FastDraft

Service scope

Software add-on or extension: Yes, but can also be used as a standalone service
What software services is the service an extension to: Integrations with 6,000 third party software products, notably:- Asite, Oracle Primavera (P6), Oracle Aconex, SAP, SAGE, COINS, ChatGPT, Microsoft Outlook, OneDrive, SharePoint, PowerBI, Excel, Word, etc.
Cloud deployment model: Public cloud

Private cloud

Community cloud

Hybrid cloud
Service constraints: All non-critical software updates occur outside normal office hours, usually between 9pm and 12am, all users will be warned on login about any impending updates. Critical maintenance may happen during office hours but this will only happen if there is a functional issue with the system affecting all users.

Online support is available via help pages, FAQ sections and training information.
System requirements: Internet Access (minimum 1024kbps)

Internet Browser (Latest version Edge, Firefox, Safari, Chrome etc)

User support

Email or online ticketing support: Email or online ticketing
Support response times: Support is email based and within UK office hours 9:00am to 5:30pm.

We aim to respond within 1 working hour.
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: Web chat
Web chat support availability: 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
Web chat accessibility testing: We have not currently carried out any testing of assistive technology solutions with our web chat system but are waiting for confirmation from our supplier that this has been carried out.
Onsite support: Yes, at extra cost
Support levels: We provide telephone, webchat and email support free of charge to all our customers, on-site support requirements are negotiated on a per customer basis and charged at our standard day rate plus expenses.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: We provide online training to supersusers and general users, because of the intuitive nature of the software with regards to the contract, its simple to pick up by anyone even those with a beginners knowledge of NEC/JCT/FIDIC or contract management.

FastDraft is one of the most extensively documented sofware products on the market, over 200 pages of users guidance, bit sized videos, inapp onboarding videos, and online training portal. Users can also quickly browse FAQs and for more complicated queries our support team are on hand.
Service documentation: Yes
Documentation formats: HTML

ODF

PDF
End-of-contract data extraction: All individual reports and registers can be downloaded by users in Excel, CSV and PDF format at any point.

Upon request a full download of all communications can be sent to any superuser within 2 working days.
End-of-contract process: A full download of the contract communications, all registers and all reports can be provided within 2 working days upon request at no additional charge.

Using the service

Web browser interface: Yes
Supported browsers: Microsoft Edge

Firefox

Chrome

Safari

Opera
Application to install: No
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: The system is responsive so all items are available on mobiles and tablets. For an optimal user experience it is recommended to use on a desktop or a tablet.
Service interface: Yes
User support accessibility: WCAG 2.1 AAA
Description of service interface: We provide WEBAPI 2.0 RESTful web services authenticated using OWIN Auth 2.0 authentication via secure HTTPS protocols hosted on the Microsoft Azure global cloud infrastructure. The API services allow any authenticated device (mobile, web, desktop etc.) to securely connect to the platform and interact with the platforms feature sets. The platform provides responses through JSON text ensuring minimal bandwidth usage, clear readability of the data transferred and greater support for connecting clients.
Accessibility standards: WCAG 2.1 AA or EN 301 549
Accessibility testing: We do routine interface testing with users of assistive technology.
API: Yes
What users can and can't do using the API: FastDraft is a 100% API driven SaaS solution and all tasks/actions that can be performed using FastDraft is done so via our API. We provide WEBAPI 2.0 RESTful web services authenticated using OWIN Auth 2.0 authentication via secure HTTPS protocols hosted on the Microsoft Azure global cloud infrastructure. The API services allow any authenticated device (mobile, web, desktop etc.) to securely connect to the platform and interact with the platforms feature sets. The platform provides responses through JSON text ensuring minimal bandwidth usage, clear readability of the data transferred and greater support for connecting clients.
The platform utilises the Microsoft Azure infrastructure to ensure security of the platform along with load balancing, autoscaling, backups, disaster recovery and automated management to provide a reliable, stable and high performing application.
By utilising the rich feature sets of the cloud infrastructure we are able to gain detailed insight into the performance of the platform and ensure access to the application and its services continue uninterrupted.
API documentation: Yes
API documentation formats: Open API (also known as Swagger)

HTML

ODF

PDF
API sandbox or test environment: Yes
Customisation available: Yes
Description of customisation: FastDraft is highly configurable so allows superusers to administer the platform (change, add or delete Contracts, Projects, Users and Companies) and also support amendments made to standard contracts. Bespoke customisation and development is also available to allow the system to specifically work in the way that they require. We can advise from an expertise point of view about whether any changes are in breach of the contract guidelines.

Scaling

Independence of resources: Using the hybrid cloud platform with Microsoft Azure, we're able to give individual contract environments their own processing power which are seamlessly increased to the requirements needed by their users. FastDraft is a PaaS service that utilises numerous Azure resources to provide a scalable, reliable, secure and high performing platform. Examples of such services are Serverless DB’s, App Services, Blob Storage and CDN’s; all supported by Microsoft’s global cloud network.

