FM:Systems

FM:Systems – Digital Workplace Solutions

Our integrated platform is the most comprehensive available, meeting all the needs of global users. All the tools, information, and operational capability that a leading edge CAFM or IWMS has via FMS:Workplace
All building user needs (room, desk booking) via FMS:Employee
Executive Management performance information via AI driven FMS:Analytics

Features

• Adaptable - for small or large organisations
• Personalisation – user profiles - eg language
• Integration – fully integrates into other systems
• Configuration – user driven extensions that upgrade seamlessly
• Extendible database – users can add new tables and attributes
• Available on all devices and browsers, responsive design
• Secure, scalable solution – with guaranteed high availability
• Workplace – tools for all CRE and FM teams
• Employee – Room and Desk Booking, Visitor Management
• Analytics – utilisation and environmental insight via over sixteen sources

Benefits

• Early benefits realisation – client priority driven implementation methodology
• Forward thinking – strategic planning for property portfolio and workspaces
• Reduce costs and deliver ideal workplaces through unparalleled utilisation
• Enhance productivity through streamlined processes
• Intuitive / ease of use - minimal training required
• Industry best practices – established models and processes
• Proven solution - well established in public sector
• Evolution – roadmap of constantly improving functionality
• Low cost and rapid implementation via FMS or proven partners
• Seamless – integrates into organisation with SSO

£1,000 a licence

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Framework

G-Cloud 12

Service ID

729014151621996

Contact

Rohit Kohli
+44 (0) 203 002 0014
rkohli@fmsystems.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: FM:Systems Platform (Workplace, Employee and Analytics) integrates with other key client systems such as ERP, Talent Management (HCM), Finance, GIS mapping, CAD. BIM and IoT systems
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: There are no current constraints
• System requirements: Fully web-based solution, works on all common browsers

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Details provided in FMS – G-Cloud-Service Description
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard support: ; 1 Critical: No useful work can be done ; 2 High: service/functionality disabled ; 3 Medium: degraded operations; malfunction in non-critical functionality 4 Low: Minimal impact errors ; n/a Enhancement Request Premium / Technical Account Manager (chargeable) support available at extra cost.; Details of all service options in FMS - G-Cloud Service Description
• Support available to third parties: No

Onboarding and offboarding

• Getting started: FM:Systems has a robust, proven and easy to understand deployment methodology for implementing our solution. Details and explanation are provided to clients. The initiation (getting started) phase is - Project Preparation. The initial Project Preparation begins with Orientation, which will set your team up for success for the duration of the project. We have divided the Orientation into three different sessions that will prepare you for navigating the application, understanding our terminology, our recommended best practices, the integration of your floor plans, and the project process itself. A Readiness Survey will be completed at the end of Orientation so that Professional Services can determine the appropriate resources needed on the implementation and identify any potential areas where extra guidance may be needed prior to kicking off the project.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: FMS will return the Client Data within a reasonable period in a reasonable and common format upon receiving written instructions from the Client prior to termination or expiration. They may be a nominal fee charged for this – it would be agreed during contract negotiations. The effectiveness is monitored using the "off-boarding checklist"
• End-of-contract process: When the contract term is complete, or just prior, the client confirms if any data from the system is required. This will be provided in the format agreed at the outset. Unless a specific, nominal charge, is agreed there will be no further charges. This will all be formally documented to the clients' satisfaction.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There are mobile specific applications/processes, such as field engineers, space management, and room / desk reservation. The web-based solution is based on a “responsive design” approach – so it will always be viable through any standard device. Some advanced view configurations/dashboards are not available in the mobile service.
• Service interface: No
• API: Yes
• What users can and can't do using the API: Integrating with other 3rd party systems are a part of virtually very implementation we do, and we are comfortable interfacing with almost any modern software you could be using today. We have a wide range of interfaces & APIs, which will vary by solution. The level of integration would be dependent on client requirements. Full details of access and usage are provided to clients as part of the implementation.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Most enhancements can be provided via CONFIGURATION with no source code changes. Clients, including third parties they engage, can CUSTOMISE the solution (adapt code). Strict guidelines are provided and any alterations must be approved by FM:Systems before acceptance into production

Scaling

• Independence of resources: The client environments are logically separated and have resource allocations as required. Usage is constantly monitored and intervention occurs as needed - to prevent issues impacting performance or to add extra resources as needed.

