Keepsite is a SaaS application for organisations that work on the basis of delivering projects. Using keepsite, organisations and project teams can manage each project, and all their projects as an integrated portfolio. Key modules include for risk management and document management.
- Integrated Project and Portfolio management
- Document Management (BIM PAS1192-4 compliant)
- Task Management
- Mobile App allows field surveys and data collection
- Remote access
- Risk management, issue management, lessons learned
- Real-time and historical reporting
- Enterprise integration (enterprise API, custom subdomain, SSO)
- Service Level Agreement (SLA)
- Common data environment (CDE)
- Reduces administration time for project teams
- Helps get better value out of external consultants and contractors
- Gives portfolio level insights over your projects
- Aggregate data from across all projects
- Use historical data to learn and improve over time
- Provides visibility across projects
- Collaborative management across departments and firms
- Accommodate any required project workflows
- Integrates with third-party applications (ERP, etc.)
£10 to £15 per person per month
- Education pricing available
- Free trial available
Keepsite Software Limited
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Service constraints||Keepsite currently Updates the Service twelve (12) times per year but the number of Updates may be increased or decreased by Keepsite, to a maximum 24 hours per year. Updates requiring scheduled downtime will be pre-empted by a scheduled downtime warning no less than 72 hours before being implemented. These notifications will be delivered to all users via in app notifications and to named contacts via email.|
|System requirements||No specific requirements beyond web browser access.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Keepsite will provide Customer with 24x7x365 technical assistance in accordance with it's SLA.
Severity Level 1: 1 hour
Severity Level 2: 1 hour
Severity Level 3: 4 hours
Severity level 4: 24 hours
Severity Level 5: 24 hours
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||None or don’t know|
|How the web chat support is accessible||Video, voice, text. Interface and interaction design consistent with good practice accessibility principles but uncertified.|
|Web chat accessibility testing||None.|
|Onsite support||Yes, at extra cost|
If an issue is unable to be resolved remotely we are able to provide onsite support at a daily cost per attending person. We will dispatch an appropriate team member depending on the nature of the issue. For pricing, refer separate pricing document.
For offsite training, we will provide a service based on these rates tailored to suite requirements.
|Support available to third parties||Yes|
Onboarding and offboarding
Potential customers can trial Keepsite at no cost. Basic information is required to get started on a trial.
We provide user documentation via our online knowledge-base, we offer onsite or remote training, including via video-conferencing or webinar.
|End-of-contract data extraction||
Data can be downloaded directly from the application by all authorised users.
Enterprise customers can receive a download of their data, provided via file transfer.
Customers can download their data or receive a data download of their database records from Keepsite. Included in cost.
Customers can elect to delete their account entirely or maintain an archived account, which can be later reactivated. Archived account incurs a nominal data storage charge.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Yes. Functionality is restricted on the mobile applications (IOS and Android) to actions that can be meaningly completed on such devices.|
|Accessibility standards||None or don’t know|
|Description of accessibility||TBC|
|What users can and can't do using the API||TBC|
|API documentation formats||
|API sandbox or test environment||Yes|
|Description of customisation||
1. Users can write plugins to integrate directly to the Keepsite platform, which can be private and proprietary, made available on a commercial basis, or made available on a public and open source basis.
2. Customers can configure the software and workflows from directly within the application to tailor it to the needs of their business, individual business units, or project requirements.
3. Customers can utilise the API to administer aspects of the application from third party systems.
|Independence of resources||
By committing to KPI's established within the SLA, which guarantee a minimum service and performance level.
Keepsite is designed to be a highly performant application and currently supports enterprise customers across the globe.
|Service usage metrics||Yes|
Anonymised aggregated data pertaining to number of active users, frequency of use, and within application behaviour (which features are being used, etc.
We are working toward real-time dashboards for service metrics.
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Data sanitisation process||No|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||Download it direct from the user interface.|
|Data export formats||
|Data import formats||
|Other data import formats||Various file types can be accommodated for documents, images, etc.|
|Data protection between buyer and supplier networks||Private network or public sector network|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
Keepsite's Service Availability commitment for a given twelve (12) month period is 99.5%.
Service Availability is calculated as follows:
Total - Unplanned Outage - Planned Maintenance
Total - Planned Maintenance X 100 ≥ 99.5%
In the event of a failure by Keepsite to meet the Service Availability and Service Response minimums as set forth in this SLA, as Customer's sole and exclusive remedy, at Customers request, Keepsite shall provide service credits.
|Approach to resilience||
Service Level Agreement
Analysis of the design
Implementing public dashboard Q3 2018
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
Keepsite maintain nuanced user access controls across for all levels of functionality, which are structured at the organisation business unit and project levels.
In addition, customers manage only their own service, and cannot access, modify or otherwise affect the service of other consumers via management tools and interfaces and they can restrict permissions given to administrators, including in the context of collaboratively managed projects.
This applies for support as well as application interfaces.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||Currently in process of certifying.|
|Information security policies and processes||
Keepsite maintains a comprehensive, written information security program that contains administrative, technical, and physical safeguards that are appropriate to (a) the size, scope and type of Keepsite's business; (b) the amount of resources available to Keepsite; (c) the type of information that Keepsite will store; and (d) the need for security and confidentiality of such information.
We assign security responsibility - Assigning responsibility for the development, implementation, and maintenance of its Information Security Program, including:
- Designating a security official with overall responsibility;
- Defining security roles and responsibilities for individuals with security responsibilities; and
- Designating a Security Council consisting of cross-functional management representatives to meet on a regular basis.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||Full details available upon request.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||Potential threats, vulnerabilities or exploitations that could affect the service are assessed, and corrective actions taken. Keepsite monitor relevant sources of information relating to threat, vulnerability and exploitation techniques and the severity of threats and vulnerabilities is considered. We use this information to prioritise implementation of mitigations. Known vulnerabilities within the service are tracked until appropriate mitigations have been deployed and the timescales for implementing mitigations to vulnerabilities is available.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||Keepsite monitors the hardware that supports the application and has programmed alerts for monitored network components, such as CPU, memory, storage, database, and other components. Operations staff monitor alerts associated with deviations to against defined thresholds, and follow standard operating procedures to investigate and resolve underlying issues.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
We maintain a security incident response plan that includes procedures to be followed in the event of any security breach of Customer Data or any security breach of any application or system directly associated with the accessing, processing, storage, communication or transmission of Customer Data.
Formation of an internal incident response team with a response leader;
Assessing the risk the incident poses and determining who may be affected;
Internal reporting as well as a notification process
Keeping a permanent record of what was done and by whom
Conducting and documenting root cause analysis and remediation plan
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£10 to £15 per person per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||The first three projects are free. Students use the application for free.|