Analytics

Service usage metrics: Yes
Metrics types: There are real-time dashboards with over 60+ reports on all the key usage metrics that can be tailored to the user level and requirements. These analytics tool is very well documented. We also provide a dedicated reporting API with pre collated dataset if a clients wish to use their preferred reporting software or needs to blend/warehouse data from multiple system for reporting purposes. All registers can be downloaded so users to create their own reports.
Reporting types: API access

Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Conforms to BS7858:2019
Government security clearance: Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: European Economic Area (EEA)
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least once a year
Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402

Physical access control, complying with another standard

Encryption of all physical media
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation
Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach: All reports, registers and communications can be downloaded from the software at any point.
Data export formats: CSV

Other
Other data export formats: XLS

XLSX

PDF
Data import formats: CSV

Other
Other data import formats: XLS

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)

IPsec or TLS VPN gateway
Data protection within supplier network: TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability: We contractually guarantee 99.5% availability apart from for scheduled maintenance downtime which are carried out outside normal working hours.

Any failures to meet this level of availability will result in service credits awarded to the customer.
Approach to resilience: Microsoft's Azure datacentres availability was engineered to meet the highest common denominator – mission critical support for intranet, extranet, and online services. Typical of the state of- the-art facility designs at the time, these facilities were fault tolerant, concurrently maintainable and populated with scale-up servers housing redundant power supplies and myriad hot-swappable components.
All data is collocated across centres throughout EEA.
Outage reporting: We have a 3rd party monitoring service in place on top of the standard monitoring offered by our cloud hosting supplier. It provides a dashboard, API and alerts via SMS and email.

Clients will be made aware of any unplanned outages via email alerts, within one working hour (Mon-Fri, 9am to 5pm). Any planned maintenance will be alerted to users via their dashboard no later than 24 hours before the scheduled start.

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Username or password
Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is made available to authorised internal personnel, authorised hosting provider support teams and authorised database administrators have access to any data.
Access restriction testing frequency: At least once a year
Management access authentication: 2-factor authentication

Identity federation with existing provider (for example Google Apps)

Username or password

Audit information for users

Access to user activity audit information: You control when users can access audit information
How long user audit data is stored for: At least 12 months
Access to supplier activity audit information: Users contact the support team to get audit information
How long supplier audit data is stored for: At least 12 months
How long system logs are stored for: At least 12 months

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: Alcumus
ISO/IEC 27001 accreditation date: 31/05/2022
What the ISO/IEC 27001 doesn’t cover: Nothing is excluded, it cover all business activities.
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: Yes
Cyber essentials plus: Yes
Other security certifications: Yes
Any other security certifications: Cyber Essential Plus

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001
Information security policies and processes: All security policies and processes are managed under our ISO 27001 certified Information Security Management System (ISMS). We hold quarterly Information Security Board meeting to review the ISMS. We are also accredited under the Cyber Essentials Scheme (http://www.cyberessentials.org).

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: Our in-house development strictly follows ISO27001 standards, integrating with our quality controls. Microsoft Azure DevOps drives our internal development. We engage accredited CREST external security experts for comprehensive penetration testing, aligned with government and private sector standards. Testing occurs annually and with major upgrades. Code management employs version control, tracked via ticketing, ensuring prioritization and management. Updates undergo rigorous testing in a dedicated environment before deployment. Hosting environments feature incremental backups for flexible rollbacks. With Microsoft Azure, we manage infrastructure, benefitting from automatic deployment of updates and patches per our release schedule.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: Our penetration testing partner is iStormSolutions approved and provide services specialising in offering the strongest endpoint protection platform against hacking and industrial espionage.

We monitor all 3rd party vendors of each of the system components for the latest software updates and security patches.

Our cloud hosting provider Microsoft Azure, offers security monitoring of infrastructure and application behaviour as standard. All account credentials are managed via an encrypted system access to which is limited to the appropriate staff.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: On top of the standard monitoring services offered by our cloud hosting provider we also include a 3rd party monitoring service which reports on system level issues and events.

We also employ a distributed network availability monitoring tool which providers alerts on the availability of the various services from multiple locations across the internet.
Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach: We have an Incident Management procedure within our ISO 27001 certified ISMS. Users can track and log events via 24/7 online support ticket service. Incident reports are available at request.

Any incidents are first tracked by our ticketing system and then if required, escalated to our technical team. All progress and feedback is managed through our ticket system and followed up until the issue is confirmed resolved by the client.

Secure development

Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks: No

Social Value

Fighting climate change
Covid-19 recovery
Tackling economic inequality
Equal opportunity
Wellbeing

Fighting climate change

Built Intelligence are strong supporters of social value and sustainability and are committed to:-
• An inclusive and supportive workplace culture
• Raising the living standards of local residents
• Promoting Local Skills and Employment
• Promoting equality, fairness, diversity and inclusion
• Improving staff wellbeing
• Building capacity and sustainability of the Voluntary and Community Sector (VCSE) and local MSME base
• Environmental sustainability
We are also aware of the broader social, environmental and economic impact of our behaviours and actions, and strive to optimise our social value, maximising the positive impact on the communities and areas in which we work.
Here are some examples:
• We only source ethical, responsible suppliers through a robust due diligence process,
• We are committed to reducing our environmental impact, through adopting a ‘reduce, reuse, recycle’ approach and by investing in green technologies and the other measured outlined in question 8,
• Maximise the use of digital technologies and best working practice to minimise the number of face-to-face meetings and reduce non-essential travel working around customers’ needs,
• Investigate ways to reduce our carbon footprint and energy and water consumption through a continuous improvement process, and
• Promote environmental sustainability to our staff and users base with several webinars on topical such as:-
o Climate Change Litigation and Corporate Responsibility
o Climate Change and the UK Construction Industry
o Climate-related reporting: Is your business ready?
o Climate-related reporting: 3 common barriers and how to overcome them
o How can Public Procurement Help Deliver Social Value?

