FMIS Ltd

FMIS Asset Tracking

FMIS Asset Tracking Software for the public sector enhances accountability and efficiency in asset management. FMIS offers tracking, location management, and reporting tools with UK-based hosting and support. FMIS is ideal for the NHS, Local & Central Government, and Non-Profit organisations, ensuring all assets are efficiently monitored and managed.

Features

• Efficient tracking with integrated barcode/RFID capabilities.
• UK-based hosting and support services.
• Detailed and comprehensive reporting suite for clarity.
• Advanced tracking for compliance with regulatory standards.
• Mobile application for Android and iOS devices
• Precise data capture and analysis features.
• Equipment maintenance schedules and work orders
• Asset location management and monitoring.
• User-friendly interface for simplified asset tracking.
• Enhanced asset security and accountability features.

Benefits

• Up-to-date and accurate asset register for insurance and audit purposes
• Audit trail provides traceability and accountability
• Customisable user access permissions and centralised administrative control
• Extensive reporting and search facilities for assets and equipment
• Faster audits with integrated barcoding and RFID
• track all asset events from purchase to disposal
• Import/export data directly from spreadsheets to save time
• Attach files such as photos, purchase orders or warranty documents
• Reduce maintenance costs and equipment downtime
• Set automated reminders for all maintenance tasks

£500 to £600 a licence a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at johnderobeck@fmis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

388168147048904

Contact

John de Robeck
+44 (0) 1223 773003
johnderobeck@fmis.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: The FMIS desktop application can be accessed through any browser and the mobile application is available for Android and iOS. For private cloud implementations, the client may be required to handle server configuration and backups.
• System requirements:
  • Desktop application requires browser with appropriate network access
  • Mobile application is available for iOS or Android

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: FMIS operates a priority-driven support model with high priority tickets receiving a response within a maximum target of 1 hour. FMIS Standard Support Hours are 9 am to 5 pm UK time Excluding public holidays and December 24th – January 1st.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: FMIS offers comprehensive UK-based support for all our solutions. Support is provided for all trained users and covers implementation, training, technical and functional support tickets. Tickets can be raised via email, web or phone and the number of tickets is not capped.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: FMIS provides end-to-end implementation support from requirements workshops to installation, configuration, training, data imports, UAT and post-implementation support.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: FMIS allows users to export most data at any stage without the need for FMIS support. For end-of-contract data exports, FMIS is able to provide support for any background data not available through the system import/export tools.
• End-of-contract process: FMIS does not charge any termination fees for completed contracts as standard. Clients may elect to extend their contract on an annual renewal basis after the initial term.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The FMIS Mobile Asset Manager Application is available for Android and iOS devices through the relevant stores.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: FMIS provides extensive user-driven configuration options without the need for development. For clients that require additional enhancements, FMIS offers bespoke feature development and a client-driven development roadmap.

Scaling

• Independence of resources: For public cloud clients, FMIS provides each client with a separate database instance. FMIS Cloud hosting is UK-based and deploys real-time load monitoring and management with offsite server replication and backups.

Analytics

• Service usage metrics: Yes
• Metrics types: FMIS allows authorised administrators to view a full user audit history including access history and actions.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: FMIS offers a full suite of import and export tools within the system to allow clients to export data to Excel or PDF. Where automated interfaces are available, data may be exported directly to an integrated application.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XLSX
  • PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats: XLSX

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: FMIS guarantees a minimum of 99.5% uptime for FMIS Cloud Hosted solutions.
• Approach to resilience: FMIS Cloud hosting includes:; - Redundant dual-path power distribution and switching; - Resilient uninterruptable power supplies; - Dual auxiliary power generators; - Redundant air handling and conditioning systems; - An external plant area accommodates energy-efficient dry-air coolers and two auxiliary diesel generators.
• Outage reporting: FMIS will notify clients directly when a system outage is identified either via email or phone.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to and acceptable use of all FMIS and client information assets is controlled under the FMIS Access Control Policy contained within the FMIS information security Management System (ISMS).
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
• Description of management access authentication: Management access to any FMIS Cloud server environment is restricted by user profile, IP address, server certification and username and password.

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International (ASCB Accredited)
• ISO/IEC 27001 accreditation date: 10/09/2019
• What the ISO/IEC 27001 doesn’t cover: The statement of applicability covers all areas under ISO 27001 with controls in place from A5 to A18:; Area Number of ISO/IEC 27001 (Controls); A.5 Information security policies 2; A.6 Organization of information security 7; A.7 Human resources security 6; A.8 Asset management 10; A.9 Access control 14; A.10 Cryptography 2; A.11 Physical and environmental security 15; A.12 Operations security 14; A.13 Communications security 7; A.14 System acquisition, development and maintenance 13; A.15 Supplier relationships 5; A.16 Information security incident management 7; A.17 Information security aspects of business continuity management 4; A.18 Compliance 8
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: PSAF Approved Hosting

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: FMIS maintains the following Information Security Policies among others in line with ISO 27001 requirements:; Access Control Policy; Anti-Piracy Policy; Backup Policy; Business Continuity Policy; Change Management Policy; Cloud Computing Policy; Cryptographic Controls Policy; Data Protection Policy; Disaster Recovery Plan; E-mail & Internet Acceptable Usage Policy; Information Asset Register; Information Classification Policy; Information Exchange Policy; Information Security Policy; Laptop Policy; Network Systems Monitoring Policy; Password Policy; Privacy Policy; Remote Access and Mobile Computing Policy; Data Retention Policy; Removable Media Policy; Secure Development Policy; Security Incident Reporting Policy; Vendor Management Policy; Virus Protection Policy

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All FMIS projects and changes are managed in line with the FMIS Change Management Policy and ISO 27001 requirements. FMIS works with our clients to ensure that all necessary security checks and assurances are provided.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: FMIS actively monitors new and known threats using a combination of industry resources, scans and penetration testing. All high-risk patches are applied as soon as available and at least monthly.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: FMIS Cloud Hosting Partners, proactively monitor all applicable network and hardware performance and availability to ensure early visibility of any issues that may affect network performance.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents, breaches and near misses are recorded, notified and managed in line with the FMIS Information Security Management System (ISMS) and specifically the FMIS Security Incident Reporting Policy in line with ISO 27001, GDPR and ICO requirements.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  FMIS addresses environmental impact through its policies on sustainability and resource management, focusing on reducing waste, conserving energy, and promoting recycling across all operations.

  Equal opportunity

  FMIS "Hiring & Equal Opportunities Policy" ensures non-discrimination in hiring, promotes diversity, enforces fair employment practices, offers related training, and regularly reviews compliance with equal opportunity laws.

Pricing

• Price: £500 to £600 a licence a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at johnderobeck@fmis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.