BRIGHTLY SOFTWARE LIMITED

Brightly Asset Investment Planning

Assets and infrastructure are aging, quickly. Budgets are tight. Regulatory compliance requirements are mounting. In order to predict and plan for the short- and long-term, you need tools to help you move from budget-constrained, siloed planning to data-driven decision-making.

Features

• Asset agnostic, condition-based life-cycle budget planning
• Analyse and model UKPMS, GAIST, Vaisala, SCANNER, SCRIM, data etc
• Optimise capital programmes based on risk, condition, and service levels
• Data led Analysis providing impacts at asset and portfolio levels
• Optimise funding, extend asset life, and achieve target service level
• Compare scenarios and demonstrate impact of alternative funding strategies
• Produce integrated, prioritised long-term capital works plans
• Reporting interconnected with BI, GIS and analytics tools
• Assess impact of Capital spend on future maintenance expenditure requirements
• Engage stakeholders and citizens with accurate, data led reporting

Benefits

• Simple, intuitive asset and data agnostic interface and design
• Drive capital investments with customer service level requirements in mind
• Accurate life-cycle models for future condition and service levels
• Transition from expensive reactive spending to planned capital expenditure
• Calculate and demonstrate lowest spend required to maintain condition
• Demonstrate funding change impacts to help manage expectations
• Apply 'What-If' analysis across all assets and funding scenarios
• Develop and deliver optimised programmes across multiple asset classes
• Fully flexible scheme and project management tool
• Customisable reporting linked to BI, GIS and analytics tools

£1,000 to £5,000 a licence a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukgcloud@brightlysoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

709065350134654

Contact

Brightly Software - UK Sales Team
+44 (0) 808 167 4526
ukgcloud@brightlysoftware.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Brightly performs scheduled maintenance every fortnight and provide detailed release notes one week in advance of deployment within the Knowledge Base and Status Page. ; Brightly targets 99.9% uptime 24x5 (Monday to Friday).
• System requirements: Suitable modern browser (Edge, Chrome, Firefox, Safari)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Technical Support is provided from 09:00 to 17:30 Monday to Friday excluding public holidays. Our online case management portal and knowledge base articles are available 24/7.; There are three methods for logging a new technical support case: 1. Online Portal 2. Email. 3. Telephone.; Case severity levels and associated target response times are as follows: 1. Critical: within 30mins. 2. High: within 4hrs. 3. Medium: within 2 business days. 4. Low: within 4 business days.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Technical Support is provided from 09:00 to 17:30 Monday to Friday excluding public holidays. Our online case management portal and knowledge base articles are available 24/7.; There are three methods for logging a new technical support case: 1. Online Portal 2. Email. 3. Telephone.; Case severity levels and associated target response times are as follows: 1. Critical: within 30mins. 2. High: within 4hrs. 3. Medium: within 2 business days. 4. Low: within 4 business days.; Remote access help, such as Microsoft Teams, is available at the discretion of the Software Support team.; Clients receive free version upgrades for their purchased products.; A dedicated Account Director is also assigned to each customer.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: On site training or online training and user documentation is provided by Brightly.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: We can provide an extract of data, usually formatted as CSV.
• End-of-contract process: Data extraction is included in price of the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile software is intended to be used for on-the-go report viewing and interaction with model results through web browser only.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The service user interface is a modern web client, accessible using a modern browser (Edge, Chrome, Firefox, Safari).
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Accessibility testing tools are used by our developers, testers and designers to ensure the software meets accessibility standards.
• API: Yes
• What users can and can't do using the API: We provide a suite of fully documented API's. Establishing integrations with other corporate systems such as CRM, finance, contractor and IoT are typical uses of the API's.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: The service is highly configurable without requiring software development. For example, parameters that drive the asset lifecycle modelling can be configured as required.; ; Configuration of the service would be a client System Administrator role. Brightly provide user manuals, online knowledge articles and online training videos to support System Administrators. In addition, our Professional Services team can provide training and consultancy services. Please refer to the SFIA Rate Card.

Scaling

• Independence of resources: The service utilises extremely scalable and robust AWS platform services to ensure high availability and scalability in all layers of the software.

Analytics

• Service usage metrics: Yes
• Metrics types: We actively monitor for any exceptions being generated in order to proactively address any system issues being detected. ; We utilise several layers of cloud monitoring tools in order to carry out monitoring. These include a combination of AWS CloudWatch and SumoLogic.; Some of this information is provided in our system status page.; The status page provides an operational summary (including uptime), and also provides notices of; upcoming releases and any degraded performance / outage issues being experienced.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Using the built in reporting facility.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PDF
  • XLS
  • XLSX
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XLS
  • XLSX
  • CSV
  • SQL Server Database
  • Microsoft Access Database
  • Esri Arc GIS Online & ArcGIS Enterprise
  • Esri Shapefile

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: Data is encrypted both in transit (TLS 1.2) and while at rest (AES).; The Web Application is only accessible using HTTPS.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: All data is encrypted both in transit (TLS 1.2) and whilst at rest (AES). Only HTTPS access is allowed.

