Vatix Limited

Workflows

Our inspection and task management software enables your organisation to streamline inspections.

Create template inspection forms, complete inspections via the mobile app, and organise corrective tasks.

Workflows makes it easy to standardise day-to-day inspections, collect consistent data, and manage tasks across your whole team.

Features

• Create template inspection forms
• Complete inspections via the mobile app
• Organise and track corrective actions
• Standardise day-to-day inspections
• Digital logbook including all the reported incidents and events
• Downloadable incident reports
• Add photos and comments to any inspection's question
• Simple visual interface
• Convert your existing PDF, Excel or Word inspection forms
• Easily create templates from scratch using our drag-and-drop builder

Benefits

• Say goodbye to time-consuming handwritten forms.
• Enjoy a visually intuitive interface that’s easy to use.
• Easily complete and share inspections for faster follow-up actions.
• Staff can complete inspections with ease with their phones
• Real-time visibility
• Increase workplace productivity

£18 a user

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@vatix.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

473428270978854

Contact

Sales
0203 991 5555
sales@vatix.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No
• System requirements:
  • Web Browser (Chrome, Firefox, Edge, Safari)
  • Android
  • IOS

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email within 4 hours (Mon-Fri) and 24 hours on the weekend.; Live Chat is available within 2mins (Mon-Fri) and 24 hours on the weekend.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Webchat is audited to the WCAG 2.0 guidelines.
• Onsite support: Yes, at extra cost
• Support levels: We supply technical and account management support for initial set-up and ongoing maintenance of the account (at no additional cost).
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: User documentation is provided via PDF and by sharing access to our online knowledge base, along with any necessary extra services (apps, etc). ; ; Customers are contacted upon initial delivery to onboard and answer any initial questions.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: An extract of user information and historical information is requestable upon contract end and is supplied by the responsible team within the organisation.
• End-of-contract process: Upon the contract expiry, all access to the software will be suspended. After the amount of time specified in the contract, user access will be removed entirely. An export of all of the customer information for the service can be requested in .CSV or .PDF format.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The mobile app is designed to be used to complete audits & inspections on the go.; ; Full access to administrative functions and analytics is only available on the web portal.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: A web application which is self-maintained by the users. Through the application, the users can manage all the inspections reported and review all the inspection details and history. ; ; They can also check all the related tasks created before and after the inspection, and all the media and comments added to them.
• Accessibility standards: None or don’t know
• Description of accessibility: Software is accessible on the web (web application).; For users of assistive technology:; ; • There are no significant audio cues; • A vast majority of the interactive UI has text, which can be resized (browser permitting); • Use of blue, red, and amber colours across the whole application
• Accessibility testing: Currently, we've conducted no tests for users of assistive technology.
• API: No
• Customisation available: Yes
• Description of customisation: The platform allows our users to create and customise form templates as they wish to suit their needs.

Scaling

• Independence of resources: The architecture used for each application layer (including services and database) automatically scales dependant on the workload being placed on the service at any time.; ; Capacity is reviewed often, and improvements are made several times a year.

Analytics

• Service usage metrics: Yes
• Metrics types: Reports based on usage are available via the platform.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Reports can de downloaded in CSV and PDF formats.; ; Also, data exports can be requested from our organisation in both .PDF or .CSV formats.
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The Company will use commercially reasonable measures in terms of redundancy, monitoring and platform management to make the Solution available via Internet between 9 am and 5 pm, Monday to Friday (excluding public holidays). ; ; Availability shall be measured annually and the items set out in clause 7 of our SLA and all Planned Maintenance shall be excluded from the calculation of availability of the Solution. For more info on SLAs please visit https://vatix.com/legal
• Approach to resilience: Production data centres are designed to mitigate the risk of single points of failure and provide a resilient environment to support service continuity and performance. ; ; The Covered Services utilise secondary facilities that are geographically diverse from their primary data centres, along with required software, and Internet connectivity, in the event Vatix production facilities at the primary data centres were to be rendered unavailable.
• Outage reporting: The Company shall where possible, provide the Customer with prior notice of Emergency Maintenance in response to outages (should it occur) via email. However, work may commence at any time and shall continue until completed.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Permissions based by role and organisation unit.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 27/04/2022
• What the ISO/IEC 27001 doesn’t cover: The services are within the scope of our ISO certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: CREST Certified Penetration Testing

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: • We approach security using both a combination of our unique requirements and accepted good practice within the industry (eg. following the requirements of ISO:27001); ; • All of our policies are reviewed annually, along with our British Standard accreditations (eg. BS8484:2016, ISO:27001); ; • Security is a top concern when it comes to development, and all of our processes and features are tested heavily to ensure no user/customer information is accessible to parties who shouldn't be able to access; ; • All of our employees are vetted in accordance to BS7858

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Our hosting provider maintains documented operational procedures for both infrastructure operations and customer-facing support functions. Newly provisioned infrastructure undergoes appropriate testing procedures to limit exposure to any hardware failure. Documented procedures and configuration version controls provide protection from errors during configuration. Changes to an existing infrastructure are controlled by a technical change management policy, which enforces best practice change management controls including impact/risk assessment, customer sign off, and back-out planning.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Patches to solution every two weeks unless critical, then immediate.; Penetration testing and internal code testing (peer reviewed and deployment testing services); Employ best practices to mitigate against known issues (e.g. SQL Injection)
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The Alert Logic Threat Management™ system monitors our hosting provider's environment, detecting external and internal threats. When it detects an incident, Alert Logic's ActiveWatch service provides expert guidance from its security operations centre (SOC), staffed round the clock by Alert Logic security analysts. Integrated vulnerability scanning identifies possible points of entry and corrects them.
• Incident management type: Supplier-defined controls
• Incident management approach: The Alert Logic Log Manager™ automatically aggregates, normalises, and stores log data simplifying log searches, forensic analysis, and report creation through real-time or scheduled analysis. LogReview provides daily event log monitoring and review by a team of Alert Logic security professionals.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Optional
• Covid-19 recovery:

  Covid-19 recovery

  Optional
• Tackling economic inequality:

  Tackling economic inequality

  Optional
• Equal opportunity:

  Equal opportunity

  Optional
• Wellbeing:

  Wellbeing

  Optional

Pricing

• Price: £18 a user
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@vatix.com. Tell them what format you need. It will help if you say what assistive technology you use.