Asprey Solutions

Asprey Property Works and Contract Management Solution

Asprey Contract Manager is a web based solution with user friendly functions that provides comprehensive works management, with complete process control and progress transparency.
This solution simplifies the process of overseeing works and improves the quality of management information throughout your organisation.

Features

  • Comprehensive Web-based solution providing insightful analytics and visualisations via dashboards
  • Works management incorporating financial and process control with progress transparency
  • Innovative reporting features, on-screen RAG status and topical data explorers
  • Mobile data collection with extensive validation for economic data collection
  • Detailed audit and evidentiary features with in-built document management
  • Traffic light risk warnings for time and cost measures
  • Component cost and multiple SORs with variation, risk, valuation management
  • Detailed programme financial and budgetary management with forecast cash flows
  • Defect liability and warranty management
  • Authorisation and approval process for key business controls

Benefits

  • Demonstrably proper asset custodianship
  • Access to our wealth of corporate expertise in asset management
  • Improves quality and transparency of information throughout your organisation
  • Integrated analytics layer seamlessly uses primary data, providing immediate ROI
  • Intuitive and user-friendly tools ensure efficiency gains across user organisations
  • Flexibly meeting existing business processes or revisions, for organisational transformation
  • Simple access to macro and micro data improves user productivity
  • Proven productivity and efficiency improvements
  • Organisational ownership of data regardless of source is maintained
  • Ensures real time and superior management information alongside fiscal clarity

Pricing

£5500 per licence per year

  • Free trial available

Service documents

G-Cloud 10

643340448762100

Asprey Solutions

Rachel Ratty

01564 771600

rachel.ratty@aspreysolutions.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Out of hours scheduled maintenance and upgrades.
System requirements
  • Internet Connection
  • Web browser
  • Optional Microsoft Office for data export

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Our standard SLAs are:

System Down - System is 100% unavailable. Response time within 2 hours, Resolution within 2 working hours or as the client agrees or specifies.

Live system element is broken - System is functioning but users are unable to perform tasks. Response Time within 4 hours, Resolution within 3 working days or as the client agrees or specifies

Query Resolution - This is deemed to be a minor problem you can continue working with and is not a systems failure. Response time within 6 hours, Resolution within 5 Working days or as the client agrees or specifies
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Our standard SLA break support tickets into three categories;

System Down - System is 100% unavailable either from a technical or business perspective. Response time within 2 hours, Resolution within 2 working hours or such longer period as the client agrees or specifies.

Live system element is broken - System is functioning but one or more users and unable to perform tasks on the system Response Time within 4 hours, Resolution within 3 working days or such longer period as the client agrees or specifies

Any other matter logged by e-mail to the Response Centre - This is deemed to be a minor problem you can continue working with and is not related to a systems failure. Response time within 6 hours, Resolution within 5 Working days or such longer period as the client agrees or specifies

Support is provided between the hours of 08:30 and 17:30 each day excluding Public Holidays and weekends. Standard support is included in the cost of the solution.

Clients have direct access to their account manager and are provided with contact details including a mobile number. Account managers have the power to reassess support tickets and escalate as appropriate.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Asprey follow a proven project management and implementation methodology which a tailored adaptation of PRINCE 2 for the social housing market.

Key onboarding milestones include:

Solution configuration workshops to ensure software meets the clients needs and business processes.

In-depth data analysis cleansing and gap analysis prior to system data loading of all electronic data provided.

Data baseline meeting including data weakness reporting, Decent Homes / SHQS / WHQS position, 30-year forecast assessment and Energy (SAP) assessment.

Interactive training sessions to ensure users are familiar with the products prior to go live.

Internal marketing presentations where the solution is demonstrated to the wider organisation and / or senior management.

Access to full product documentation, knowledgebase, FAQ’s and regular tricks and tips.

Optional on-site managed service consultancy for ongoing product adoption.

Regular account management meetings to ensure the organisation maximises the benefit from the use of the system.

Support services include an annual data health check to ensure the data is being correctly maintained and an annual training needs analysis to identify skill gaps based on raised support tickets.

Annual user group held for user collaboration and to determine future development priorities for the suite.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Clients are able to access the entire data structure using standard reporting tools such as SQL Server, SSRS, SSIS, Excel and PowerBI.

Data from each module can be exported separately using import / export function within the suite.

Standard product APIs can be used to extract data from the suite.

Data extraction service can be provided on a time and materials basis or a fixed price quotation.
End-of-contract process Following notification of service termination, a plan will be agreed including data extract requirements and service end date.

Following the service end date all client data and backups will be deleted.

