FARYNOR™
FARYNOR™ is a comprehensive and adaptable Fire Safety Records Management System. It greatly improves fire safety management by providing accurate and timely information and is fully compliant with Government requirements for the Regulatory Reform (Fire Safety) Order 2005 and helps services capture data required under the Building Safety Act 2022.
Features
- Compliance with legislation and statutory reporting requirements
- Single source of truth about location-based information
- Customisable to help meet your organisations needs
- Comprehensive – manages all fire safety activities
- Mobile – increasing productivity and data accuracy
Benefits
- Key risk data available when needed
- Easier to share data with stakeholders allowing greater stakeholder input
- Flexible to allow for changes in legislation and operating procedures
- Efficient, promoting best practice saving time and money
Pricing
£39,500 a licence a year
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
3 0 7 0 9 4 2 4 2 7 1 2 4 8 5
Contact
ATKINSRÉALIS UK LIMITED
Martin Yeoman
Telephone: +44 1372 75 2023
Email: ccs@atkinsrealis.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- No
- System requirements
-
- Gazetteer Service
- Mobile Applications – Windows 10
- Azure Active Directory for authentication/authorisation e.g. Office 365
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Business Day, Monday - Friday:
• A – Critical, respond in 2 working hours, providing circumvention instructions where possible or fix within 1 working day
• B – Major, respond in 4 working hours, providing circumvention instructions where possible or fix within 2 working days
• C – Functional failure, respond in 8 working hours, providing circumvention instructions where possible or fix within 7 working days
• D – Intermittent failure, respond in 8 working hours, providing circumvention instructions where possible or fix within 15 working days
• E – Minor, fix included in next appropriate release. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Standard Support - 09:00 – 17:00 hours, Monday to Friday (exc. English Public Holidays).
Incidents may be logged via the web, telephone or email during these times. Additionally, Incidents
may be logged via the web outside of these hours, but will not be progressed until the next
working day. Software fixes will be progressed during these hours, and a release made available in agreement with the customer and Atkins release schedule.
7 days per week – see Standard Hours, with the addition of being able to log and receive responses to Incidents on Saturday and Sunday. Please note, we operate a Restoration of Service (RoS) during hours outside of our standard hours e.g., Saturday, Sunday and English public holidays –
See below for RoS definition.
24/7 - see 7 days per week, with the addition being able to receive responses on a 24/7 basis.
RoS – during extended out of hours support, the aim is to get the Customer operational as soon as possible. Software fixes will not be provided out of hours e.g., outside of our standard hours of Monday – Friday, 0900 – 1700. Incidents remain the responsibility of the Technical Support team throughout the life cycle. - Support available to third parties
- No
Onboarding and offboarding
- Getting started
-
Training is available at an extra cost.
Data restoration and migration are not part of this service by default. These services can be purchased separately. Atkins can migrate existing client data into FARYNOR™. The price of this service is dependent upon the amount and variety of legacy data to be migrated and will be determined during a clarification exercise prior to the commissioning of any work. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- A standard database backup of any record data will be made available to the client upon Termination of the service. Any files stored will be made available for download.
- End-of-contract process
- Once the contract has ended the account will be removed from the service and any records destroyed.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Application to install
- Yes
- Compatible operating systems
-
- Android
- Linux or Unix
- Windows
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The mobile service is designed explicitly for capture of form related information (eg Fire Safety Audit Forms).
- Service interface
- No
- User support accessibility
- None or don’t know
- API
- No
- Customisation available
- Yes
- Description of customisation
- User Defined fields can be defined against primary record types by authorised users; these enable the storing of additional data in key types (single/multi-select lists, numbers, yes/no fields, text, etc). Additional (charged) custom business logic can be written by Atkins to support extensibility and automation.
Scaling
- Independence of resources
- We use a public Cloud platform that can scale automatically based on usage by customers.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- Never
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Reports enable export of most common queries as either PDF, Excel (or CSV); a custom reporting server can be purchased enabling user-defined SQL queries.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- Our service provides 99% uptime during the agreed hours of service.
- Approach to resilience
- We utilise an Azure cloud environment. It provides an environment that is: - Scalable through auto-scaling (up and out) - Highly available through automatic failover and full active-active High Availability The system is deployed across a multi-node environment ensuring that node failures do not bring the system down, the cloud management platform continually balances load across nodes and moves running services across nodes when issues are detected.
- Outage reporting
- Outages are reported to our clients via email through the Technical Support helpdesk.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Identity federation with existing provider (for example Google Apps)
- Access restrictions in management interfaces and support channels
- Access to client services is via an authorised user with Active Directory for authentication/authorisation.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
Audit information for users
- Access to user activity audit information
- You control when users can access audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Lloyd’s Register Quality Assurance Limited
- ISO/IEC 27001 accreditation date
- 16/06/2010
- What the ISO/IEC 27001 doesn’t cover
- It excludes information handled within client specific secure environments that operate under more stringent security controls and A.14.2.4 Restrictions on changes to software packages.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Atkins Aerospace, Defence, Security and Technology (ADS&T) holds ISO 27001 and all our UK businesses are independently certified as achieving the ISO 9001:2008 quality management standard. Atkins follows a Business Management System (BMS) approach that brings together all of our business processes in one place. The BMS assures our clients through the certification of ISO 9001, OHSAS 18001 and ISO 14001, and forms a key part of the Atkins Governance Framework, which also includes our Group Policy Statements and Code of Conduct. BMS is key part of our governance process, translating the Group controls into a set of core processes that are applicable across the business.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Configuration control is performed using source code management and version numbering. Our change management process is invoked whenever a change to the system is required. A change management plan is created, including identification of risks and associated mitigation. Software changes are managed in accordance with TickITplus accredited quality framework and taken through rigorous testing cycles. Before installing in the live environment, a rollback plan is formulated, and any required downtime agreed. The changes are installed in live environment and checks performed to ascertain the change was successful. Where problems arise the rollback plan is initiated restoring system to baseline state.
- Vulnerability management type
- Undisclosed
- Vulnerability management approach
- None
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
• 24 / 7 / 365 monitoring of server availability and performance with a restart option should the server fail out of hours
• Threshold monitoring to ensure potential problems are detected and addressed before they become critical
• Failover at any time of the day or night in the event of complete server failure
• Secure off-site data backup
• Disaster Recovery procedures and management Business hours support services for non-critical incidents. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Priority 1, Critical: The problem is stopping all work on the system.
Priority 2, Major: The problem is preventing the operation of a major sub-system or a group of users.
Priority 3, Functional failure: The problem is affecting a particular function for a significant/high number of users.
Priority 4, Intermittent failure: The problem is affecting a particular function for a minority number of users. Is intermittent and impact to operation is low.
Priority 5, Minor: Minor issue. Very low impact to users or the problem is cosmetic.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
Atkins is committed to fighting climate change as evidenced through becoming carbon neutral in 2021 as we drive our carbon emissions down to our net zero target by 2030. We have signed up to science based targets to reduce our own emissions through the global Race to Zero initiative.
Our commitment does not stop here but supporting our clients to meet their environmental reduction targets to. That is why we are staff upskilling our staff to understand the environmental impact of decisions use these as considerations throughout the delivery lifecycle to provide better solutions for our clients. We will work hand in glove with our clients, helping provide awareness of the climate impact of solutions the decisions that could be made such as circular economy opportunities.
Through providing a cloud hosted platform for Farynor, examples of where this will be achieved are:
• Reduced energy consumption to that of on-site servers
• Improved allocation of resources – less on-premise servers will require less hardware, resulting in reduced cooling and space needs to operate the service
• Reduced travel resulting in less fuel consumption by staff – mobile working allows staff to work more efficiently
Atkins continually reviews its environmental performance to identify areas where a change in approach can drive improvements or new initiatives locally and across our business.
Pricing
- Price
- £39,500 a licence a year
- Discount for educational organisations
- No
- Free trial available
- No