SIMCENTRIC LIMITED

SAF-FORESIGHT

SAF-FORESIGHT is a digitised 3-dimensional visualisation/briefing/analysis/range safety intervention tool supporting live fire military training. SAF-FORESIGHT generates accurate Range Danger Area templates mandatory for live field firing. SAF-FORESIGHT allows for digitisation of entire process for single/multiple ranges overlaid on training areas anywhere in the world, across all phases of live training.

Features

• Weapon/Ammunition Template Generation
• Permanent live fire range design and layout analysis
• Live Fire Exercise Safety Monitoring & Intervention
• Experimentation, Options Analysis and Supply Chain Rationalisation

Benefits

• Reduces template generation time from hours to minutes
• Supports digital analysis to support maximise freedom of design
• Predictive modelling of emerging fratricide risks helps prevent catastrophic incidents
• Maximises training outcomes using available space, ammunition and time/resources
• Supports rapid assessment of implications of new acquisitions

£130,000 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at simon.leng@simct.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

508062446000697

Contact

Simon Leng
07768975676
simon.leng@simct.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Recommend/tested on Chrome, Firefox or Safari browsers; Recommend/tested on 5th Generation iPad or Andorid tablet with equivalent CPU/performance.; Other browers such as Opera or Edge can be used
• System requirements:
  • Server supports Linux and latest Windows
  • Clients support latest browsers and tablet devices

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Next working day, excluding UK bank/public holidays
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: SimCentric offers a single tier of custmer support, which would be managed by a dedicated/named account manager; ; The priority of any reported bug will be agreed by SimCentric. The Prioritization Model is used to ensure a consistent approach to defining the priority with which an item needs to be resolved, drive the assignment of resources, and establish the required First Response and closure deadlines.; Upon receipt of a support case, SimCentric will enter its priority level and SimCentric will also provide a determination on whether the support issue is a ‘bug’ or a change request.; If the end customer/user (ECR) disagrees with a priority level assigned by SimCentric, it will notify SimCentric within 2 SimCentric Business Days. Upon receipt of the disagreement, then SimCentric will arrange a discussion with the ECR within 1 SimCentric Business Day. This discussion will cover the broader context, background of the support issue, and technical details of the issue. During this discussion, SimCentric will be required to justify its prioritization directly to the ECR.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onboarding is achieved through a combination of; - Product documentation including tutorials; - Approx 60 'How to' tutorial videos, covering every part of the service from login through to integrated planning; - bespoke in person training courses (cost option)
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The data used by the service are stored in standard formats such as csv for text based data, and SHP or GEOTIFF for GIS data; The service also includes a print option which will allow all user created data to be extracted in pdf format, again in a standard military format
• End-of-contract process: The service is delivered as a subscription. At the end of the subscription period, the user can extract data entered and then stop using the service

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Service is accessible via web browser running natively on tablet. Operation and GUI will be the same.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: The service is configured to support a specific number of clients, therefore the server side components are accurately configured to support estimated requests/bandwidth and storage demands

