Asckey Data Services Ltd

fmfirst® Facilities Management Software

Asckey’s fmfirst® product suite has a selection of applications to support the demands of facilities management, including Planned & Reactive Maintenance, Asset Management, Document Management, Compliance, and Audits. We also offer bespoke development, hosting, and support services. We are accredited with ISO 9001, ISO 14001, ISO 27001, and CE Plus.

Features

• Real time reporting capability via extensive report library
• Digital audit data collection with detailed reports
• PPM, Asset and SLA management as standard
• Integrates with SFG20's Facilities iQ platform
• Accountability and trackability of all tasks
• DIY survey creation, completion and validation with conditional questions
• Efficacy audits to meet compliance standards
• Supports the National Standards for Healthcare Cleanliness 2025
• Mobile application available on Google Play/App Store
• One-stop-source for both bespoke development and hosting

Benefits

• Quickly manage tasking activity on the move
• Extensive reporting capabilities provide comprehensive management overview
• Off-line working capability ensure maximum productivity and eliminate delays
• Better collate and analyse data to allocate resources effectively
• Increased levels of compliance
• ISO9001, ISO14001, ISO27001, and CE Plus accredited
• Cloud environment supported by ISO 27001, Tier 3 Data Centre
• 99.95% average service availability provides operational assurance
• Flexible and tailored aftercare support provision
• Proven track record in integration with third-party applications

£65 to £245 a licence a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@asckey.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

261906829253181

Contact

Phil Wright
01480 469001
sales@asckey.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Locally hosted versions of estates software
• Cloud deployment model: Private cloud
• Service constraints: Planned maintenance arrangements
• System requirements: Need to discuss implementation and training requrements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: SLA statement; Only Monday - Friday
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Our support provision is available by phone or email Mon-Fri and is staffed by fully trained personnel familiar with our applications.; ; Our standard support offering is via a Telephone Support Contract which starts at £595.00 +VAT for a 5-hour contract. This can be used for priority access to a support team member.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide a comprehensive and proven on-site training program designed to meet the specific requirements of each client. In addition, a full online help guide is available along with user documentation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: All data in the system belongs to the client. When a contract comes to an end, we work in conjunction with the client or new supplier to provide data extracts in a mutually usable format.
• End-of-contract process: There are no additional end-of-contract costs other than potential data extracts as described in our terms and conditions.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Fmfirst cloud has both web and mobile applications. The web/desktop service is more comprehensive for office-based users whereas the mobile service is designed to accommodate the work conducted by users out in the field whereby they can easily access the information required to carry out and report on a task.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: We have a standard API that can be used to get locations. create tickets and query the status of jobs. Custom APIs are available for bespoke projects.; Changes can be made through the API but are dependent on the project.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The applications can be customised depending on the level of customisation required. Each application can be tailored to the needs of the client. Extra features required can be an additional cost.

Scaling

• Independence of resources: All systems are hosted in a Tier 3 data centre with access to resources far in excess of that required by the applications.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics are built into the applications. Asckey can provide other metrics on request.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: All modules have comprehensive reporting tools which can be used to export data at any time. Alternatively Asckey can provide .csv or SQL data extracts,
• Data export formats: CSV
• Data import formats: Other
• Other data import formats: Spreadsheet upload

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our average availability figures for the past 5 years stands at 99.95% . The remaining % is explained primarily by pre-arranged system maintenance.; ; Please see attached system SLA
• Approach to resilience: Our data-centre is rated at Tier 3.; ; Key elements are; ; 99.982% uptime (Tier 3 uptime); No more than 1.6 hours of downtime per year; N+1 fault tolerant providing at least 72 hour power outage protection
• Outage reporting: Telephone ; Email notifications

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password
• Access restrictions in management interfaces and support channels: All access processes are managed in accordance with our ISO27001 processes which are independently audited annually.; ; Internal access processes are designed to allow access on a 'need to' only basis with internal system controls enforcing these restrictions
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA
• ISO/IEC 27001 accreditation date: 23/11/2022
• What the ISO/IEC 27001 doesn’t cover: None
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Asckey is accredited to the latest ISO 27001 standard, and all information security processes are based on this standard.; ; Our processes are Commercial in Confidence.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All processes are managed following the latest ISO 27001 and Cyber Essentials Plus processes, which are independently audited annually.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All processes are managed following the latest ISO 27001 and Cyber Essentials Plus processes, which are independently audited annually.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: All processes are managed following the latest ISO 27001 and Cyber Essentials Plus processes, which are independently audited annually.
• Incident management type: Supplier-defined controls
• Incident management approach: All processes are managed following the latest ISO 27001 and Cyber Essentials Plus processes, which are independently audited annually.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  The nature and value of the contracts fulfilled by Asckey fall under the £5 million threshold which means we are not required to supply a Carbon Reduction Plan. However, Asckey is committed to safeguarding the environment and minimising our environmental impact as best we can. ; ; We are a software development company; therefore, our environmental impact is low, but we have made a carbon pledge to be net-zero by 2030. We recognise that sustainability and social value are important to our clients, especially those within the NHS. ; ; Asckey is accredited with ISO 14001:2015 (Environmental) which forms part of our integrated management system, along with ISO 9001:2015 (Quality) and ISO 27001:2013 (Data Security). These accreditations are independently audited to help identify areas of continuous improvement in business performance and our sustainability performance. The development and integration of an Environmental Management System into our business processes strengthens our commitment to our clients and the environment. ; ; We have an environmental policy that outlines how our business intends to maintain a minimal environmental impact. This includes ensuring responsible use of energy throughout our business, including conserving energy and improving energy efficiency. It also includes regularly reviewing our Impacts and Aspects Register to assess current mitigations and to identify further opportunities for development.

  Tackling economic inequality

  As an SME software company, our impact on tackling economic inequality is minimal. However, we are committed to working with small, diverse, and high-quality suppliers. We are also accredited with Cyber Essentials Plus which further supports our commitment to managing cyber security risks in the delivery of our client contracts.; ; Our procurement process aims to control externally supplied products and services to obtain the best financial outcome for the company. All whilst meeting the requirements of our customers and our integrated management system that is accredited to ISO 9001 (Quality), ISO 14001 (Environmental), and ISO 27001 (Data Security).; ; To ensure quality and consistency in the development and support of our applications, as well as ensuring we meet the specific data security requirements, we do not outsource any of our work. However, we do use local contractors for the service and maintenance of our office building and internal elements such as plumbing, heating, basic IT provision etc. This element of our work does help to support local businesses.

  Equal opportunity

  Asckey believes that innovation and inclusion are a partnership. By employing people with diverse backgrounds, perspectives, and abilities we are able to create a workspace where our people can perform at their best. We aim to provide our employees with the support, environment and resources needed for them to achieve their potential in line with our company values.; ; Asckey is committed to regular, ongoing training and development of our employees to support their journey with Asckey, and with developing our products and services. This is demonstrated by the fact that part of our employee engagement involves the undertaking of formal, documented training reviews with employees every 6 months. ; ; These reviews not only cover specific role-based training needs, but employees are also free to suggest other areas of training that can be demonstrated to benefit themselves and/or the business. Depending on the benefits in question, such training may be funded by the business. ; ; In a software/development environment, technology is constantly evolving as are the requirements from clients. Our flexible and two-way approach to employees training and development has proven beneficial to employees and to the business as we work together to maintain and enhance our resource base.; ; Our working conditions promote an inclusive working environment that promotes retention and progression as demonstrated in the fact we have not had to recruit a replacement role for over two years.

  Wellbeing

  In 2020, Asckey introduced a flexible home-working policy and introduced a hybrid working environment. Asckey have some team members who work remotely full-time to accommodate where they are based, however, all employees have the option to work from home or be in the office on a day-to-day basis. This flexibility supports the mental well-being of employees as there is no pressure to come to the office should there be travel or childcare issues (for example). A flexible and hybrid working environment also supports our ambitions of reducing the team’s carbon footprint. ; ; Asckey has a collaborative management structure. This approach enables employees to feel included in how the business develops its products and services. There is a shadowing/mentoring approach applied to the training and development of employees as we want them to feel support in their growth within the company.; ; Our HR/recruitment process is supported by a third-party, Peninsula, which offers an Employee Assistance Programme for our employees to use. We also share any mental health campaigns with employees signposting to health and well-being organisations. Managers also check in with employees daily/weekly to identify any areas that Asckey can support them with, whether this is to support home life or business priorities.

Pricing

• Price: £65 to £245 a licence a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Asckey can provide a demonstration/trial system on request.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@asckey.com. Tell them what format you need. It will help if you say what assistive technology you use.