Analytics

• Service usage metrics: Yes
• Metrics types: We monitor for key performance metrics to ensure an optimal user experience and detects hardware and resource needs, but not individual usage metrics. Much of this is logged in the audit logs if the client wanted to mine that information. All systems are monitored for key events with alerts setup to notify the hosting and support staff. Monitoring is used to detect any changes, availability, lack of resources, overuse of resources, etc. with automated alerts sent to the hosting department to ensure optimal end user experience. Access only for Hosting.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data exports are controlled by users - this can be done using Excel into formatted tables and reports
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats: DWG

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Minimum service level for software availability is 99.5% with a goal of 99.9%, which is covered in our SLAs. Any credit or refund mechanism is clearly outlined in client specific contracts.
• Approach to resilience: FM:Systems partners with Amazon Web Services (AWS) to deliver hosted applications both locally and abroad. With service centres in several geographic regions, Amazon Web Services allows FMS to deliver our cloud platforms to every corner of the globe with maximum reliability, availability, and security. Further details are available on request.
• Outage reporting: Unplanned outages are communicated in line with standard FM:Systems documented service management processes. This will as a minimum include portal updates and e-mail. These are reported to the client within 30 minutes during working hours - for standard support. Direct contact by phone is discretionary and depends on nature of issue and client contracted SLA. ; ; Routine refers to normal maintenance or service items that do not pose an immediate risk to systems, equipment or components. Service outages are less than one hour and the typical outage lasts approximately 15 minutes. FM:Systems Hosting Services will send a notice four or more days in advance and perform the work within the maintenance windows. There is an online incident response portal that reports planned and unplanned outages. This are all documented our SLAs.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Details of all security and authentication processes are available to clients or under NDA.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: FM:Systems have an Information Technology (IT) Security policy that establishes the requirements for the protection of our clients’ information.
• Information security policies and processes: FM:Systems have an Information Technology (IT) Security policy that establishes the requirements for the protection of our clients’ information. The effectiveness and adherence to this are regularly monitored and approved alterations made. Details are available to clients or under NDA.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: FM:Systems maintain policies and procedures to manage risks associated with the application of changes to SaaS provision. Details are available on request.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We use Symanetc anti-virus. All systems are scanned quarterly by "Nessus", patched at a minimum monthly, and run active AV/IPS software that continually updates. All Systems are hosted behind a set of redundant IPS/IDS systems that are monitored 24x7x365 and (Web Application) WAF firewalls, which are specifically designed to handle up to a gigabyte of service attacks. We continually scan all builds with Veracode both statically and dynamically for vulnerabilities. All systems run current antivirus with IPS, which are continually updated. This is part of our System Security Plan that is annually audited for NIST 800-53 Rev 4 compliance.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We monitor for key performance metrics to ensure an optimal user experience and detects hardware and resource needs, but not individual usage metrics. Much of this is logged in the audit logs if the client wanted to mine that information. All systems are monitored for key events with alerts setup to notify the hosting and support staff. Monitoring is used to detect any changes, availability, lack of resources, over use of resources, etc. with automated alerts sent to the hosting department to ensure optimal end user experience. Access only for Hosting.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have a fully documented Incident Response Policy that is annually trained against and exercised. This is covered in the FM:Systems ‘System Security Plan’ that is annually audited for NIST 800-53 Rev 4 low impact compliance.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Pricing

• Price: £1,000 a licence
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF