BIMSENSE LIMITED

Operance O&M Coordination and BIM Building Management

Operance is an all-in-one web/app-based platform for coordinating and managing building information and facilities.

*Coordination: Define, coordinate, validate and handover standardised building data with automated workflows providing a 'golden-thread' of full lifecycle information.

*Management: Search, share, update, utilise data to operate and maintain facilities, replacing overly-complicated/expensive O&M, BIM, CAFM solutions.

Features

• Digital Operations and Maintenance (O&M) lifecycle information coordination, handover, management.
• Simple lifecycle BIM and COBie data coordination and management.
• Simple planned, preventative and reactive facilities maintenance and management.
• In-built suppychain management database providing dynamic O&M performance reports.
• Default integration of newly created 'golden-thread' development handover data standards.
• Secure cloud storage and remote information access, anytime, anywhere.
• Smart project, manual, building component, asset and documentation search features.
• Dynamic and machine learning O&M coordination and asset management insights.
• Artificially Inllelligent (AI) legacy asset detection and NBS Uniclass classification.
• Customisable workflow, document control management and audit trail solution.

Benefits

• Safer buildings through greater information ownership, accountability, accessibility.
• Improved O&M coordination efficiencies through automated and standardised processes.
• Acheive greater value from BIM by utilising simplified handover data.
• Reduce lifecycle costs with acccesible, structured, better quality maintenance informaiton.
• Single source of truth for O&M, BIM and asset information.
• Replaces overly-complicated, expensive and seperate O&M, BIM, CAFM solutions.
• Integrated operator/tennant defect reporting deflects calls from call centres.
• Maintain BIM/COBie data without needing 3D viewers or BIM knowledge.
• Unlimited users search, share, update, utilise better quality building information.
• All your lifecycle information in your pocket, accessible anytime, anywhere.

£1,000 to £50,000 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at scott@operance.app. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

975415924853699

Contact

Scott Pilgrim
07939808441
scott@operance.app

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: N/A
• System requirements:
  • Project-by-project or multi-project license fees.
  • Android or iOS for native apps (web interface available).

