Skip to main content

Help us improve the Digital Marketplace - send your feedback

Innaxys Ltd

TRAM Equipment Booking Solution

An equipment booking system for operational and technical equipment and assets, with optional integrated asset management tools. Easy booking process for end users, comprehensively manage equipment bookings and space reservations, assign booking rights, and manage competencies and training qualifications related to equipment usage within a centralised fully audited system.

Features

  • For use in laboratories, research centres, universities, emergency services, etc.
  • Configurable booking workflows, flexible calendar views.
  • Competency-based booking rights layer.
  • Booking management tools: approve, reject, downtime, etc.
  • Availability and access control settings on equipment and spaces.
  • Real-time equipment status updates, alerts and notifications.
  • Monitor/ report on usage by asset model, user, project, location.
  • Optional asset management module including stocktakes, servicing/defects, disposal.
  • Asset tagging and scanning capability including RFID, NFC, QR, barcode.
  • Interfaces to corporate (HR, finance, etc.) and access control systems.

Benefits

  • Easy-to-use booking tool for end users.
  • Comprehensive booking management functionality for administrators.
  • Full control of equipment usage with approval workflows/user competencies.
  • Visibility over equipment usage and user activity.
  • Powerful MI reporting capability for transparency, accountability and compliance.
  • Configurable business processes and workflows to meet specific requirements.
  • Scalable to accommodate large user numbers, unlimited assets and locations.
  • Easy to use, intuitive system minimising training needs.
  • Fully auditable environment, record of all actions and activity.
  • Also deployable on private cloud for total control and security.

Pricing

£40 to £100 a user a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Sales@innaxys.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

1 2 3 0 9 4 9 2 4 7 5 5 3 4 9

Contact

Innaxys Ltd Jean-Claude Lafontaine
Telephone: 01773 765350
Email: Sales@innaxys.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
TRAM Asset and Equipment Management Solution
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
None
System requirements
None

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response/acknowledgement within one business hour.

Response times are different at weekends.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
Innaxys provides full support to our users through our online support portal managed by an in-house engineering team, depending on the individual terms of each contract. Many of our clients choose second and third line support, with their own IT teams providing first line support (after training by us).

Support is available as per the pricing schedule. Please enquire for more details.

We provide a dedicated account manager who will support clients throughout the contract term.
Support available to third parties
No

Onboarding and offboarding

Getting started
Solution discovery workshops, training (onsite and online options, depending on client preference and requirement), user documentation, and support for configuration and set-up is included in the service offering.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
In-app support
End-of-contract data extraction
Innaxys provides a fully managed procedure to export client data and deliver it to them at the end of the contract.
End-of-contract process
At the end of the contract, Innaxys will provide the procedure to extract the data from the system to be re-imported into a new solution or archived by the client. When the data has been recovered, the system will be deactivated and de-installed from the client's private cloud environment.

We will export the client's data and provide them with it, and deactivate/deinstall the system, as part of the contract price.

Support to import the data into the client's new solution will incur additional cost.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The Solution includes a bespoke mobile application which can be used to issue and return/book assets, record and track asset movements, perform inventory checks/stocktakes, and servicing needs as required.

The app requires a secure connection to the client's network.
Service interface
No
User support accessibility
WCAG 2.1 AA or EN 301 549
API
Yes
What users can and can't do using the API
The API is aimed at third party developers who want to exploit the analytical platform underneath the user interface. It is accessible under NDA by third parties or the client, if the client wishes to undertake development. Includes API interfaces to external systems for the sharing of data and seamless integration.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The Solution includes the ability to be customised and tailored to different types of equipment and asset needs. It can further be tailored to the needs of each client in terms of the role based access (how each user or group of users can access the solution and what functions each can access) and in terms of the contents of most of the drop down boxes and input selections according to the needs of each organisation and equipment type being managed.

Scaling

Independence of resources
Each installation is independent and discrete, implemented on a unique hosted deployment or the client's own private cloud with no interaction or dependency on any other installation or usage by any other clients/users.

Analytics

Service usage metrics
Yes
Metrics types
The Solution is fully audited, which can provide key information about the usage, access, security etc of the Solution
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data can be extracted from the Solution during the contract via the reporting and export modules. Alternatively Innaxys can build an interface with any required third party systems which will need to utilise the data on a regular basis.
Data export formats
  • CSV
  • Other
Other data export formats
  • Database export
  • PDF
Data import formats
  • CSV
  • Other
Other data import formats
Database import

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Our system uptime currently is at 99.99% availability. Downtime and planned maintenance are conducted outside of client working hours to minimise disruption for users. The terms of availability and specific SLAs will be negotiated for each individual contract.

Clients will be refunded in line with the defined conditions regarding penalty costs for SLA breaches that have been agreed for the individual contract.
Approach to resilience
Information available on request
Outage reporting
SNMP Reporting via a dashboard

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels
Access is controlled by username and password, and by IP
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Intertek
ISO/IEC 27001 accreditation date
01/11/2023
What the ISO/IEC 27001 doesn’t cover
Our ISO 27001 certification covers the full scope of our business and products.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials PLUS
  • ISO27001

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials PLUS
Information security policies and processes
Innaxys is certified to ISO27001:2013 Information Security Management System. We maintain and follow all related and required processes and procedures. Policies and procedures are fully documented and are audited annually in line with the standard. We have had continuous certification since 2018.
Our policies and procedures restrict access to infrastructure and client data to key members of our team. Access levels are dependent on a team member’s role which is decided at the technical director’s discretion supported by ISO 27001 guidance.

