sms technology

Operational area management software

A fully customisable solution allowing organisations to digitalise operational areas for compliance recording and KPI metrics. A net zero service provider to not affect scope 3 emissions as well as enabling quantified reductions to site emissions from existing processes

Features

• Geo location
• Barcode scanning
• Real time reporting
• app based
• analytics
• Customisable

Benefits

• Net zero
• Easy to implement and train 3 hours for admin
• easy to train operators 10 mins
• Training videos
• no hidden costs
• can be hosted locally

£20 a licence a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pwilliams@sms-tech.org. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

744853954578317

Contact

peter williams
07398542310
pwilliams@sms-tech.org

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No service constraints
• System requirements: Any hardware with wifi or 4g+ connectivity

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 4 hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Support is prominently required on set up only once product is in we have not needed to support for issues but for retraining new members- we have developed a training suite in the platform which can be accessed 24-7 to reduce the need for retraining support and costs
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onsite or online training - as well as access to a training suite and how to manual
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data can be transferred to another server for archiving or can be set up in there own server from the start with product licenses.
• End-of-contract process: Included in the price of the contract is set up, training, license's - additional licenses can be purchased - hosting of the data - data can be hosted locally with a higher up fornt cost but reduced ongoing costs.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: On mobile devices capture feature and training suite - on desk top admin level access to create new forms and questionnaires, plus analytic dashboards.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: The system is fully customisable allowing any documentation to be created to buyers requirement.; ; Admin are the only ones allowed to customise forms however view of the system light/dark mode can be customised per user

Scaling

• Independence of resources: The product is hosted in Azure so no scaling issues - Several clients are also on there own servers

Analytics

• Service usage metrics: Yes
• Metrics types: Administrators are able in settings see usage of the system
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported via csv or PDF
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: We have a 4 hour system availability in place - Refunds available and defined in contractual start
• Approach to resilience: Available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Limited access network (for example PSN)
  • Username or password
• Access restrictions in management interfaces and support channels: Set at admin level of buyer in the organisation
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Citation
• ISO/IEC 27001 accreditation date: 01/02/2022
• What the ISO/IEC 27001 doesn’t cover: Currently undergoing latest level of standard moving to iso27001 2022 will achieve accreditation at the end of March 2024 - currently on ISO 27001 2016; ; No exclusions
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Inline with ISO27001 2022

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Change logs are built in when documentation is changed
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We do 6 monthly penetration testing
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: 6 monthly testing with critical developments to correct issues
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Tailored to client requirements

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are a net zero supplier and can quantify emissions reductions of our clients

  Tackling economic inequality

  We support many local charities as part of our CSR policy

  Equal opportunity

  We have an equal opportunity policy in place which is monitored as part of management reviews

  Wellbeing

  We review staff well being as part of our internal policies

Pricing

• Price: £20 a licence a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pwilliams@sms-tech.org. Tell them what format you need. It will help if you say what assistive technology you use.