Built Intelligence Ltd

FastDraft Contract and Project Management System

FastDraft is our easy to use Construction Contract management platform (NEC3, NEC4, JCT, FIDIC), enabling project teams to consistently draft and manage contract notices, monitor project performance and outcomes; increasing your teams productivity and compliance.

Features

  • Simple, intuitive, out the box web based contract management tool
  • Covering change control, payments, defects, certificates, notices and general communications
  • Single communal platform for contract administration and project reporting
  • An audit trail for all contract communications
  • Consolidated contract management reporting which can be produced on demand
  • Integrated system containing your workflow, guidance, reporting and contract forms
  • Automated benchmarking of your performance against external KPIs
  • Support NEC3, NEC4, JCT, FIDIC contracts and bespoke forms/notices
  • Extensive library of documents, developed by industry practitioners
  • Roles and responsibilities controls to allow whole team to contribute

Benefits

  • Efficienct semi-automated system, reporting and completing contract management forms
  • Reinforce better practice, includes strict timetables and processes from NEC/JCT/FIDIC
  • Increased transparency as the project team quickly flag issues earlier
  • Improved management Information, consistent claims reporting, across your project portfolio
  • Provides single enterprise approach reducing the burden your project teams
  • Captures causes of claims and allows performance across the system
  • Reduced administration and reporting time and costs
  • Automatically flag tasks and warnings in line with appropriate timetables
  • Tailored solutions, with corporate logos, colour schemes and custom rules
  • 100% managed service, updates, backup and monitoring

Pricing

£5 to £45 per user per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11

763901065719738

Built Intelligence Ltd

Chris Corr

0117 214 0890

enquiries-gcloud@builtintelligence.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Hybrid cloud
Service constraints All non-critical software updates occur outside normal office hours, usually between 9pm and 12am, all users will be warned on login about any impending updates. Critical maintenance may happen during office hours but this will happen if there is a functional issue with the system to all users.
Online support is available via help pages, FAQ sections and training information.
System requirements
  • Internet Access (minimum 128kbps)
  • Internet Browser (Latest version Internet Explorer/Edge, Firefox, Safari, Chrome etc)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Support is email based and within UK office hours 8:30am to 5:30pm.

We aim to respond within 1 working hour.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Yes, at an extra cost
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.1 AA or EN 301 549
Web chat accessibility testing We have not currently carried out any testing of assistive technology solutions with our web chat system but are waiting for confirmation from our supplier that this has been carried out.
Onsite support Yes, at extra cost
Support levels We provide telephone and email support free of charge to all our customers, on-site support requirements are negotiated on a per customer basis and charged at our standard day rate.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide onsite training to key users and because of the intuitive nature of the software with regards the contract, its simple to pick up by anyone with even a beginners knowledge of NEC3 or contract management.
An ever growing FAQ section and online training portal, allows users to quickly answer any basic questions, more complicated ones can be submitted to the dedicated support team, whether that be software related or contract governance related.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction All individual reports and registers can be downloaded by users in Excel, CSV and PDF format at any point.

Upon request a full download of all communications can be sent to any superuser within 2 working days. A feature to do this by any superuser is currently under development.
End-of-contract process A full download of the contract communications, all registers and all reports can be provided within 2 working days upon request at no additional charge.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The system is responsive so all items are available on mobile and tablets, but for optimal user experience, its recommended to use on a desktop.
Accessibility standards None or don’t know
Description of accessibility Our development team are currently working on a WCAG 2.0 A compliant version to help make the software as accessible to as many users as possible.
Accessibility testing We have currently not done any interface testing with users of assistive technology.
API Yes
What users can and can't do using the API We provide WEBAPI 2.0 RESTful web services authenticated using OWIN Auth 2.0 authentication via secure HTTPS protocols hosted on the Microsoft Azure global cloud infrastructure. The API services allow any authenticated device (mobile, web, desktop etc.) to securely connect to the platform and interact with the platforms feature sets. The platform provides responses through JSON text ensuring minimal bandwidth usage, clear readability of the data transferred and greater support for connecting clients.
The platform utilizes the Microsoft Azure infrastructure to ensure security of the platform along with load balancing, autoscaling, backups, disaster recovery and automated management to provide a reliable, stable and high performing application.
By utilizing the rich feature sets of the cloud infrastructure we are able to gain detailed insight into the performance of the platform and ensure access to the application and its services continue uninterrupted.
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation For all clients, bespoke customisation and development is available to allow the system to specifically work in the way that they require. We can advise from an expertise point of view about whether any changes are in breach of the contract guidelines.
Superuser management is currently under development to allow users to manage their users and contract status, however all these items can currently be amended/rectified through our support system.

Scaling

Scaling
Independence of resources Using a hybrid cloud platform like Microsoft Azure, we're able to give individual contract environments their own processing power which are seemlessly increased to the requirements needed by their users.

Analytics

Analytics
Service usage metrics Yes
Metrics types There is a realtime dashboard of all the key usage metrics that can be tailored to the user level and requirements.

All registers can be downloaded in order for users to create their own reports.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach All reports, registers and communications can be downloaded from the software at any point.
Data export formats
  • CSV
  • Other
Other data export formats
  • XLS
  • XLSX
  • PDF
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats XLS

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability We contractually guarantee 99.5% availability apart from for scheduled maintenance downtime which are carried out outside normal working hours.

Any failures to meet this level of availability will result in service credits awarded to to the customer.
Approach to resilience Microsoft's Azure datacentres availability was engineered to meet the highest common denominator – mission critical support for intranet, extranet, and online services. Typical of the state of- the-art facility designs at the time, these facilities were fault tolerant, concurrently maintainable and populated with scale-up servers housing redundant power supplies and myriad hot-swappable components.
All data is colocated across centres throughout EEA.
Outage reporting We have a 3rd party monitoring service in place on top of the standard monitoring offered by our cloud hosting supplier. It provides a dashboard, API and alerts via SMS and email.

Clients will be made aware of any unplanned outages via email alerts, within one working hour (Mon-Fri, 9am to 5pm). Any planned maintenance will be alerted to users via their dashboard no later than 24 hours before the scheduled start.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels Access to management interfaces and support channels is made available to authorised internal personnel, authorised hosting provider support teams and authorised database administrators have access to any data.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards We take information security very seriously and understand how important it is to our clients. Our choice of infrastructure and software tools reflect this. We are accredited under the Cyber Essentials Scheme (http://www.cyberessentials.org).
Information security policies and processes We are implementing GDPR best practice and training staff to ensure compliance.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach As we seek ISO9001 Quality Management System Certification, all of our code and development is managed using a version control repository hosting service and changes are tracked via a ticketing system where we prioritise and manage tickets.

Any updates to the production environment are tested prior to deployment to live using a dedicated test environment.

All hosting environments include incremental backups which supports both short term and long term roll back of the code and database. Along with Microsoft Azure, we manage all infrastructure and Azure automatically deploy software updates and security patches in accordance with our defined release schedule.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Our penetration testing partner is CIS SecureSuite approved and provide services specialising in offering the strongest endpoint protection platform against hacking and industrial espionage.

We monitor all 3rd party vendors of each of the system components for the latest software updates and security patches.

Our cloud hosting provider Microsoft Azure, offers security monitoring of infrastructure and application behaviour as standard. All account credentials are managed via an encrypted system access to which is limited to the appropriate staff.
Protective monitoring type Supplier-defined controls
Protective monitoring approach On top of the standard monitoring services offered buy our cloud hosting provider we also include a 3rd party monitoring service which reports on system level issues and events.

We also employ a distributed network availability monitoring tool which providers alerts on the availability of the various services from multiple locations across the internet.
Incident management type Supplier-defined controls
Incident management approach Our procedures for Incident Management are aimed to be in line with QMS ISO 9001 as we seek certification.

Any incidents are first tracked by our ticketing system and then if required, escalated to our technical team. All progress and feedback is managed through our ticket system and followed up until the issue is confirmed resolved by the client.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £5 to £45 per user per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial We can offer a 'sandbox' version of the service containing dummy data should this be required for evaluation purposes. It will contain a single working instance of the system but won't include any customer data or bespoke functionality.

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