This G-Cloud 10 service is no longer available to buy.

The G-Cloud 10 framework expired on Tuesday 2 July 2019. Any existing contracts with Asprey Solutions are still valid.
Asprey Solutions

Asprey Property Works and Contract Management Solution

Asprey Contract Manager is a web based solution with user friendly functions that provides comprehensive works management, with complete process control and progress transparency.
This solution simplifies the process of overseeing works and improves the quality of management information throughout your organisation.

Features

  • Comprehensive Web-based solution providing insightful analytics and visualisations via dashboards
  • Works management incorporating financial and process control with progress transparency
  • Innovative reporting features, on-screen RAG status and topical data explorers
  • Mobile data collection with extensive validation for economic data collection
  • Detailed audit and evidentiary features with in-built document management
  • Traffic light risk warnings for time and cost measures
  • Component cost and multiple SORs with variation, risk, valuation management
  • Detailed programme financial and budgetary management with forecast cash flows
  • Defect liability and warranty management
  • Authorisation and approval process for key business controls

Benefits

  • Demonstrably proper asset custodianship
  • Access to our wealth of corporate expertise in asset management
  • Improves quality and transparency of information throughout your organisation
  • Integrated analytics layer seamlessly uses primary data, providing immediate ROI
  • Intuitive and user-friendly tools ensure efficiency gains across user organisations
  • Flexibly meeting existing business processes or revisions, for organisational transformation
  • Simple access to macro and micro data improves user productivity
  • Proven productivity and efficiency improvements
  • Organisational ownership of data regardless of source is maintained
  • Ensures real time and superior management information alongside fiscal clarity

Pricing

£5,500 a licence a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rachel.ratty@aspreysolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 10

Service ID

6 4 3 3 4 0 4 4 8 7 6 2 1 0 0

Contact

Asprey Solutions Rachel Ratty
Telephone: 0330 460 9752
Email: rachel.ratty@aspreysolutions.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Out of hours scheduled maintenance and upgrades.
System requirements
  • Internet Connection
  • Web browser
  • Optional Microsoft Office for data export

User support

Email or online ticketing support
Email or online ticketing
Support response times
Our standard SLAs are:

System Down - System is 100% unavailable. Response time within 2 hours, Resolution within 2 working hours or as the client agrees or specifies.

Live system element is broken - System is functioning but users are unable to perform tasks. Response Time within 4 hours, Resolution within 3 working days or as the client agrees or specifies

Query Resolution - This is deemed to be a minor problem you can continue working with and is not a systems failure. Response time within 6 hours, Resolution within 5 Working days or as the client agrees or specifies
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Our standard SLA break support tickets into three categories;

System Down - System is 100% unavailable either from a technical or business perspective. Response time within 2 hours, Resolution within 2 working hours or such longer period as the client agrees or specifies.

Live system element is broken - System is functioning but one or more users and unable to perform tasks on the system Response Time within 4 hours, Resolution within 3 working days or such longer period as the client agrees or specifies

Any other matter logged by e-mail to the Response Centre - This is deemed to be a minor problem you can continue working with and is not related to a systems failure. Response time within 6 hours, Resolution within 5 Working days or such longer period as the client agrees or specifies

Support is provided between the hours of 08:30 and 17:30 each day excluding Public Holidays and weekends. Standard support is included in the cost of the solution.

Clients have direct access to their account manager and are provided with contact details including a mobile number. Account managers have the power to reassess support tickets and escalate as appropriate.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Asprey follow a proven project management and implementation methodology which a tailored adaptation of PRINCE 2 for the social housing market.

Key onboarding milestones include:

Solution configuration workshops to ensure software meets the clients needs and business processes.

In-depth data analysis cleansing and gap analysis prior to system data loading of all electronic data provided.

Data baseline meeting including data weakness reporting, Decent Homes / SHQS / WHQS position, 30-year forecast assessment and Energy (SAP) assessment.

Interactive training sessions to ensure users are familiar with the products prior to go live.

Internal marketing presentations where the solution is demonstrated to the wider organisation and / or senior management.

Access to full product documentation, knowledgebase, FAQ’s and regular tricks and tips.

Optional on-site managed service consultancy for ongoing product adoption.

Regular account management meetings to ensure the organisation maximises the benefit from the use of the system.

Support services include an annual data health check to ensure the data is being correctly maintained and an annual training needs analysis to identify skill gaps based on raised support tickets.

Annual user group held for user collaboration and to determine future development priorities for the suite.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Clients are able to access the entire data structure using standard reporting tools such as SQL Server, SSRS, SSIS, Excel and PowerBI.

Data from each module can be exported separately using import / export function within the suite.

Standard product APIs can be used to extract data from the suite.

Data extraction service can be provided on a time and materials basis or a fixed price quotation.
End-of-contract process
Following notification of service termination, a plan will be agreed including data extract requirements and service end date.

Following the service end date all client data and backups will be deleted.

Support for data extraction using standard product export functionality will be provided. Customised data extraction services can be provided on a time and materials basis or a fixed price quotation.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The mobile data collection application has been optimised for mobile devices. The mobile application's user interface has been optimised for touch input and easy, efficient data collection on various screen sizes.
Accessibility standards
None or don’t know
Description of accessibility
The suite is not currently fully compliant with accessibility standard. We work with clients who have specific needs to ensure accessibility can be maintained and considered in future development.
Accessibility testing
None
API
Yes
What users can and can't do using the API
APIs are available across our suite, depending on what systems the user client wishes to interface to. Users can consume the API to read and write in the application.
API documentation
Yes
API documentation formats
  • PDF
  • Other
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The system is extremely flexible in terms of configuration, for example data structure and survey design. Users with the relevant access are able to set up and or amend these to meet emerging business requirements. The solution contains many in-built features to assist with configuration changes, particularly around survey design.

Scaling

Independence of resources
Asprey utilise a mature public cloud service in Microsoft Azure to provide a robust, scalable solution to support our suite. Asprey do not operate a multi tenanted infrastructure and as such clients are provided with a dedicated solution scaled to meet the needs of the organisation. This ensures there is no completion for the resources available.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Clients are able to access the entire data structure using standard reporting tools such as SQL Server, SSRS, SSIS, Excel and PowerBI.

Data from each module can be exported separately using import / export function within the suite.

Standard product APIs can be used to extract data from the suite.

Data extraction service can be provided on a time and materials basis or a fixed price quotation.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
XML
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Asprey utilise a mature public cloud service in Microsoft Azure to provide a robust, scalable solution to support our suite. Microsoft guarantee at least 99.5% connectivity.
Approach to resilience
The solution takes advantage of Azure of high availability, disaster recovery and backup on Azure’s network.

Further information available on request.
Outage reporting
Asprey utilise a mature public cloud service in Microsoft Azure to provide a robust, scalable solution to support our suite. Azure provides a public dashboard which shows the status of service. Azure also provides email alerts which are provide to clients if relevant.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
The Asprey suite utilise the Azure Active Directory / ASP.NET security model which is a tried and tested system. Each user is assigned a number ‘roles’ for each of the products that indicates the screens they can see and the functions they can access including whether they have an ability to Add, Edit, Delete and View information. Passwords are stored encrypted and each account will allow for five incorrect password attempts before the account becomes locked and needs to be reset by a system administrator.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Asprey have a set of internally agreed policies regarding security which are regularly reviewed. Our security governance approach covers the use of policies, processes, audits, user awareness and training.
Information security policies and processes
Asprey have a comprehensive information security policy that is regularly reviewed to ensure process are compliant. All staff undertake external training to ensure awareness of information security requirements. Internal workshops are held regularly to ensure compliance with internal procedures.
Documented policies include:

- Information Security
- Data Protection / GDPR
- Acceptable Use
- Backup
- Information Classification and Data Retention
- Change Management
- Access Control
- Business Continuity
- Incident Response

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Azure follow the continuous delivery model to provide iterative improvements to their cloud based infrastructure. This allows for a structured method of planning, development and deploying changes in a way to ensure system resilience.

The Asprey development team follow and Agile approach throughout the development lifecycle which allows for small iterations to be managed and integrated. Short iterations allow Asprey to ensure the quality of developments while also allowing flexible response to emerging technical and industry requirements.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Asprey utilise Azure’s Security Centre which provides continuous monitoring of the security of machines, networks and services using hundreds of built-in security assessments and provides security recommendations to remediate issues before they can be exploited.
It enables adaptive threat protection to reduce exposure to attacks. Blocking malware and other unwanted code by applying application controls adapted to your specific workloads and powered by machine learning. It also enable just-in-time, controlled access to management ports on Azure VMs to drastically reduce surface area exposed to brute force and other network attacks.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Asprey utilise Azure’s Security Centre which provides continuous monitoring of the security of machines, networks and services using hundreds of built-in security assessments and provides security recommendations to remediate issues before they can be exploited.
It enables adaptive threat protection to reduce exposure to attacks. Blocking malware and other unwanted code by applying application controls adapted to your specific workloads and powered by machine learning. It also enable just-in-time, controlled access to management ports on Azure VMs to drastically reduce surface area exposed to brute force and other network attacks.
Incident management type
Supplier-defined controls
Incident management approach
Asprey have an incident response plan that we can supply upon request. This covers:
• Incident Preparation
• Discovery
• Notification
• Analysis and Assessment
• Response
• Containment
• Prevention
• Restoration
• Documentation
• Evidence Preservation and Evaluation

Users can report any incidents via the Asprey Support service. Post resolution of an incident the information is summarised to assess its impact, actions taken further actions required to mitigate the risk of future occurrence / impact.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£5,500 a licence a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
An evaluation copy of functional modules using sample data can be provided upon request.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rachel.ratty@aspreysolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.