Bentley Systems (UK) Limited


SYNCHRO Control is a project management solution built with custom-fitted workflows, dashboards, and the flexibility to connect external data sources, like Bentley's ProjectWise and Microsoft SharePoint.


  • Construction project management
  • Dashboards, reports, and issue lists
  • Access from anywhere, anytime


  • Aggregate all project information in one project hub
  • Configure and manage all inspection forms
  • Define and manage model background for model-context
  • Track all issues in a set of dynamic project dashboards
  • Access project documentation from Bentley's ProjectWise


£894.00 a user a year

Service documents


G-Cloud 12

Service ID

9 6 7 6 3 2 6 5 0 6 3 0 0 9 1


Bentley Systems (UK) Limited Simon Horsley
Telephone: +447899852176

Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
System requirements
All requirements covered with the offered service

User support

Email or online ticketing support
Email or online ticketing
Support response times
The SLA is within 24 hours on business days. Weekends are not included.
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Web chat support
Onsite support
Yes, at extra cost
Support levels
Support sent to one repository, support escalated through tiers.
Support available to third parties

Onboarding and offboarding

Getting started
Access to Free SYNCHRO Academy online training is included, paid-training (either onsite or remote) is also available.
Service documentation
Documentation formats
End-of-contract data extraction
Documents can be downloaded in the same format they were originally uploaded, data can be extracted to a PDF file.
End-of-contract process
Documents can be downloaded in the same format they were originally uploaded, data can be extracted to a PDF file.

Using the service

Web browser interface
Application to install
Designed for use on mobile devices
Service interface
Customisation available


Independence of resources
Systems are logically separated in a virtual cloud environment. All systems are monitored in real-time for performance and availability.


Service usage metrics
Metrics types
Usage via Bentley licensing server can be self-reported. In addition, hosted systems will provide a quarterly feature usage report. Feature usage reports include up to 60 features based on usage of those features. A real-time dashboard for usage is provided while feature usage reports are emailed quarterly.
Reporting types
Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
The users export their data via dedicated functions.
Data export formats
Other data export formats
Native file formats
Data import formats
Other data import formats
  • Any document format can be uploaded
  • 3D models can be accessed from Bentley iModel Hub

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
No formal SLA
Approach to resilience
All services are deployed in a fully redundant configuration within fully redundant data centres meaning that any failure of equipment, service provider or software service will result in zero, or minimal, impact to the overall service.
Outage reporting
Planned and unplanned outage notification emails are sent to registered users for the affected systems.

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
User Name or Password
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Information Security policies are designed utilising ISO 27001, SSAE16, ITIL and CSA frameworks. Several SaaS offerings are ISO 27001 certified and others are SOC2 certified.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Configuration and change management follow the ITIL framework and policies and procedures are documented with various security standards. All SaaS offerings go through a cloud approval process and are scanned for vulnerabilities prior to production.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability management is conducted through various technologies internal and external to the Bentley network. Threats are identified using industry standard listings and patches/updates are applied at least monthly or as needed, based on criticality.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Active IDS is active on the network perimeter and on selected systems under the scope for ISO 27001 and SOC2 certifications. Compromises are analysed and put through the incident management process for investigation. The response time depends on the severity of the compromise.
Incident management type
Supplier-defined controls
Incident management approach
The Incident Management process covers all aspects of a potential incident from start to finish with defined procedures and colleague involvement. Common events are handled depending on severity, users have multiple methods of reporting and reports are provided as part of the incident management procedure.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£894.00 a user a year
Discount for educational organisations
Free trial available
Description of free trial
Any user can initiate a free trial project without entering any payment details. The project is live for 30 days and includes the system’s full functionality with no limitations. The trial project is accessible for 30 days, at which time it is deactivated without the user needing to deactivate it.
Link to free trial

Service documents