GoReport

GoReport

GoReport is a cloud-based, electronic data capture and reporting software application used by surveyors, property investors, owners, operators and consultants in public and private sectors.
GoReport comprises of two main components: Mobile data collection and a web-based portal with real-time desk top publishing and reporting engine.

Features

  • SmartReports Library of survey templates
  • Electronic data capture (paperless system)
  • Streamlined reports
  • Consolidated exports
  • Custom template creation
  • Condition Reports, PPM, Schedule of Condition, Snagging,
  • Dictation - Built in voice to text transcription
  • Easily Edit, annotate and organise photos
  • Diverse survey ranges for Housing, Project Management, Fire Safety
  • Education, Government, Historic Buildings, Health & Safety, Compliance

Benefits

  • Unlimited report generation, anytime, anywhere
  • Designed and updated by industry experts
  • SmartPins -link information specific locations on images & plans
  • Integrates to Microsoft Word and Excel
  • Professional Services team
  • Customised phrases, text and handwriting recognition for rapid data entry
  • Pre-load standard response, eliminating error in reports
  • Cyber Essentials Certified, committed to guarding customers against cyber-attacks

Pricing

£1495 per licence per year

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

8 9 6 3 2 1 4 5 8 2 2 5 3 1 5

Contact

GoReport

Marian Connolly

+442896910018

marian.connolly@goreport.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
No constraints
System requirements
IOS device for application download

User support

Email or online ticketing support
Email or online ticketing
Support response times
24 hour response, weekends 72 hrs.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Urgent calls:
Application issue affecting all users:
- Escalation: Immediately to engineers, Notification issued to management immediately and the CSC informed. Customer contacted within 4-24hrs
-No additional Cost

High calls:
Bugs and Glitches
- Response within 8hrs
- Escalation: Ticket raised and the CSM is notified. This ticket is placed as high priority with Technical Support Engineers and aimed to be resolved within 24hrs.
-No additional Cost

Normal calls:
A section of the template is not working correctly:
-Ticket raised to Technical Support Engineers, it will be added to workload and targeted for completion within 48hrs.
-No additional Cost

Low calls:
Support using the application or password resets etc:
- Response immediately via phone, within 24 hours via email.
- Escalation: If the customer has not had a response within the 24 hour period.
-No additional Cost

Request for Change:
Request for a change to the template:
-Acknowledged within 24hrs, complete within 7 days, dependent on priority. Cost is determined based on the change in scope and time to complete. The customer is advised of costs in advance and signs off on them.

Each customer will be assigned a CSC Customer Success Consultant, who will be dedicated to their support.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Webinar training, onsite training and recorded training material are available to customers.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Users are always advised to keep copies of the reports and to back them up before cancelling as these will then be archived afterwards. A customer who has cancelled can request a document which was uploaded by them to the web portal however there may be a fee for this.
End-of-contract process
Customers are a non-auto renewal contract. Coming up to the end of their contract their sales consultant will reach out to discuss renewal and services available.

If the customer chooses not to renew a new contract will be issued.

If they choose not to renew and to cancel, the sales consultant will notify the finance team and the support team who will contact to finalize any outstanding balances and deactivate the account on the final day of the contract.

We do not charge a cancellation fee.

Using the service

Web browser interface
Yes
Supported browsers
Chrome
Application to install
Yes
Compatible operating systems
IOS
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
On-site data capture is performed by our iOS application. Our web portal which is used for data review and publishing is designed to work equally well on mobile and desktop devices.
Service interface
No
API
No
Customisation available
Yes
Description of customisation
Branding
Phrases
Picklists

Customised reports are written from the ground-up

Scaling

Independence of resources
All our web based services are hosted within a load balanced environment. As more users access the system additional servers are automatically started as required.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
User can publish completed reports using PDF. They can export their data as JPG, WAV, MP3, XLXS, CSV.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
The availability percentage of the Hosted Service other than for Planned Downtime, Unplanned Downtime outside of our control, and Planned Maintenance, shall be 99% availability during Peak Time; and 95% availability for all other periods.

We may use up to five (5) hours in any week, outside of Peak Times, for Planned Maintenance.
Approach to resilience
Our cloud based solution is built to constantly monitor our server based resources for their health status. If a server is considered unhealthy is it removed for the available pool and automatically replaced with a new healthy server.

Additional information is available on request.
Outage reporting
Our staff are altered to any issues our outages within our systems. When an assessment of the severity and likely downtime has been established customers will be informed via email alert.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
All management and backend services are completely restricted allowing access only VPN or approved IP Address.
Access restriction testing frequency
Never
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Cyber Essentials
Information security policies and processes
Compliance to the following Security Policies is enforced through internal process improvement processes and by external certification audits:
ISP 02 Risk Management and Assessment
ISP 03 Access Control and Account Management
ISP 04 Security Incident Management
ISP 05 Asset Management and Information Classification
ISP 06 Acceptable Use
ISP 07 System Security and Network Access
ISP 08 Business Continuity Plan
ISP 10 Security Patching
ISP 11 Information Media Mobility, Storage and Disposal
ISP 12 Physical Security and Access
ISP 13 Systems Usage Logging and Audit
ISP14 Staff recruitment, changes and leaving

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
GoReport follow a defined change management approach which allows easy management and visibility of all changes throughout the lifecycle of the software. Mature and defined processes are compiled as part of an integrated management system for assessment and certification to
ISO9001:2015 and ISO27001:2013 during 2019. Change is defined as part of process A.12 (Operations Management).
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
GoReport operates a comprehensive vulnerability management approach to ensure effective, secure and stable operation. Patching is a key area of this lifecycle and is managed through the process and technical measures. Patching within server environments takes place automatically with all patches run through non-production before deployment.

GoReport updates libraries during builds and also undertake independent security and penetration testing.

Vulnerability management is dealt with in a number of different processes including A.12 (Operations Management) and within the organisation's comprehensive risk management processes.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
GoReport uses a number of different systems for monitoring applications and systems. As a user of AWS, many of these features are easily integrated and permit strong, secure and stable measures to be implemented simply. These measures include monitoring of applications and systems with:

* CloudWatch
* GuardDuty
* AWS Config

These measures are defined as part of ISP9 - Monitoring and evaluation.
Incident management type
Supplier-defined controls
Incident management approach
In order to manage incidents effectively, a defined process has been introduced which has been compiled as part of an integrated management system for assessment and certification to ISO9001:2015 and ISO27001:2013 during 2019.

All incidents are logged within a ticket management system to provide clarity about resolution times, especially where SLA is concerned. All incidents logged feature a clear process for assessment of root cause, impact(especially on CIA factors) and learnings to prevent the incident from recurring. This is managed as part of process A.16 - incident management.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£1495 per licence per year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
We offer a two week trial period. All trials must be approved by GoReport.

Service documents

Return to top ↑