Employee ISMS refresher training is conducted annually. Our CEO is responsible for ensuring polices are followed.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
We operate a strict Change and Release Management procedure in line with our ISO-27001 accreditation, that includes:

• Keeping a record of each client configuration in our ITIL compliant system.
• Documenting a Bill of Materials and reviewing periodically released component updates through their lifetime and potential security risks with their implication. We make an assessment and test prior to updating client systems in a pre-prod environment and later in production.
• We perform ITHC on each release prior to implementation and address any security issues.
• We operate a Change Management Process in line with the ITIL standard.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We work closely with our Cloud supplier to make best use of technology available to protect the service and we use hardened versions of key components. We use the cyclical practice of identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities.
Our support team will scan periodically for available patches and depending on the assessment, those will be implemented asap or within the next quarterly release.
We get our information about potential threats from a variety of sources including the components editors, AWS Patch Manager and other applications used in the industry to scan solution builds for vulnerabilities and available updates.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Our protective monitoring process includes protection against:
1. External threats, data integrity compromises, etc.
2. Misuse

For the 1st point, our team performs regular inspections of firewall logs, investigate security alerts, and monitoring intrusion detection systems. We will take immediate corrective actions when such situation is detected.

For the 2nd point, our solutions include a very strict role-based access security and a detailed log of actions and data accessed by users that is secured and can be access only by security cleared personnel in order to detect any identity misuse or suspicious usage.
Action is normally taken by our clients.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Innaxys has a well-documented incident management process for common events, the details of these processes are available to buyers on request.

Users can report incidents through our ITIL compliant online helpdesk. Incidents are acknowledged and actioned accordingly by our Support Engineers in line with client-defined SLAs.

We can provide incident metrics including ticket resolution times as reports generated from our helpdesk application.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

We are committed to achieving Net Zero emissions by 2027, well within the government’s required timescales for public sector suppliers.

As an SME software studio, we believe that our organisation is naturally low carbon emitting. However, we still make a continual effort to ensure our overall emissions remain minimal. Examples of these efforts include working towards a paperless office (by the end of 2024); equipping our office spaces with recycling bins and water fountains; providing crockery and glasses instead of disposable cups. We ventilate our data centre with natural airflow rather than air conditioning. We chose office premises on a public transport route and allow staff flexible working times to accommodate bus/train timetables, in order to encourage the use of public transport to get to and from the premises. We also offer bicycle storage and showers for those cycling/walking to work.

When choosing delivery partners for contracts, including hosting for our external cloud systems, we undertake due diligence on the credentials of relevant companies to ensure that they are also adhering to or exceeding all environmental and legislative requirements. This is particularly relevant in terms of the composition and impact of the large data centres used to host our solutions, and the measures taken to reduce that impact.

Our Carbon Reduction Plan is maintained, updated annually, and published on our website in line with UK legislative requirements.

Tackling economic inequality

At Innaxys, we believe in supporting the local community by investing in the people it comprises. All the work we do is produced in the UK by personnel fully employed by our company and to whom we pay good salaries in line with our industry’s expectation.
We do not rely on offshoring development, nor do we outsource to provide support or project services: instead, we value the long-term relationship that can be created with permanent employees and the fact that this provides jobs to the local community. We are proud to be a member of the Made in Britain campaign which has verified the geographic provenance of the services we provide in the UK.

• We actively prioritise providing employment opportunities to local young professionals first and foremost, working with a recruitment agency that prioritises consideration to local candidates, on our request.

• Where possible, we provide student placement opportunities, our most recent intake being a computer-science student who completed a year’s placement within our software development team.

Equal opportunity

We are committed to promoting equal opportunities and a culture that actively values differences. We recognise that people from different backgrounds and experiences can bring valuable insights to the workplace and enhance the way we work.

• We value and respect diversity and we provide equality of opportunity and the facilities to recruit and retain a diverse workforce.

• We accept flexitime and part-time working pattern requests where possible.

• We strive to ensure that all our employees are heard and have the opportunity to speak and step up within our development and commercial projects, in order to foster natural workforce skills growth and accountability.

• We allow and we encourage our people to progress through the roles in the company to more senior positions.

• We automatically grant interviews to female and minority-gender applicants for our technical vacancies in light of the well-documented gender imbalance within STEM industries.

Wellbeing

We pride ourselves in running our business a little differently from the norm. A small example of this is allowing daily flexibility to team members to account for commuting preferences, personal obligations, and anything else that might pop up as things often do in life. We are less concerned about what time our employees are at their desks, rather that when they are, they deliver to the best of their ability - and we ensure that they can do so in a comfortable and relaxing environment.

We have invested in a sports facility in-house to enable all our personnel to use the gym at no extra cost and make a break from work when they need. We are located near a beautiful park and actively encourage our employees to explore the outdoors during their breaks. Our offices include showering facilities, bicycle storage, games room, and a fully equipped kitchen to encourage healthy living and meal preparation. We have also established the means to balance remote working and on-site team working.

Pricing

Price
£40 to £100 a user a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Sales@innaxys.com. Tell them what format you need. It will help if you say what assistive technology you use.