Analytics

• Service usage metrics: Yes
• Metrics types: The following metrics are recorded and available for review; - Change notifications; - Submission notifications; - Data updates; - User logins; - User permissions
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: The data used by the service are stored in standard formats such as csv for text based data, and SHP or GEOTIFF for GIS data The service also includes a print option which will allow all user created data to be extracted in pdf format, again in a standard military format
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • SHP
  • GEOTIFF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: SimCentric will use commercially reasonable efforts to make the Service available with an uptime percentage of at least 99.5%, in each case during the billing cycle.; ; In the event the Service does not meet the Service SLA, you will be eligible to receive a Credit as described below.; ; Levels of service are calculated on a monthly basis to identify if the Service does not meet the SLA during the period, and if so by how much.; ; A credit is calculated on the following basis; ; If level of service is less than 99.5% but equal to or greater than 99.0% - 10% Credit due; ; If level of service is less than 99.0% but equal to or greater than 95.0% - 30% Credit due; ; If level of service is less than 95.0% - 100% Credit due; ; The credit is then applied against the monthly bill; ; To receive a credit, the customer must submit a claim by opening a case in the SimCentric ticketing systems, credit requests must be received by SimCentric by the end of the second billing cycle after which the incident occurred and must include full details and information describing the unavailability of the Service.
• Approach to resilience: This is available on request
• Outage reporting: These are reported via email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Limited access network (for example PSN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to SAF-FORESIGHT is via login and password combination. Within the service, the adminstrator account can be used to assign user roles and permissions on an idividual basis. This allows certain users to be assigned permission to for example submit, edit, or approve data within the service
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Bureau Veritas
• ISO/IEC 27001 accreditation date: 3rd March 2021
• What the ISO/IEC 27001 doesn’t cover: None
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: To meet the information security objectives of the organization, SimCentric has established, operates and maintains an Information Security Policies Manual (ISMS) aligned with the requirements of ISO27001 standard and leading practice guidelines. This document describes SimCentric commitment to safeguarding information within the ISMS scope along with the obligations of the employees, contractors and third parties to perform such purpose.; ; The scope of ISMS applies to the following internal departments:; ; Systems Engineering Department; Software Development Department; Project Management Department; Operations Department; ; In order to support employees, appropriate awareness training and regular updates in organizational policies and procedures are provided to all employees of the organization as relevant to their job functions. Each departmental head arranges training to staff members on relevant policies and procedures. Awareness training is also included in the induction process for new employees during onboarding.; ; The ISMS policy is reviewed by the Information Security Steering Committee (ISSC) and updated once a year to incorporate any additions, modifications, deletions to policies and controls that may be required due to changes, including but not limited to technology, regulations and contractual requirements.; ; However non-routine reviews also occur if any significant change arises in SimCentric technical or business environment.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Change management covers the introduction of changes to already developed products in a controlled manner. ; ; From a software development point of view, a key part of change management is software configuration management and control. SimCentric develop software applications which are compatible with multiple environments, and multiple versions of each environment; ; The SimCentric Release Team are responsible for final test and management of the approved product combinations and manage the availability of these validated installation files so they can be made available for customer download/installation.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Information is a key asset of SimCentric and recognized as needing to be protected. With the increase in interconnectivity, SimCentric recognize that information is exposed to growing numbers of threats and vulnerabilities. Information Security includes the protection of information from threats and vulnerabilities to prevent unauthorized disclosure of information to preserve confidentiality, maintain integrity, ensure business continuity, and minimize business risks.; ; SimCentric provides information security awareness to employees to ensure continual improvement in information security in all activities/processes within scope while meeting applicable business, legal or regulatory and member (client) requirements through regular review of our Information Security Management System
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: SimCentric InfoSec Team monitor Internet activity occurring on company equipment/networks/accounts. SimCentric use various filtering software to limit access to prohibited sites and other applications on the Internet. ; ; All computers attached to the company network have anti-virus software combinations installed by InfoSec. This software is active, scheduled to perform regular virus checks and has uptodate virus definition files.; ; If an employee receives what he/she believes to be a virus or suspects that a computer is infected with a virus, it is reported to InfoSec immediately. Any suspected infected computer is removed from the network immediately until it is verified as virus
• Incident management type: Supplier-defined controls
• Incident management approach: SimCentric operates an Information Secuirty Policy (InfoSec) as part of adherence and conformance to the processes covered in ISO27001.; ; All Incidents are immediately reported to InfoSec via Email or Teams, in line with policy. Depending on teh severity of the incident, incidents are either reported back to the InfoSec Management Board as part of monthly review meetings, or if more serious/high level of threat is uncovered, an emergency InfoSec Management Board meeting is covened

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Covid-19 recovery

  Covid-19 recovery

  SimCentric implemented workplace conditions to help employees to continue to work COVID pandemic, including effective social distancing, remote working, and approached to sustainable travel. These have been maintanied post COVID to help support employees who need extra time to return to the full workplace, in particular supporting employees who wish to continue to work from a home location

Pricing

• Price: £130,000 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: The trial version has the same functionality as the production/paid for version; The trial version is time limited; The trial version contains generic/representative data, the production version is delivered with valdiated/customer specific data
• Link to free trial: https://www.simct.com/contact_us/

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at simon.leng@simct.com. Tell them what format you need. It will help if you say what assistive technology you use.