BIMSENSE LIMITED

Operance O&M Coordination and BIM Building Management

Operance is an all-in-one web/app-based platform for coordinating and managing building information and facilities.

*Coordination: Define, coordinate, validate and handover standardised building data with automated workflows providing a 'golden-thread' of full lifecycle information.

*Management: Search, share, update, utilise data to operate and maintain facilities, replacing overly-complicated/expensive O&M, BIM, CAFM solutions.

Features

  • Digital Operations and Maintenance (O&M) lifecycle information coordination, handover, management.
  • Simple lifecycle BIM and COBie data coordination and management.
  • Simple planned, preventative and reactive facilities maintenance and management.
  • In-built suppychain management database providing dynamic O&M performance reports.
  • Default integration of newly created 'golden-thread' development handover data standards.
  • Secure cloud storage and remote information access, anytime, anywhere.
  • Smart project, manual, building component, asset and documentation search features.
  • Dynamic and machine learning O&M coordination and asset management insights.
  • Artificially Inllelligent (AI) legacy asset detection and NBS Uniclass classification.
  • Customisable workflow, document control management and audit trail solution.

Benefits

  • Safer buildings through greater information ownership, accountability, accessibility.
  • Improved O&M coordination efficiencies through automated and standardised processes.
  • Acheive greater value from BIM by utilising simplified handover data.
  • Reduce lifecycle costs with acccesible, structured, better quality maintenance informaiton.
  • Single source of truth for O&M, BIM and asset information.
  • Replaces overly-complicated, expensive and seperate O&M, BIM, CAFM solutions.
  • Integrated operator/tennant defect reporting deflects calls from call centres.
  • Maintain BIM/COBie data without needing 3D viewers or BIM knowledge.
  • Unlimited users search, share, update, utilise better quality building information.
  • All your lifecycle information in your pocket, accessible anytime, anywhere.

Pricing

£1,000 to £50,000 a licence a year

Service documents

Framework

G-Cloud 12

Service ID

9 7 5 4 1 5 9 2 4 8 5 3 6 9 9

Contact

BIMSENSE LIMITED Scott Pilgrim
Telephone: 07939808441
Email: scott.pilgrim@bimsense.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
N/A
System requirements
  • Project-by-project or multi-project license fees.
  • Android or iOS for native apps (web interface available).

User support

Email or online ticketing support
Email or online ticketing
Support response times
Email and online ticketing support with 24-hour response guarantee.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), 7 days a week
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
The web chat functionality is provided by a third-party provider which guarantees WCAG 2.1 AA compliance hence no internal testing is required.
Onsite support
Yes, at extra cost
Support levels
All remote service support levels included within the license fee and include under 24 hour response time for online inquiries. Site-based training and/or technical support charged at £500/day plus travel expenses (maximum 10 users per seminar).
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We offer a series of onboarding options including;
* Video conference training.
* Onsite 1:1 or group training.
* Online chatbot support.
* PDF user documentation.
* On-line 'knowledge-base' including documentation and FAQs.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Operance provides a data export providing data from the system in a collaborative format such as IFC or CVS as required.

Operance manages the organisation's complete document policy, information and all relevant actions and asset details internally. Users can download all relevant documents (in any standard format) and either archive or retain these for their own use at any time during or following the completion of the service period. Where a client requires assistance in doing this we will provide all necessary support.

In respect of BIM-related information, Operance provides the following:
* BIM Models in IFC format.
* Asset registers in Excel, CSV, IFC formats.
* Documents in their native file format.
* COBie data in a compliant Excel format.

GDPR: Data will be kept on the system for a further 2 years in line with our data retention policy. After this period all data will be irrecoverably removed. In line with GDPR requirements, users can also request a copy of all of their personal data or removal of that data at any time by emailing data-requests@operance.app.
End-of-contract process
Prior to the end of the contract (usually 2-months beforehand), the account holder is contacted to make them aware that their license is up for renewal. Should the account holder confirm they no longer wish to renew, we will offer to provide their data back to them in any number of formats. When a termination date has been agreed, and end of contract process that agrees responsibilities for both parties will exchanged and actioned.

