Invigilatis

Seeker Software Services

STANDALONE/INTEGRATED SOLUTIONS components include: PROPERTY, (terrier, maps, floorplans/CAD links, BIM links via CoBiE, lease admin; asbestos register, legionella, utilities/energy management, utilisation/condition surveys). COMPLIANCE, (inspections, risk assessments, condition audits, MySafety). ESTATES AND ASSET MANAGEMENT (CAFM/ISO55001) with planned maintenance, life-cycle planning, contractor management/badging. BOOKINGS (clinical/meeting/parking). DASHBOARDS, (Real time reporting/BI/KPI).

Features

  • Fully Integrated Enterprise application
  • Extensive and flexible user configuration via access permissions
  • Portal access for staff, supervisors and contractors
  • Browser and mobile access with IoS and Android Apps
  • BI using the latest versions of MSSQL and Power BI
  • Real time and graphical reporting with Excel export
  • Operational dashboards, multi-level management reporting and workforce management
  • Customisable workflows, alerts and benchmarking KPIs
  • Map and floorplan interfaces – browser-based viewing
  • Standards-based (ISO 55001, ISO 19650 and GS1 compliant

Benefits

  • Improved operational performance: improved dataflows/real-time information
  • Minimised costs, efficient planning and accelerated statutory reporting (ERIC /PAM)
  • Enhanced management of portfolios with streamlined operations and greater transparency
  • Maximised levels of space utilisation and better booking controls
  • Improved working practices, productivity and safety; increased operational visibility
  • Benchmarking: both internal and external comparators
  • Extended life-cycles: comprehensive asset management
  • Culture change: enabling a shift from reactive to proactive management
  • Increased levels of compliance and reduced risks: well controlled assessments
  • Environmental and sustainability gains, reduce paper, minimise travel, carbon savings

Pricing

£17.50 to £102.50 a person a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ray.milton@invigilatis.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

9 3 5 1 3 3 4 2 1 7 3 8 5 2 7

Contact

Invigilatis ray milton
Telephone: 01223 420048
Email: ray.milton@invigilatis.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
No major constraints, but we reserve the ability to minimally restrict service (at times and days of low usage) for O/S, version and Service pack upgrades (planned maintenance)
System requirements
  • Live Internet connection
  • Browser based (e.g. IE9+/Edge, Chrome, Opera, Firefox, Safari)
  • BI based on MS SQL
  • No third party licences required

User support

Email or online ticketing support
Email or online ticketing
Support response times
The service support desk will answer questions during normal office hours (9-5, Mon-Fri). Typically, responses are same day.

Users can manage the status of tickets via the on-line web 24/7 support site.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We operate with one support level - all customers are treated equally within the same operating standards. (The standard support service operates with a variety of reportable severity statuses).

All support is provided within the service charges, with the exception of on-site support - for which we will levy a site attendance charge at our normal daily rates.

A technical account manager is identified and provided as standard at no extra cost. For account management purposes, and general strategic support, we undertake to make four visits per annum.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Invigilatis provides a flexible regime for training - this is typically done on-site (or at our offices, if requested) on the basis of 'train the trainer', i.e. we train the core staff and 'champions'. Extra courses for end users can also be accommodated at extra charge (at the standard Daily Rate).
The Seeker system is comprehensively documented with a guide for core staff - this can be used as a source for end user crib notes/FAQs/'how to's'.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
MS Word
End-of-contract data extraction
Please note that Seeker uses MS SQL Server as the database environment.

Invigilatis as part of its contractual exit strategy undertakes to provide a database backup in the MS SQL recognised format (Currently we employ SQL Server 2014).
End-of-contract process
If the system is hosted externally then Invigilatis as part of its contractual exit strategy undertakes to provide a database backup to the customer in the MS SQL recognised format within two weeks of the termination date. (Currently SQL Server 2014). On exit the access to the customer database is immediately limited to system administrator server rights only - the database ceases to be in an operational state. The customer's database and server on our hosted server is destroyed within 3 to 4 weeks of contract termination (the 'stand by period' is the first two weeks) unless other wise requested.
If the customer requires additional data access after termination (but not for operational or data maintenance use, i.e. purely for data extraction purposes) then this is possible at extra cost (at the prevailing normal service cost) and notification of this requirement must be logged with Invigilatis within the two week standby period. If assistance is required from Invigilatis' staff then this will be charged at the prevailing daily rate.
If the system is installed on an internal server then the customer will undertake to remove the programs within the standby period.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The desktop service is comprehensive - certain operational services for special purposes are available via the Seeker Mobile App (e.g. tradespersons operation for job operations, safety assessments, inspections, etc.)
Service interface
No
API
No
Customisation available
Yes
Description of customisation
Customisation is possible for :
1) System user roles (who can do what in the system, via menu and module permissions) - by local administration of user classes
2) System user view (what data levels a user can see, via access security permissions) - by local administration
3) Customisation is possible by local system administrators using non-technical configuration controls (self-service)
4) Module and function deployment is customisable by user access permissions - by local administration of user classes
5) In addition to local administration, the system is customisable (e.g. suppression of fields and functions from a common set of provision) during initial setup by Invigilatis employing a user specification.