Covid-19 recovery

Built Intelligence are strong supporters of social value and sustainability and are committed to:-
• An inclusive and supportive workplace culture
• Raising the living standards of local residents
• Promoting Local Skills and Employment
• Promoting equality, fairness, diversity and inclusion
• Improving staff wellbeing
• Building capacity and sustainability of the Voluntary and Community Sector (VCSE) and local MSME base
• Environmental sustainability
We are also aware of the broader social, environmental and economic impact of our behaviours and actions, and strive to optimise our social value, maximising the positive impact on the communities and areas in which we work.
Here are some examples:
• We invest in talent, providing a suite of over 800+ technical training courses and learning opportunities and resources to help retain staff and grow their skills,
• Allowing people impacted by the COVID-19 pandemic to move to a high growth sector,
• Give chances for people from these backgrounds to gain skills, qualifications and career advancement, and
• Provide high quality employment conditions, in line with the Good Work Plan.

Tackling economic inequality

Built Intelligence are strong supporters of social value and sustainability and are committed to:-
• An inclusive and supportive workplace culture
• Raising the living standards of local residents
• Promoting Local Skills and Employment
• Promoting equality, fairness, diversity and inclusion
• Improving staff wellbeing
• Building capacity and sustainability of the Voluntary and Community Sector (VCSE) and local MSME base
• Environmental sustainability
We are also aware of the broader social, environmental and economic impact of our behaviours and actions, and strive to optimise our social value, maximising the positive impact on the communities and areas in which we work.
Here are some examples:
• We employ apprentices, recruit locally and try to maximise any spend through our local MSME and VCSE base and create opportunities for those from underrepresented groups in high quality employment in technology, construction and elsewhere, such as those from deprived areas, women, and people from ethnic minority backgrounds,
• Advertising the positions on specialist job sites, such as Evenbreak for people with disabilities and Women into Construction,
• Engaging with Job Centre Plus facilities in economically deprived postcodes,
• Following best practice to make selection and interviews as accessible as possible, and
• Our ‘flexible and hybrid working” policy means our positions are highly accessible to those with disabilities and from deprived areas.

Equal opportunity

Built Intelligence are strong supporters of social value and sustainability and are committed to:-
• An inclusive and supportive workplace culture
• Raising the living standards of local residents
• Promoting Local Skills and Employment
• Promoting equality, fairness, diversity and inclusion
• Improving staff wellbeing
• Building capacity and sustainability of the Voluntary and Community Sector (VCSE) and local MSME base
• Environmental sustainability
We are also aware of the broader social, environmental and economic impact of our behaviours and actions, and strive to optimise our social value, maximising the positive impact on the communities and areas in which we work.
Here are some examples:
• We employ apprentices, recruit locally and try to maximise any spend through our local MSME and VCSE base and create opportunities for those from underrepresented groups in high quality employment in technology, construction and elsewhere, such as those from deprived areas, women, and people from ethnic minority backgrounds,
• Advertising the positions on specialist job sites, such as Evenbreak for people with disabilities and Women into Construction,
• Engaging with Job Centre Plus facilities in economically deprived postcodes,
• Following best practice to make selection and interviews as accessible as possible, and
• Our ‘flexible and hybrid working” policy means our positions are highly accessible to those with disabilities and from deprived areas.

Wellbeing

Built Intelligence are strong supporters of social value and sustainability and are committed to:-
• An inclusive and supportive workplace culture
• Raising the living standards of local residents
• Promoting Local Skills and Employment
• Promoting equality, fairness, diversity and inclusion
• Improving staff wellbeing
• Building capacity and sustainability of the Voluntary and Community Sector (VCSE) and local MSME base
• Environmental sustainability
We are also aware of the broader social, environmental and economic impact of our behaviours and actions, and strive to optimise our social value, maximising the positive impact on the communities and areas in which we work.
Here are some examples:
• We fundraise and have a partner charity, Lighthouse Charity that are committed to supporting the emotional, financial and physical well-being of construction workers and their families, ans
• Improve health, wellbeing and support for staff by providing support and resources on mental health, dedicated well-being days and encouraging staff to focus on their physical health by setting up a cycle to work scheme.

Pricing

Price: £250 a licence a month
Discount for educational organisations: Yes
Free trial available: Yes
Description of free trial: We can offer a 'sandbox' version of the service containing dummy data should this be required for evaluation purposes. It will contain a single working instance of the system but won't include any customer data or bespoke functionality.

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

FastDraft

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents