VFA UK

VFA capital planning solutions

VFA Facility allows stakeholders and executives to effectively manage and maintain facilities data and to leverage it in making optimal decisions about facility spending and capital planning. VFA Auditor is a mobile solution which leverages Accruent’s extensive assessment experience to empower customers to perform their own facility condition assessments.

Features

  • Hierarchical real estate portfolio database
  • Facility condition tracking and indexing
  • Capital project tracking
  • Cost estimation of replacement value and capital projects
  • Goal-oriented capital and budget forecasting
  • Facility and equipment lifecycle planning
  • Rule-based capital project prioritization
  • Library of standard reports & dashboards, available ad-hoc reporting
  • Mobile utility for inventory and condition assessments
  • Data validation and workflow control

Benefits

  • Centralize Information about facility assets, including condition, costs, type, etc.
  • Project the cost of construction, repairs, and renewals
  • Forecast your budget based on strategic organizational needs
  • Apply goals to identify capital projects with the highest priority
  • Identify when it is time to replace equipment before failure
  • Create defensible evidence for required budget and resources
  • Share the right data with the right stakeholders when needed
  • Create reports and dashboards unique to your needs
  • Create surveys that feed data directly into the database
  • Surveys to capture photos and other evidence of needed repairs

Pricing

£3700 per instance per year

Service documents

Framework

G-Cloud 11

Service ID

7 1 5 6 2 1 6 8 3 8 2 2 4 4 9

Contact

VFA UK

Andrew Schafer

447764661582

aschafer@accruent.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
Accruent performs maintenance releases for VFA solutions on a monthly cycle or as needed. The construction cost estimation database is updated annually at the end of Q1. All releases are preceded by email notification two weeks prior to release.

Releases typically require a 24-hour downtime period.
System requirements
  • (VFA Facility) use of a secure, supported Internet browser
  • (VFA Auditor) Apple, Google, Android, or Windows mobile device

User support

Email or online ticketing support
Email or online ticketing
Support response times
Severity Definition Response Time

Response times do not change at the weekend.

1: Critical issue resulting in a complete system outage/major application failure, preventing a critical business process that has immediate impact. There is no workaround available = 1 business hour

2: Serious issue preventing execution of a critical business process, causing disruption of a major business function = 4 business hours

3: Issue that does not prevent the execution of a critical business process and does not impact data integrity = 2 business days

4: An inquiry and/or low system/business process impact issue = 3 business days.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
No
Support levels
24x7 phone support for high severity issues and 7 AM - 7 PM CT US business hours is the default Support offering for VFA solutions. Other options are available for an additional cost.

Accruent Support offers Technical Account Managers for an added cost. Technical Account Managers are responsible for understanding the client's business process in the context of our applications and providing the customer with subject matter expertise in both the application and their use of it.
Support available to third parties
No

Onboarding and offboarding

Getting started
Our Professional Services team offers a broad range of both standard and bespoke services for getting our clients up and running on the VFA Facility and VFA Auditor solutions. These include software implementation and training as well as a diverse set of additional managed services such as consulting, data maintenance, process mapping, and custom training. Online and in-person training is avaiable for all of our solutions, and the solutions feature embedded in-appication help. We also offer tutorials for specific actions.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Customers can utilize VFA Facility's export utility to export their data in a flat file format.
End-of-contract process
All customer accounts for the site will be suspended. The site and the data will remain intact for an agreed upon period of time. As described in the previous question, all data will be returned in a client-consumable format.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Chrome
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None
Service interface
Yes
Description of service interface
Users can use our web applications to interact with product or they could use REST API calls to communicate with VFA Products.
Accessibility standards
None or don’t know
Description of accessibility
Accessibility standards have been discussed in general but no project as yet to set aside for this specifically. At a minimum, we ensure that foreground and background combinations provide sufficient contrast when viewed by someone having colour deficits.
Accessibility testing
None.
API
Yes
What users can and can't do using the API
We offer a range of web services APIs which can be used to create, edit, and close objects within the database.
API documentation
No
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Our team is highly skilled and experienced in customizing VFA Facility, VFA Auditor, and our associated services to meet the unique needs of disparate organizations. Areas of possible customization include data maintenance programs, process mapping, training program,s custom reports, fields and drop-down lists, and many more. Organizations can also add their branded logo/art to the login and reports. Client-side users can configure available modules and data access to specific users and can create customized properties for objects.

Scaling

Independence of resources
Network, application, and database tiers are all fully redundant, and our environments are designed to be scalable over time. Load balancers direct customer traffic to nodes that have enough available resources to handle incoming requests.

Analytics

Service usage metrics
Yes
Metrics types
Service uptime is reported through our automated monitoring tools. Service uptime is calculated based on a myriad of dynamic monitors, including both event-oriented and synthetic transaction data sources.
Reporting types
Real-time dashboards

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data can be exported as XLS or CSV from the Export Utility.
Data export formats
  • CSV
  • Other
Other data export formats
  • XLS
  • Text
  • PDF
Data import formats
Other
Other data import formats
XLS

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
SLAs are provided in the product Terms and Conditions Document, which we have uploaded with our submission.
Approach to resilience
Uptime statics for the service are public and show a pattern of high uptime and resilience. The service includes redundancy at all levels of the architecture to ensure high uptime and availability for both operational issues and natural disasters. Further details are available upon request.
Outage reporting
Accruent maintains an internal dashboard with service availability reports that provide great detail and insight into potential causes for outages. A simplified, external dashboard is available to clients.

Identity and authentication

User authentication needed
Yes
User authentication
Other
Other user authentication
TBC
Access restrictions in management interfaces and support channels
Access to functionality, modules, and data regions can be defined at an individual account level
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Lloyd's Register Quality Assurance
ISO/IEC 27001 accreditation date
3/22/2016
What the ISO/IEC 27001 doesn’t cover
The platform itself, and associated development practices, are not covered under the ISO 27001 certification.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Annual risk assessments are performed against the platform, based on the NIST 800-30 guidelines. The platform is continuously tested for security vulnerabilities, and any risks identified are triaged with the VFA product team.
Information security policies and processes
Accruent has developed internal information security policies and processes aligned with industry standards. All Accruent employees are required to read and acknowledge our security policies, as well as complete Information Security and Privacy training in the Accruent Learning Management System (LMS) on an annual basis.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Requests are prioritized and documented by product development teams. When the development is completed, it is passed on to testing via a workflow tool. Only approved/tested changes are committed to release candidates. Further release testing occurs and, at the time of release, only approved/tested code is released. Continual web app security assessments are performed on the service to ensure new vulnerabilities are not introduced.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Vulnerabilites are evaluated based on CVSS ratings. Accruent maintains remediation targets for identified vulnerabilities based on criticality and standards for evaluating security fixes alongside feature requests and other development activities. Patch management is included in our release cycle (current patches are tested in DEV environments alongside new code, and released to production all at once).
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Security related events (AV, IDS, dynamic monitors) are collected and reported upon using centralized interfaces. Alerts generated from these tools are treated as security incidents and trigger Accruent's Incident Response Plan.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Accruent maintains formalized Incident Management procedures. All employees that work in a role scoped for platform maintenance, monitoring, or support are trained on this process at least annually.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£3700 per instance per year
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