FM:Systems

FM:Systems – Digital Workplace Solutions

Our integrated platform is the most comprehensive available, meeting all the needs of global users. All the tools, information, and operational capability that a leading edge CAFM or IWMS has via FMS:Workplace
All building user needs (room, desk booking) via FMS:Employee
Executive Management performance information via AI driven FMS:Analytics

Features

  • Adaptable - for small or large organisations
  • Personalisation – user profiles - eg language
  • Integration – fully integrates into other systems
  • Configuration – user driven extensions that upgrade seamlessly
  • Extendible database – users can add new tables and attributes
  • Available on all devices and browsers, responsive design
  • Secure, scalable solution – with guaranteed high availability
  • Workplace – tools for all CRE and FM teams
  • Employee – Room and Desk Booking, Visitor Management
  • Analytics – utilisation and environmental insight via over sixteen sources

Benefits

  • Early benefits realisation – client priority driven implementation methodology
  • Forward thinking – strategic planning for property portfolio and workspaces
  • Reduce costs and deliver ideal workplaces through unparalleled utilisation
  • Enhance productivity through streamlined processes
  • Intuitive / ease of use - minimal training required
  • Industry best practices – established models and processes
  • Proven solution - well established in public sector
  • Evolution – roadmap of constantly improving functionality
  • Low cost and rapid implementation via FMS or proven partners
  • Seamless – integrates into organisation with SSO

Pricing

£1,000 a licence

Service documents

Framework

G-Cloud 12

Service ID

7 2 9 0 1 4 1 5 1 6 2 1 9 9 6

Contact

FM:Systems Rohit Kohli
Telephone: +44 (0) 203 002 0014
Email: rkohli@fmsystems.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
FM:Systems Platform (Workplace, Employee and Analytics) integrates with other key client systems such as ERP, Talent Management (HCM), Finance, GIS mapping, CAD. BIM and IoT systems
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
There are no current constraints
System requirements
Fully web-based solution, works on all common browsers

User support

Email or online ticketing support
Email or online ticketing
Support response times
Details provided in FMS – G-Cloud-Service Description
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Standard support:
1 Critical: No useful work can be done
2 High: service/functionality disabled
3 Medium: degraded operations; malfunction in non-critical functionality 4 Low: Minimal impact errors
n/a Enhancement Request Premium / Technical Account Manager (chargeable) support available at extra cost.
Details of all service options in FMS - G-Cloud Service Description
Support available to third parties
No

Onboarding and offboarding

Getting started
FM:Systems has a robust, proven and easy to understand deployment methodology for implementing our solution. Details and explanation are provided to clients. The initiation (getting started) phase is - Project Preparation. The initial Project Preparation begins with Orientation, which will set your team up for success for the duration of the project. We have divided the Orientation into three different sessions that will prepare you for navigating the application, understanding our terminology, our recommended best practices, the integration of your floor plans, and the project process itself. A Readiness Survey will be completed at the end of Orientation so that Professional Services can determine the appropriate resources needed on the implementation and identify any potential areas where extra guidance may be needed prior to kicking off the project.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
FMS will return the Client Data within a reasonable period in a reasonable and common format upon receiving written instructions from the Client prior to termination or expiration. They may be a nominal fee charged for this – it would be agreed during contract negotiations. The effectiveness is monitored using the "off-boarding checklist"
End-of-contract process
When the contract term is complete, or just prior, the client confirms if any data from the system is required. This will be provided in the format agreed at the outset. Unless a specific, nominal charge, is agreed there will be no further charges. This will all be formally documented to the clients' satisfaction.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
There are mobile specific applications/processes, such as field engineers, space management, and room / desk reservation. The web-based solution is based on a “responsive design” approach – so it will always be viable through any standard device. Some advanced view configurations/dashboards are not available in the mobile service.
Service interface
No
API
Yes
What users can and can't do using the API
Integrating with other 3rd party systems are a part of virtually very implementation we do, and we are comfortable interfacing with almost any modern software you could be using today. We have a wide range of interfaces & APIs, which will vary by solution. The level of integration would be dependent on client requirements. Full details of access and usage are provided to clients as part of the implementation.
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Most enhancements can be provided via CONFIGURATION with no source code changes. Clients, including third parties they engage, can CUSTOMISE the solution (adapt code). Strict guidelines are provided and any alterations must be approved by FM:Systems before acceptance into production

Scaling

Independence of resources
The client environments are logically separated and have resource allocations as required. Usage is constantly monitored and intervention occurs as needed - to prevent issues impacting performance or to add extra resources as needed.

