FSW IT Solutions Limited

FloodStation (Flood Risk & Drainage Asset Management System)

FloodStation helps local authorities to meet the requirements of Section 21 of the Flood and Water Management Act 2010 and helps them manage drainage assets.
This includes
-Detail customisable GIS-based asset register
-Accurate asset condition
-Inspection and routine maintenance activities
-Flood Incident register and responsivity management 5) SUDS.

Features

• Cloud based asset management (access from any web enabled device)
• Comprehensive Asset Inventory/Register for managing flood risk and drainage asset
• Map/GIS based interface
• Flood incident register and
• Pollution incident register and tracking
• Configuration/Management for complex drainage assets/SUDS
• Asset condition management
• Routine Inspection and Maintenance scheduling and management
• Onsite data collection tools (mobile web app)
• Ability to link assets to flood incident for analytics

Benefits

• Helps an authority to meet requirements of Flood&Water-Management-Act
• Developed as per DEFRA and EA guidance docs (Surface-Water-Management-Plan-Technical-Guidance)
• Drainage asset management system with GIS capabilities
• Configure and manage SUDS
• Analyse flood risk by intelligently linking flood events and asset
• Efficiently develop and manage daily/weekly/monthly routine inspections/maintenance activities
• Visualise asset register and flood events on GIS maps
• Quickly develop custom reports to meet any requirements
• Comprehensive file/documents/photo management system
• Efficiently record and track pollution incident and resolutions

£3,150.00 a unit a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@fswit.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

638145755041506

Contact

Jonathan Wheatley
020 3551 9320
info@fswit.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Scheduled planned maintenance 30min per month - non business hours
• System requirements:
  • Internet Enabled Device
  • Web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Acknowledgement with incident number is sent to user within 30min of logging for all support and enhancement requests.; Resolutions Time; • Severity 1- 6 hrs/6hrs network; • Severity 2 - 6hrs/ 6hrs network; • Severity 3&4 - 8 hrs/24hrs network
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: - Online support portal/Ticketing system; - Email and phone support; - Dedicated technical account manager; ; All support is inclusive.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: FloodStation is a very intuitive and user-friendly system and can be used with little or no training. ; Complimentary onsite and online (video conferencing) training is available to users once data migration is complete. ; A comprehensive online knowledge base is available to all users.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: All data is exported in Excell/CSV format. All files and documents are provided using external usb drives.
• End-of-contract process: General data export is inclusive of the service.; Any special requirements or additional (multiple copies) of data is charged at extra cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile web apps for onsite inspection data collection are available.; ; Any internet-enabled mobile device can access the general system.
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: Yes
• What users can and can't do using the API: API Service is available to integrate with other systems. Full API documentation is available on website.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can customise the system as below; 1) Additional fields, asset groups, asset types, maintaining area etc; 2) Configure ad-hoc reports; ; Use can configure most of the attributes themselves. However, All customisation request is inclusive of user support.

Scaling

• Independence of resources: User/Application resource usage is monitored and regularly reviewed. Each applications are sand-boxed and are allocated max resource thresholds. If an application exceeds usage it is flagged and resource thresholds are reviewed to increase or decrease.

Analytics

• Service usage metrics: Yes
• Metrics types: Login logs; Page logs; Change logs; Storage logs; System up time
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Other
• Other data at rest protection approach: SSAE-18
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Generally all fields and data can be exported in excel format, all charts can be exported on excel or pdf formats.; ; User can send support tickets for any specific data export requirements, generally, at not extra costs.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Excel
  • PDF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The FloodStation (Flood Risk & Drainage Asset Management System) software is a 24/7 service and aims to achieve, on an annual (i.e. 24x7x365) basis, have an end-to-end availability of at least 99.9%. This availability statistic excludes the agreed maintenance windows.
• Approach to resilience: 1. The service provider commits to a Service Level Agreement (SLA); 2. Review of historical data may be provided upon request
• Outage reporting: A public dashboard, email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Management interfaces and support channels are restricted to registered users only. Registered users must have active access enabled by the system admin for them to access the system. The administrator can restrict the access to specific modules or for a limited period. User name and password are required to login to the system which must be periodically refreshed/changed according to security policies.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: In house review.
• Information security policies and processes: FSW management team is responsible for the implementation of information security policy. A strict documentation and audit trail is implemented into our day to day process to make sure security policies are followed correctly. Policies are reviewed regularly. The private cloud platform where FloodStation software is hosted is ISO-27001 compliant.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All components of the services are tracked in real-time. A documented change management process is in place for all types of changes. Users are given regular updates via email notification. All changes are tested on a sandboxed test environment before released to live. Users are notified regularly for any changes to the system which includes security updates, functionality updates, enhancements, bug fixes etc.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Security logs are monitored daily to identify potential threats. Security tests like an internal test, load test, penetration test are regularly performed and results are reviewed for any system vulnerability. For priority 1 issues, security patches are deployed within 8 hours. The software includes an automated security monitoring system that flags up and blocks any unauthenticated access and reports to the site administrator with security notifications. Underlying user accounts are locked automatically until reviewed by administrator.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Potential compromises are identified through regular review of security logs, pen test results, user access logs. If identified, suppliers are notified and security patches are released according to the severity of the issues. Priority 1 issues are resolved within 6 hours or identification.
• Incident management type: Supplier-defined controls
• Incident management approach: The incident management process is documented in the service level agreement. Users can report the incident using online ticketing systems, emails or phone calls. bi-annually user groups are organised with aim to discuss common user incidents and potential resolution. All incidents are documented and available to users from our support portal.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery

  Fighting climate change

  FloodStation software helps authorities to link flooding events with drainage and flood defence assets enabling them to better prevent flood incidents. Creative onsite inspection tools help authorities efficiently manage flood asset inspection programs, which indirectly prevents flooding events in extreme weather conditions.

  Covid-19 recovery

  1) All staff can work remotely which helps us maintain government COVID guidelines whilst maintaining service levels. 2) User groups, client consultation, training and marketing presentations are offered online using conference call technology to help our clients and software users attend meetings/sessions remotely whilst maintaining government COVID guidelines.

Pricing

• Price: £3,150.00 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@fswit.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.