Upon termination of the Software-as-a-Service subscription, the following option is available for archiving of data (subject to contract and/or additional fees):
* All model files, documents and schedules of asset data can be exported from and provided to the Customer via an external hard drive compatible with Windows or OSX operating systems with the hard drive encrypted as an option.

Data will be kept on the system for a further 2 years in line with our data retention policy. After this period all data will be irrecoverably removed. In line with GDPR requirements, users can also request a copy of all of their personal data or removal of that data at any time by emailing data-requests@operance.app.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Operance provides users with both desktop and app-based access to their digital building information;

* Our Operance 'O&M Coordination' module is a web-app based solution.
* Our Operance 'O&M Management' module is a mobile application enabling building owners/operatives/tenants to access and update building information whilst on the move.
Service interface
Yes
Description of service interface
Our service interface has been professionally designed to meet WCAG 2.1 AA standards using the UK Government's own Design System as our primary user interface (UI) design guideline.

The service is both web-app and native app based with various simply designed, easy-to-use and user-friendly interfaces to access, store, process, track and download information.
Accessibility standards
WCAG 2.1 A
Accessibility testing
Based at the Centre for Digital Innovation (C4DI), we have unique access to some of the UK's most innovative software, UX and UI talents that are constantly testing our software and pushing to advance our interfaces through the various accessibility levels.
API
Yes
What users can and can't do using the API
Users that require an API key can obtain one by request from our dedicated email apikeys@operance.app. SDKs are available to plug into your own software for languages such as PHP, Ruby, NodeJS, and Java. Through the API, users are able to manage all of their data including queries, updates, and searches. Users are not able to alter the structure or integrity of our platform.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Whilst Operance is designed to help Buyers standardise their building information to ensure uniformity across how O&M information is requested, coordinated and presented, Operance is also fully customisable to meet the Buyers requirements of individual projects. such as the ability to customise the following:

* Choose your development handover data standards.
* Edit your digital O&M coordination workflow.
* Choose your COBie asset register data schema verification rules.
* Choose to automate BIM model classification to NBS Uniclass standards.
* Export formats for models and schedules of data.
* Use and/or edit default or create new O&M manual templates.
* Light and dark mode preferences; enabling users in dark environments, such as plant rooms to ease stress placed on the eye by brighter screens.
* Flexibility to change between metric systems.
* Ability to administer levels of access and ability to edit data between organisational users and suppliers.
* Ability to show as much or as little building information as required, such as only wishing to see maintainable assets only.

Scaling

Independence of resources
The service is designed to automatically horizontally scale in times of high usage and scale back down outside of peak times. The load is balanced between multiple service instances, utilising modern high-speed databases to guarantee sub-second response times regardless of load. We proactively increase performance capabilities ahead of growing demand to eliminate bottlenecks with active monitoring in place on all of our services alerting to slowdown in performance so we can rectify quickly.
Enterprise customers are handled by separate infrastructure back-end with independent priority queues. We are also able to provide private cloud and on-premise installations should the projects require.

Analytics

Service usage metrics
Yes
Metrics types
* Storage metrics including amount of data uploaded and allocation consumed.
* Amount of projects and issues generated.
* Separation of projects and issues on a per-role basis.
* Server uptime performance.
* User sessions including page visits.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Operance users can export via the following means:
* Export the asset register to Excel/CSV
* Export IFC/IFC.zip models with or without asset data pushed into the model.
* Export all other documents in their native format.
Data export formats
  • CSV
  • Other
Other data export formats
  • Microsoft Excel (.xlsx)
  • Construction Operations Building Information Exchange (COBie)
  • Industry Foundation Classes (.ifc) and ifcZIP
  • Autodesk Revit (.rvt)
  • Building Collaboration Format (.bcf)
  • JavaScript Object Notation (JSON)
Data import formats
  • CSV
  • Other
Other data import formats
  • Industry Foundation Classes (.ifc) and ifcZIP
  • Building Collaboration Format (.bcf)
  • Autodesk Revit (.rvt)
  • Microsoft Excel (.xlsx)
  • Microsoft Word (.docx)
  • PDF
  • Construction Operations Building Information Exchange (COBie)

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
We commit to a High Availability Level (99%) at all times, with no scheduled or unplanned outages between 6:00 am to 6:00 pm GMT from Monday through to Friday. Our commitment is with our users in mind in order to eliminate any interference to their work. However, should an incident occur that we must urgently attend to in order to secure the integrity of our user's data, we will provide a planned outage announcement in advance and provide status updates until full service has resumed. Maintenance is almost always carried out non-disruptively and will take place during the quietest periods to minimise any potential impact.
Approach to resilience
Services are built upon scalable architecture with health checks which terminate any unhealthy node and replaces them with a fresh, healthy node should any of our service quality checks begin to fail. Database replication is utilised to ensure the back-end services are also resilient to failure.

All data is held within a recognised, industry leading datacentre supported by robust Disaster Recovery solutions and is also replicated off-site in real-time. It has a transactional backup every 5 minutes and has a full backup every 24 hours.
Outage reporting
Our technical support team will notify users of planned outages and unexpected outages via our interface notification centre as well as by email. There is also a service status dashboard and API that users can check any time or during an incident for ongoing updates.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Users are properly authenticated before being allowed to perform management activities (user accounts and consumer data), report faults or request changes to the service through the platform and telephone support or email ensuring all management requests which could have a security impact are performed over secure and authenticated channels ensuring users are strongly authenticated.
Multi-Factor Authentication (MFA) is required for accounts with administrator-level access, users cannot access a project without being a member of it; an audited administrative function so we know which staff had access to which projects, with all changes (user made) to the project audited.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Our Amazon Web Services (AWS) hosting meets all listed requirements.

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
We take the security of our users information seriously and have implemented or are currently in the process of developing the following policies: 1. Acceptable Use Policy (AUP) 2. Access Control Policy (ACP) 3. Change Management Policy 4. Information Security Policy 5. Incident Response (IR) Policy 6. Remote Access Policy 7. Email/Communication Policy 8. Disaster Recovery Policy 9. Business Continuity Plan (BCP) We would be happy to provide a copy of these upon request.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Agile two-week sprints prioritise changes with technical specifications signed off by our CEO, then code reviewed with potential risks mitigated.

Our configuration management process: 1. Identification of configurable items (network, servers) 2. Labelling of configurable items (unique labels, version numbers) 3. Protection of configurable items (storage, protection from unauthorised access/changes) 4. Keeping of baseline (release records) 5. Configuration Verification/Audit 6. Defining Responsibilities (auditing, reporting, change approval).

Our change management process: 1. Identification of needed change (why/where/how) 2. Determining the impact of the change 3. Change request 4. Change strategy (aligned with configuration management) 5. Execution of change (implementation, post-implementaiton state)
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
1. Identification: a. scan by pinging/sending TCP/UDP packets. b. identify open ports/services running on scanned systems. c. correlate system information with known vulnerabilities.
2. Prioritisation: a. true or false positive? b. could someone directly exploit from the Internet? c. how difficult to exploit? d. is there published exploit code for this vulnerability? e. what is the business impact? f. any other security controls in place that reduce likelihood? g. how old is the vulnerability?
3. Remediation a. patches: fully fixing/patching and releasing as required. b. mitigation: lessening the likelihood and/or impact. c. reporting: regular remediation efficiency assessments.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
BORDERPOINT deployment in addition to end-point protection on all servers and end-points (APPGUARD) compliment our 'Triple A' approach to Protective Monitoring:
1. Audit: regular and effective identification of suspicious activity (end-point real-time monitoring, security log analysis, customer access to analysed data).
2. Analyse: effective identification of potential compromises or inappropriate use (regular reporting, real-time vulnerability analysis).
3. Action: prompt and appropriate response to eradicate and alleviate (end-point and server protect blocking).
Incident management type
Supplier-defined controls
Incident management approach
We use the same process as deployed for all clients with our Incident Management policy and strategy aligning with ISO 27001:2013 whilst utilising our inhouse analysts to respond to any internal incidents. Users can report incidents using any of our support channels (email, chat, ticket, phone) depending upon severity. Incident reports are provided via tickets if submitted and/or via the web-based service status dashboard.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£1,000 to £50,000 a licence a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Free 30-day trial for any individual project including any format upload (BIM model (.ifc), COBie etc) with unlimited space and up to 2 users.
Link to free trial
https://operance.app/

Service documents