Analytics

Service usage metrics
Yes
Metrics types
We monitor for key performance metrics to ensure an optimal user experience and detects hardware and resource needs, but not individual usage metrics. Much of this is logged in the audit logs if the client wanted to mine that information. All systems are monitored for key events with alerts setup to notify the hosting and support staff. Monitoring is used to detect any changes, availability, lack of resources, overuse of resources, etc. with automated alerts sent to the hosting department to ensure optimal end user experience. Access only for Hosting.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data exports are controlled by users - this can be done using Excel into formatted tables and reports
Data export formats
  • CSV
  • Other
Other data export formats
PDF
Data import formats
  • CSV
  • Other
Other data import formats
DWG

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Minimum service level for software availability is 99.5% with a goal of 99.9%, which is covered in our SLAs. Any credit or refund mechanism is clearly outlined in client specific contracts.
Approach to resilience
FM:Systems partners with Amazon Web Services (AWS) to deliver hosted applications both locally and abroad. With service centres in several geographic regions, Amazon Web Services allows FMS to deliver our cloud platforms to every corner of the globe with maximum reliability, availability, and security. Further details are available on request.
Outage reporting
Unplanned outages are communicated in line with standard FM:Systems documented service management processes. This will as a minimum include portal updates and e-mail. These are reported to the client within 30 minutes during working hours - for standard support. Direct contact by phone is discretionary and depends on nature of issue and client contracted SLA.

Routine refers to normal maintenance or service items that do not pose an immediate risk to systems, equipment or components. Service outages are less than one hour and the typical outage lasts approximately 15 minutes. FM:Systems Hosting Services will send a notice four or more days in advance and perform the work within the maintenance windows. There is an online incident response portal that reports planned and unplanned outages. This are all documented our SLAs.

Identity and authentication

User authentication needed
Yes
User authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Details of all security and authentication processes are available to clients or under NDA.
Access restriction testing frequency
At least once a year
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
FM:Systems have an Information Technology (IT) Security policy that establishes the requirements for the protection of our clients’ information.
Information security policies and processes
FM:Systems have an Information Technology (IT) Security policy that establishes the requirements for the protection of our clients’ information. The effectiveness and adherence to this are regularly monitored and approved alterations made. Details are available to clients or under NDA.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
FM:Systems maintain policies and procedures to manage risks associated with the application of changes to SaaS provision. Details are available on request.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We use Symanetc anti-virus. All systems are scanned quarterly by "Nessus", patched at a minimum monthly, and run active AV/IPS software that continually updates. All Systems are hosted behind a set of redundant IPS/IDS systems that are monitored 24x7x365 and (Web Application) WAF firewalls, which are specifically designed to handle up to a gigabyte of service attacks. We continually scan all builds with Veracode both statically and dynamically for vulnerabilities. All systems run current antivirus with IPS, which are continually updated. This is part of our System Security Plan that is annually audited for NIST 800-53 Rev 4 compliance.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
We monitor for key performance metrics to ensure an optimal user experience and detects hardware and resource needs, but not individual usage metrics. Much of this is logged in the audit logs if the client wanted to mine that information. All systems are monitored for key events with alerts setup to notify the hosting and support staff. Monitoring is used to detect any changes, availability, lack of resources, over use of resources, etc. with automated alerts sent to the hosting department to ensure optimal end user experience. Access only for Hosting.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
We have a fully documented Incident Response Policy that is annually trained against and exercised. This is covered in the FM:Systems ‘System Security Plan’ that is annually audited for NIST 800-53 Rev 4 low impact compliance.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£1,000 a licence
Discount for educational organisations
No
Free trial available
No

Service documents