Support for data extraction using standard product export functionality will be provided. Customised data extraction services can be provided on a time and materials basis or a fixed price quotation.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The mobile data collection application has been optimised for mobile devices. The mobile application's user interface has been optimised for touch input and easy, efficient data collection on various screen sizes.
Accessibility standards None or don’t know
Description of accessibility The suite is not currently fully compliant with accessibility standard. We work with clients who have specific needs to ensure accessibility can be maintained and considered in future development.
Accessibility testing None
API Yes
What users can and can't do using the API APIs are available across our suite, depending on what systems the user client wishes to interface to. Users can consume the API to read and write in the application.
API documentation Yes
API documentation formats
  • PDF
  • Other
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The system is extremely flexible in terms of configuration, for example data structure and survey design. Users with the relevant access are able to set up and or amend these to meet emerging business requirements. The solution contains many in-built features to assist with configuration changes, particularly around survey design.

Scaling

Scaling
Independence of resources Asprey utilise a mature public cloud service in Microsoft Azure to provide a robust, scalable solution to support our suite. Asprey do not operate a multi tenanted infrastructure and as such clients are provided with a dedicated solution scaled to meet the needs of the organisation. This ensures there is no completion for the resources available.

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Clients are able to access the entire data structure using standard reporting tools such as SQL Server, SSRS, SSIS, Excel and PowerBI.

Data from each module can be exported separately using import / export function within the suite.

Standard product APIs can be used to extract data from the suite.

Data extraction service can be provided on a time and materials basis or a fixed price quotation.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats XML
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Asprey utilise a mature public cloud service in Microsoft Azure to provide a robust, scalable solution to support our suite. Microsoft guarantee at least 99.5% connectivity.
Approach to resilience The solution takes advantage of Azure of high availability, disaster recovery and backup on Azure’s network.

Further information available on request.
Outage reporting Asprey utilise a mature public cloud service in Microsoft Azure to provide a robust, scalable solution to support our suite. Azure provides a public dashboard which shows the status of service. Azure also provides email alerts which are provide to clients if relevant.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels The Asprey suite utilise the Azure Active Directory / ASP.NET security model which is a tried and tested system. Each user is assigned a number ‘roles’ for each of the products that indicates the screens they can see and the functions they can access including whether they have an ability to Add, Edit, Delete and View information. Passwords are stored encrypted and each account will allow for five incorrect password attempts before the account becomes locked and needs to be reset by a system administrator.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Asprey have a set of internally agreed policies regarding security which are regularly reviewed. Our security governance approach covers the use of policies, processes, audits, user awareness and training.
Information security policies and processes Asprey have a comprehensive information security policy that is regularly reviewed to ensure process are compliant. All staff undertake external training to ensure awareness of information security requirements. Internal workshops are held regularly to ensure compliance with internal procedures.
Documented policies include:

- Information Security
- Data Protection / GDPR
- Acceptable Use
- Backup
- Information Classification and Data Retention
- Change Management
- Access Control
- Business Continuity
- Incident Response

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Azure follow the continuous delivery model to provide iterative improvements to their cloud based infrastructure. This allows for a structured method of planning, development and deploying changes in a way to ensure system resilience.

The Asprey development team follow and Agile approach throughout the development lifecycle which allows for small iterations to be managed and integrated. Short iterations allow Asprey to ensure the quality of developments while also allowing flexible response to emerging technical and industry requirements.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Asprey utilise Azure’s Security Centre which provides continuous monitoring of the security of machines, networks and services using hundreds of built-in security assessments and provides security recommendations to remediate issues before they can be exploited.
It enables adaptive threat protection to reduce exposure to attacks. Blocking malware and other unwanted code by applying application controls adapted to your specific workloads and powered by machine learning. It also enable just-in-time, controlled access to management ports on Azure VMs to drastically reduce surface area exposed to brute force and other network attacks.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Asprey utilise Azure’s Security Centre which provides continuous monitoring of the security of machines, networks and services using hundreds of built-in security assessments and provides security recommendations to remediate issues before they can be exploited.
It enables adaptive threat protection to reduce exposure to attacks. Blocking malware and other unwanted code by applying application controls adapted to your specific workloads and powered by machine learning. It also enable just-in-time, controlled access to management ports on Azure VMs to drastically reduce surface area exposed to brute force and other network attacks.
Incident management type Supplier-defined controls
Incident management approach Asprey have an incident response plan that we can supply upon request. This covers:
• Incident Preparation
• Discovery
• Notification
• Analysis and Assessment
• Response
• Containment
• Prevention
• Restoration
• Documentation
• Evidence Preservation and Evaluation

Users can report any incidents via the Asprey Support service. Post resolution of an incident the information is summarised to assess its impact, actions taken further actions required to mitigate the risk of future occurrence / impact.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £5500 per licence per year
Discount for educational organisations No
Free trial available Yes
Description of free trial An evaluation copy of functional modules using sample data can be provided upon request.

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