Availability and resilience

• Guaranteed availability: SLA is based on System Availability of 99.9%. For full details on the SLA see the Service Definition.
• Approach to resilience: We use AWS Key Management Service (KMS) to assist encryption key management on our Cloud Infrastructure. AWS KMS centrally manage cryptographic keys and control their use across a wide range of AWS services such as RDS, EBS, S3 used by the Brightly Platform. AWS KMS is a secure and resilient service that uses hardware security modules that have been validated under FIPS 140-2, or are in the process of being validated, to protect the keys. AWS KMS is integrated with AWS CloudTrail which provides logs of all key usage for compliance purposes.
• Outage reporting: We provide system information and notifications via the Status Page.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: The software currently supports authentication via Username/Password and Google OpenID. Support for Active Directory and other IDP providers will be made available in a future release.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 04/12/2023
• What the ISO/IEC 27001 doesn’t cover: Brightly operates an Information Security Management System which complies with the requirements of ISO/IEC 27001:2013 for the creation, support, sales, and supply of software and associated services to local government, central government, and the commercial sector.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Brightly corporate policies and control framework are aligned with the ISO 27001 Information Security Program Management Standards. This includes pragmatic policies, procedures, standards and guidelines to support the information security requirements, with a focus on the most critical assets. This enables us to maximize efficiency and effectiveness by leveraging a common set of controls and policies to comply with many regulations. The Brightly information security policy framework includes documented policies, procedures, standards and guidelines to support our relevant information security requirements.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The persistence layer uses a mix of AWS RDS, DynamoDB and S3. They are configured to be fault tolerant. For example, RDS are set to deploy in multiple AZ. In the event of failure, RDS will fail-over to another instance automatically. All application layers use AWS platform services to ensure security, auto-scaling and performance are best in class.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Annual security audit and penetration testing engagement is in place. There are weekly automated security scans on the web application. We perform monthly internal audits to check for any known security vulnerabilities on the tools and libraries used by the platform.; We follow AWS security guidelines in architecting our platform infrastructure and utilise a number of monitoring and security vulnerability scans technologies to monitor the system including SumoLogic, AWS CloudWatch and AWS Shield.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Technologies / deployment utilised for securing the system include a narrow network surface area, firewalls, platform services with load balancing and auto-scaling, network monitoring tools, anti-virus, content filters and separation of services.; ; Secure development process which adopted by following OWASP best practice, monitoring security bulletin from CERT/SANS/CWE, internal security code reviews and annual penetration testing via leading, external security firms are all key aspects of how we ensure the system itself is secure.
• Incident management type: Supplier-defined controls
• Incident management approach: Daily Monitoring of audit and security logs is carried out. Real time alerts are also configured and automated for any major spikes in abnormal activity.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Brightly have partnered with Our Classroom Climate (OCC) who provides selected schools 80+ videos on Climate Change, a science kit for growing algae in the classroom and an air quality monitor to measure the composition of gases and particles in the air we breathe. Educating Primary School children on the effects of climate change and air quality in their classrooms promotes wellbeing for residents as well as keeping people safe from harm. OCC is the UK’s first climate education programme with carbon capture and air quality audit using Brightly software to collate and report on the air quality across all participating schools. The classroom climate project offers enrolled primary schools creative and fun ways to learn about climate change, sustainability and essential global issues – while fully supporting the English national curriculum.

  Covid-19 recovery

  Brightly commits to holding local events/meetings where possible utilising local venues and catering providers for the event to increase local spend.

  Tackling economic inequality

  Brightly have partnered with 2B Enterprising to provide the 'Bumbles of Honeywood' Enterprise Education programme for primary school children aged 5 – 11 years. It has been designed by primary school teachers to support the development of pupils’ key skills required in work and life. This programme is funded and supported by local and national businesses, including Brightly, who are keen to invest in the next generation of leaders, employees and entrepreneurs – which eliminates the budgetary pressures on the school, gives businesses the opportunity to engage effectively with the youngest members of their community – our future, as well as helping to tackle economic inequalities.

  Equal opportunity

  With industry support, Brightly have launched ‘FLARE’, a new initiative designed to support and empower women working within Local Authorities' Highways Departments. FLARE, which stands for Female Local Authority Roads Engagement, aims to foster a strong network of women at all career levels, providing a platform for resource sharing and strategic collaboration.

  Wellbeing

  By utilising Brightly’s performance dashboards in our software, clients can track the well-being of crews and operatives in the field. This can help to identify trends in performance linked to mental and physical health.

Pricing

• Price: £1,000 to £5,000 a licence a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukgcloud@brightlysoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.