Scaling

Independence of resources
Neither IIS nor MS SQL Server do not have a maximum number of users. Capacity is limited only by hardware resources, currently the maximum number of requests we will currently allow is as follows

.Net running on IIS set at its default of 5000 requests + 5000 queued per processor core. We have two processors with 4 cores each which means we currently have the server set to allow 80,000 concurrent requests.
The only other restriction is bandwidth which is 2 Terrabytes. This is an extremely high bandwidth and it is highly unlikely that it will ever be fully utilised.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Other
Other data at rest protection approach
Data is stored in a secure data centre, with access control, physical security, locked cabinet and 24 hour CCTV. Physical security with secure data centre buildings and environment. Infeasibility of unauthorised access to databases, as access is by secure logon procedures.
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Export tools within the application can be employed. 'Export to Excel' is typically provided within the application attached to the most critical data points (such as the job handling list).
With an externally hosted system,in addition Invigilatis can provide dedicated data export formats as part of the customisation/setup process (this service is charged at the prevailing daily rate.
On an internally hosted service the customer can additionally employ database management tools that can be linked to its MS SQL environment.
Data export formats
  • CSV
  • Other
Other data export formats
MS Excel
Data import formats
  • CSV
  • Other
Other data import formats
MS Excel

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
We guarantee 99.99% availability of service, excluding any time allocated for pre-arranged maintenance work (i.e. O/S updates, service packs etc.) Details of our SLA and credits are described in our service definition and Terms & Conditions documents
Approach to resilience
Our hosted sub-contractor has ISO 27001 accreditation and has a disaster recovery policy in place. The content/clauses/procedures are confidential but can be discussed if required.
Outage reporting
Outages are alerted via e-mails. Further details can be obtained via our 24/7 web support site. Outages are fully investigated, reviewed and the lessons learned applied for further resilience.

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
User access to the software is by user name and password operating in conjunction with access security permissions that can be varied in the software by the system administrator. This set of control determines access to modules and functions and whether update to data is allowed.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Lloyds Register
ISO/IEC 27001 accreditation date
24/6/2019
What the ISO/IEC 27001 doesn’t cover
N/a
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • ISO 14001
  • ICO ref cert ZA215907

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
With regard to an externally hosted system, our sub-contractor is accredited to ISO 27001, 14001 and 9001. With regard to software management/development, Invigilatis is currently undertaking a process of working towards ISO 9001 accreditation - this is aimed at a successful result during the winter of 2020. Invigilatis operates with a QA system embedded into our Company Handbook that covers strategy, policy, legislative responses Risk Assessments and disaster recovery policies. The CEO is the authorised contact for all security matters, whether in elation to internal staff or to our hosting sub-contractor. In turn the CEO reports to the Board of the company. Security policies are in place for internal matters and these are reviewed constantly in the case of material change, and formally by board review and adoption on an annual basis. Management undertakes an assessment on a quarterly basis. With regard to our hosting sub-contractor we monitor for accreditation certification and include periodic visits and checks by our staff.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The software is developed solely by our staff. Development changes are in response to issues identified or by strategic development. Any change to software is subject to internal testing and management approval prior to release. Testing is covered by employing typical customer scenarios and context.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Penetration testing is done on a periodic basis by CREST/Check accredited independent consultants. This is done at least once per year. Reports are transmitted to the company board for action approval. Software patches deployment is in response to severity status. With high severity issues the company undertakes to deploy company resources on an immediate basis.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
A support log is maintained for the service. Issues raised are assessed for severity and examined in relation to and with a separate regime of penetration testing. Any issues identified is reported to the company board with an assessment of severity and risk, and a recommendation for action. It is company policy under our QA controls that any security/IT incident is reported immediately to the appointed contact (The CEO). In this way the incident is monitored and tracked for suitable remediation
Incident management type
Supplier-defined controls
Incident management approach
A support log is maintained for the service (and for each customer). Issues raised are assessed for severity and examined in relation to and with a separate regime of penetration testing. Any issues identified is reported to the company board with an assessment of severity and risk, and a recommendation for action. It is company policy under our QA controls that any security/IT incident is reported immediately to the appointed contact (The CEO). In this way the incident is monitored and tracked for suitable remediation. The company undertakes to notify the customer of incidents and their severity

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
Yes
Connected networks
Health and Social Care Network (HSCN)

Pricing

Price
£17.50 to £102.50 a person a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ray.milton@invigilatis.com. Tell them what format you need. It will help if you say what assistive technology you use.