIs with reduced functionality to enable simpler integration. In general any implementation of an API integration would involve an initial consultation to define the appropriate data transfer configuration.
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation During the implementation stage of the project 4C will work with the buyer to understand how the system will be configured to fit their individual requirements. System administrators will then be trained in how to make changes to the configuration and customisation. Customisation of the system comprises adding logo's, changes to certain data tags and the creation of bespoke system attributes for form creation. Only users with specific permissions can make changes to the system.

Scaling

Scaling
Independence of resources All clients have a single and unique front end instance of the system where we can set bandwidth limitations or limit the usage of different type of IOPS e.g CPU usage, in order to balance load between individual services.

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Using Mircrosoft Excel
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Availability: 99 percent
Maximum downtime per quarter = 21.9 h *
Recovery Time (RTO) 8 office hours
Telephone Support: Office hours **
Support Portal: 24/7
Response Time: 4 hours within Office hours **
Penalty 1 – 2 x downtime 25% of monthly fee***
Penalty > 2 – 2.5 x downtime 50% of monthly fee
Penalty > 2.5 x downtime 75% of monthly fee

Note:
* Fluctuations may occur on a quarterly basis, does not include pre-defined and pre-announced service windows
** 08.00 – 17.00 CET.
*** All potential penalty fee amounts shall be paid in the form of Service Credits in accordance with “4C Strategies Software as a Service – Terms and Conditions”
Approach to resilience Our services run in a fully redundant and clustered infrastructure on Site A. All systems are then replicated to a fully redundant clustered infrastructure on Site B. In case of an emergency the delivery of services will switch from Site A to Site B. Details available on request.
Outage reporting Email alerts to appointed contacts within customer organization. If outage is endangering SLA breach escalation to a management incident team who will contact customer by phone or other agreed means.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels Restricted to named users with access control and regular review.
Access restriction testing frequency At least every 6 months
Management access authentication Dedicated link (for example VPN)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • UK Cyber Essentials
  • IASME

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards UK Cyber Essentials
Information security policies and processes 4C closely follow standard set out in ISO27001 and are working towards acrreditation at 4C Group Level.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach IT Service management is in line with ISO27001 and certified through IASME. Our hosting environment uses automated configuration tools to maintain an overview of system status. Planned significant changes are extensively tested in a sandbox environment prior to deployment. Monthly management checks are used to assure this process.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach IT Service management is in line with ISO27001 and certified through IASME. Our hosting environment is patched in accordance with normal industry practice and timescales. Automated reporting tools are used to maintain configuration control. Monthly management checks and annual penetration testing is used to assure this process.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach IT Service management is in line with ISO27001 and certified through IASME. Our hosting environment uses automated monitoring scanning tools to identify and handle potential incidents. Alerts are generated and handled by support personnel as appropriate. Monthly management checks are used to assure this process.
Incident management type Supplier-defined controls
Incident management approach Depending on the type of incident it is always directly escalated to a responsible manager who then does an assessment and escalates further if needed. Incidents are either reported by automatic alarms or reported through any of our available support channels: web / email / phone. Affected clients are always notified through their POC and an incident report made available afterword either by request or automatically sent out depending on the contractual agreement.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £700 per user per year
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