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email and online ticketing support with 24-hour response guarantee.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: The web chat functionality is provided by a third-party provider which guarantees WCAG 2.1 AA compliance hence no internal testing is required.
• Onsite support: Yes, at extra cost
• Support levels: All remote service support levels included within the license fee and include under 24 hour response time for online inquiries. Site-based training and/or technical support charged at £500/day plus travel expenses (maximum 10 users per seminar).
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We offer a series of onboarding options including; ; * Video conference training.; * Onsite 1:1 or group training. ; * Online chatbot support.; * PDF user documentation.; * On-line 'knowledge-base' including documentation and FAQs.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Operance provides a data export providing data from the system in a collaborative format such as IFC or CVS as required.; ; Operance manages the organisation's complete document policy, information and all relevant actions and asset details internally. Users can download all relevant documents (in any standard format) and either archive or retain these for their own use at any time during or following the completion of the service period. Where a client requires assistance in doing this we will provide all necessary support.; ; In respect of BIM-related information, Operance provides the following:; * BIM Models in IFC format.; * Asset registers in Excel, CSV, IFC formats.; * Documents in their native file format.; * COBie data in a compliant Excel format.; ; GDPR: Data will be kept on the system for a further 2 years in line with our data retention policy. After this period all data will be irrecoverably removed. In line with GDPR requirements, users can also request a copy of all of their personal data or removal of that data at any time by emailing data-requests@operance.app.
• End-of-contract process: Prior to the end of the contract (usually 2-months beforehand), the account holder is contacted to make them aware that their license is up for renewal. Should the account holder confirm they no longer wish to renew, we will offer to provide their data back to them in any number of formats. When a termination date has been agreed, and end of contract process that agrees responsibilities for both parties will exchanged and actioned.; ; Upon termination of the Software-as-a-Service subscription, the following option is available for archiving of data (subject to contract and/or additional fees):; * All model files, documents and schedules of asset data can be exported from and provided to the Customer via an external hard drive compatible with Windows or OSX operating systems with the hard drive encrypted as an option.; ; Data will be kept on the system for a further 2 years in line with our data retention policy. After this period all data will be irrecoverably removed. In line with GDPR requirements, users can also request a copy of all of their personal data or removal of that data at any time by emailing data-requests@operance.app.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Operance provides users with both desktop and app-based access to their digital building information;; ; * Our Operance 'O&M Coordination' module is a web-app based solution.; * Our Operance 'O&M Management' module is a mobile application enabling building owners/operatives/tenants to access and update building information whilst on the move.
• Service interface: Yes
• Description of service interface: Our service interface has been professionally designed to meet WCAG 2.1 AA standards using the UK Government's own Design System as our primary user interface (UI) design guideline.; ; The service is both web-app and native app based with various simply designed, easy-to-use and user-friendly interfaces to access, store, process, track and download information.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: Based at the Centre for Digital Innovation (C4DI), we have unique access to some of the UK's most innovative software, UX and UI talents that are constantly testing our software and pushing to advance our interfaces through the various accessibility levels.
• API: Yes
• What users can and can't do using the API: Users that require an API key can obtain one by request from our dedicated email apikeys@operance.app. SDKs are available to plug into your own software for languages such as PHP, Ruby, NodeJS, and Java. Through the API, users are able to manage all of their data including queries, updates, and searches. Users are not able to alter the structure or integrity of our platform.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Whilst Operance is designed to help Buyers standardise their building information to ensure uniformity across how O&M information is requested, coordinated and presented, Operance is also fully customisable to meet the Buyers requirements of individual projects. such as the ability to customise the following:; ; * Choose your development handover data standards.; * Edit your digital O&M coordination workflow.; * Choose your COBie asset register data schema verification rules.; * Choose to automate BIM model classification to NBS Uniclass standards.; * Export formats for models and schedules of data.; * Use and/or edit default or create new O&M manual templates.; * Light and dark mode preferences; enabling users in dark environments, such as plant rooms to ease stress placed on the eye by brighter screens.; * Flexibility to change between metric systems.; * Ability to administer levels of access and ability to edit data between organisational users and suppliers.; * Ability to show as much or as little building information as required, such as only wishing to see maintainable assets only.

Scaling

• Independence of resources: The service is designed to automatically horizontally scale in times of high usage and scale back down outside of peak times. The load is balanced between multiple service instances, utilising modern high-speed databases to guarantee sub-second response times regardless of load. We proactively increase performance capabilities ahead of growing demand to eliminate bottlenecks with active monitoring in place on all of our services alerting to slowdown in performance so we can rectify quickly.; Enterprise customers are handled by separate infrastructure back-end with independent priority queues. We are also able to provide private cloud and on-premise installations should the projects require.

Analytics

• Service usage metrics: Yes
• Metrics types: * Storage metrics including amount of data uploaded and allocation consumed.; * Amount of projects and issues generated.; * Separation of projects and issues on a per-role basis.; * Server uptime performance.; * User sessions including page visits.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2012
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Operance users can export via the following means:; * Export the asset register to Excel/CSV; * Export IFC/IFC.zip models with or without asset data pushed into the model.; * Export all other documents in their native format.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Microsoft Excel (.xlsx)
  • Construction Operations Building Information Exchange (COBie)
  • Industry Foundation Classes (.ifc) and ifcZIP
  • Autodesk Revit (.rvt)
  • Building Collaboration Format (.bcf)
  • JavaScript Object Notation (JSON)
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Industry Foundation Classes (.ifc) and ifcZIP
  • Building Collaboration Format (.bcf)
  • Autodesk Revit (.rvt)
  • Microsoft Excel (.xlsx)
  • Microsoft Word (.docx)
  • PDF
  • Construction Operations Building Information Exchange (COBie)

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We commit to a High Availability Level (99%) at all times, with no scheduled or unplanned outages between 6:00 am to 6:00 pm GMT from Monday through to Friday. Our commitment is with our users in mind in order to eliminate any interference to their work. However, should an incident occur that we must urgently attend to in order to secure the integrity of our user's data, we will provide a planned outage announcement in advance and provide status updates until full service has resumed. Maintenance is almost always carried out non-disruptively and will take place during the quietest periods to minimise any potential impact.
• Approach to resilience: Services are built upon scalable architecture with health checks which terminate any unhealthy node and replaces them with a fresh, healthy node should any of our service quality checks begin to fail. Database replication is utilised to ensure the back-end services are also resilient to failure.; ; All data is held within a recognised, industry leading datacentre supported by robust Disaster Recovery solutions and is also replicated off-site in real-time. It has a transactional backup every 5 minutes and has a full backup every 24 hours.
• Outage reporting: Our technical support team will notify users of planned outages and unexpected outages via our interface notification centre as well as by email. There is also a service status dashboard and API that users can check any time or during an incident for ongoing updates.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Users are properly authenticated before being allowed to perform management activities (user accounts and consumer data), report faults or request changes to the service through the platform and telephone support or email ensuring all management requests which could have a security impact are performed over secure and authenticated channels ensuring users are strongly authenticated.; Multi-Factor Authentication (MFA) is required for accounts with administrator-level access, users cannot access a project without being a member of it; an audited administrative function so we know which staff had access to which projects, with all changes (user made) to the project audited.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: Yes
• Any other security certifications: Our Amazon Web Services (AWS) hosting meets all listed requirements.

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We take the security of our users information seriously and have implemented or are currently in the process of developing the following policies: 1. Acceptable Use Policy (AUP) 2. Access Control Policy (ACP) 3. Change Management Policy 4. Information Security Policy 5. Incident Response (IR) Policy 6. Remote Access Policy 7. Email/Communication Policy 8. Disaster Recovery Policy 9. Business Continuity Plan (BCP) We would be happy to provide a copy of these upon request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Agile two-week sprints prioritise changes with technical specifications signed off by our CEO, then code reviewed with potential risks mitigated.; ; Our configuration management process: 1. Identification of configurable items (network, servers) 2. Labelling of configurable items (unique labels, version numbers) 3. Protection of configurable items (storage, protection from unauthorised access/changes) 4. Keeping of baseline (release records) 5. Configuration Verification/Audit 6. Defining Responsibilities (auditing, reporting, change approval).; ; Our change management process: 1. Identification of needed change (why/where/how) 2. Determining the impact of the change 3. Change request 4. Change strategy (aligned with configuration management) 5. Execution of change (implementation, post-implementaiton state)
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: 1. Identification: a. scan by pinging/sending TCP/UDP packets. b. identify open ports/services running on scanned systems. c. correlate system information with known vulnerabilities. ; 2. Prioritisation: a. true or false positive? b. could someone directly exploit from the Internet? c. how difficult to exploit? d. is there published exploit code for this vulnerability? e. what is the business impact? f. any other security controls in place that reduce likelihood? g. how old is the vulnerability? ; 3. Remediation a. patches: fully fixing/patching and releasing as required. b. mitigation: lessening the likelihood and/or impact. c. reporting: regular remediation efficiency assessments.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: BORDERPOINT deployment in addition to end-point protection on all servers and end-points (APPGUARD) compliment our 'Triple A' approach to Protective Monitoring: ; 1. Audit: regular and effective identification of suspicious activity (end-point real-time monitoring, security log analysis, customer access to analysed data). ; 2. Analyse: effective identification of potential compromises or inappropriate use (regular reporting, real-time vulnerability analysis). ; 3. Action: prompt and appropriate response to eradicate and alleviate (end-point and server protect blocking).
• Incident management type: Supplier-defined controls
• Incident management approach: We use the same process as deployed for all clients with our Incident Management policy and strategy aligning with ISO 27001:2013 whilst utilising our inhouse analysts to respond to any internal incidents. Users can report incidents using any of our support channels (email, chat, ticket, phone) depending upon severity. Incident reports are provided via tickets if submitted and/or via the web-based service status dashboard.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Pricing

• Price: £1,000 to £50,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free 30-day trial for any individual project including any format upload (BIM model (.ifc), COBie etc) with unlimited space and up to 2 users.
• Link to free trial: https://operance.app/

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at scott@operance.app. Tell them what format you need. It will help if you say what assistive technology you use.