GoReport is a cloud-based, electronic data capture and reporting software application used by surveyors, property investors, owners, operators and consultants in public and private sectors.
GoReport comprises of two main components: Mobile data collection and a web-based portal with real-time desk top publishing and reporting engine.
- SmartReports Library of survey templates
- Electronic data capture (paperless system)
- Streamlined reports
- Consolidated exports
- Custom template creation
- Condition Reports, PPM, Schedule of Condition, Snagging,
- Dictation - Built in voice to text transcription
- Easily Edit, annotate and organise photos
- Diverse survey ranges for Housing, Project Management, Fire Safety
- Education, Government, Historic Buildings, Health & Safety, Compliance
- Unlimited report generation, anytime, anywhere
- Designed and updated by industry experts
- SmartPins -link information specific locations on images & plans
- Integrates to Microsoft Word and Excel
- Professional Services team
- Customised phrases, text and handwriting recognition for rapid data entry
- Pre-load standard response, eliminating error in reports
- Cyber Essentials Certified, committed to guarding customers against cyber-attacks
£1495 per licence per year
- Education pricing available
- Free trial available
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Service constraints||No constraints|
|System requirements||IOS device for application download|
|Email or online ticketing support||Email or online ticketing|
|Support response times||24 hour response, weekends 72 hrs.|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Application issue affecting all users:
- Escalation: Immediately to engineers, Notification issued to management immediately and the CSC informed. Customer contacted within 4-24hrs
-No additional Cost
Bugs and Glitches
- Response within 8hrs
- Escalation: Ticket raised and the CSM is notified. This ticket is placed as high priority with Technical Support Engineers and aimed to be resolved within 24hrs.
-No additional Cost
A section of the template is not working correctly:
-Ticket raised to Technical Support Engineers, it will be added to workload and targeted for completion within 48hrs.
-No additional Cost
Support using the application or password resets etc:
- Response immediately via phone, within 24 hours via email.
- Escalation: If the customer has not had a response within the 24 hour period.
-No additional Cost
Request for Change:
Request for a change to the template:
-Acknowledged within 24hrs, complete within 7 days, dependent on priority. Cost is determined based on the change in scope and time to complete. The customer is advised of costs in advance and signs off on them.
Each customer will be assigned a CSC Customer Success Consultant, who will be dedicated to their support.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Webinar training, onsite training and recorded training material are available to customers.|
|End-of-contract data extraction||Users are always advised to keep copies of the reports and to back them up before cancelling as these will then be archived afterwards. A customer who has cancelled can request a document which was uploaded by them to the web portal however there may be a fee for this.|
Customers are a non-auto renewal contract. Coming up to the end of their contract their sales consultant will reach out to discuss renewal and services available.
If the customer chooses not to renew a new contract will be issued.
If they choose not to renew and to cancel, the sales consultant will notify the finance team and the support team who will contact to finalize any outstanding balances and deactivate the account on the final day of the contract.
We do not charge a cancellation fee.
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||IOS|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||On-site data capture is performed by our iOS application. Our web portal which is used for data review and publishing is designed to work equally well on mobile and desktop devices.|
|Description of customisation||
Customised reports are written from the ground-up
|Independence of resources||All our web based services are hosted within a load balanced environment. As more users access the system additional servers are automatically started as required.|
|Service usage metrics||No|
|Supplier type||Not a reseller|
|Staff security clearance||Staff screening not performed|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Physical access control, complying with another standard|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||User can publish completed reports using PDF. They can export their data as JPG, WAV, MP3, XLXS, CSV.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
The availability percentage of the Hosted Service other than for Planned Downtime, Unplanned Downtime outside of our control, and Planned Maintenance, shall be 99% availability during Peak Time; and 95% availability for all other periods.
We may use up to five (5) hours in any week, outside of Peak Times, for Planned Maintenance.
|Approach to resilience||
Our cloud based solution is built to constantly monitor our server based resources for their health status. If a server is considered unhealthy is it removed for the available pool and automatically replaced with a new healthy server.
Additional information is available on request.
|Outage reporting||Our staff are altered to any issues our outages within our systems. When an assessment of the severity and likely downtime has been established customers will be informed via email alert.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||All management and backend services are completely restricted allowing access only VPN or approved IP Address.|
|Access restriction testing frequency||Never|
|Management access authentication||
Audit information for users
|Access to user activity audit information||No audit information available|
|Access to supplier activity audit information||No audit information available|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||Cyber Essentials|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||Cyber Essentials|
|Information security policies and processes||
Compliance to the following Security Policies is enforced through internal process improvement processes and by external certification audits:
ISP 02 Risk Management and Assessment
ISP 03 Access Control and Account Management
ISP 04 Security Incident Management
ISP 05 Asset Management and Information Classification
ISP 06 Acceptable Use
ISP 07 System Security and Network Access
ISP 08 Business Continuity Plan
ISP 10 Security Patching
ISP 11 Information Media Mobility, Storage and Disposal
ISP 12 Physical Security and Access
ISP 13 Systems Usage Logging and Audit
ISP14 Staff recruitment, changes and leaving
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
GoReport follow a defined change management approach which allows easy management and visibility of all changes throughout the lifecycle of the software. Mature and defined processes are compiled as part of an integrated management system for assessment and certification to
ISO9001:2015 and ISO27001:2013 during 2019. Change is defined as part of process A.12 (Operations Management).
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
GoReport operates a comprehensive vulnerability management approach to ensure effective, secure and stable operation. Patching is a key area of this lifecycle and is managed through the process and technical measures. Patching within server environments takes place automatically with all patches run through non-production before deployment.
GoReport updates libraries during builds and also undertake independent security and penetration testing.
Vulnerability management is dealt with in a number of different processes including A.12 (Operations Management) and within the organisation's comprehensive risk management processes.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
GoReport uses a number of different systems for monitoring applications and systems. As a user of AWS, many of these features are easily integrated and permit strong, secure and stable measures to be implemented simply. These measures include monitoring of applications and systems with:
* AWS Config
These measures are defined as part of ISP9 - Monitoring and evaluation.
|Incident management type||Supplier-defined controls|
|Incident management approach||
In order to manage incidents effectively, a defined process has been introduced which has been compiled as part of an integrated management system for assessment and certification to ISO9001:2015 and ISO27001:2013 during 2019.
All incidents are logged within a ticket management system to provide clarity about resolution times, especially where SLA is concerned. All incidents logged feature a clear process for assessment of root cause, impact(especially on CIA factors) and learnings to prevent the incident from recurring. This is managed as part of process A.16 - incident management.
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£1495 per licence per year|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||We offer a two week trial period. All trials must be approved by GoReport.|