Collab-Advisor Limited

Satori Specification and Design Management

Collab-Advisor, a UK software firm, promotes collaboration, compliance, and data sharing for workspace documentation and standards. Our tools enable organisations to integrate workflows, such as BIM and Project Management, visualise data in 3D, and efficiently manage ongoing data maintenance, enhancing workspace efficiency and asset sustainability

Features

• Single source of truth repository
• Design standards Management
• Custom project workflows
• Create & share documentation with all stakeholders
• Interact with BIM models and data
• Collaborative Working
• 3D and Floorplan integration
• Integration with Revit
• ESG and MMC
• AutoCad Integration

Benefits

• Easy access to relevant information
• Standards met from design to build out of construction projects
• Remove data that is not relevant from specific projects
• Share data securely with multiple third parties
• Access BIM 3D without incurring additional licensing
• Consistency of design
• Knowledge Sharing across design disciplines
• Low Cost of Ownership
• Streamline data flow and increase efficiency
• Reduce cost on project and design delivery

£7,500 an instance a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dylan@satori-data.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

850951617022058

Contact

Dylan Lewis
+44 (0) 7814 465 242
dylan@satori-data.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: AutoCad; Revit
• Cloud deployment model:
  • Private cloud
  • Hybrid cloud
• Service constraints: No constraints.
• System requirements:
  • Web browser access
  • Internet Connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Satori prioritises tickets based on severity from P1 to P5: ; ; P1 (Highest Priority) - Critical issues that severely impact operations or system functionality and therefore Urgent. ; ; P2 - High-priority issues that affect major functionality but do not completely halt operations. ; ; P3 - Moderate issues that affect some system functionality but workarounds. ; ; P4 - Low-priority issues that have minor impact on operations. ; ; P5 - General requests or issues that have negligible impact on operations. ; ; Support is available from 8 AM to 6 PM GMT, Monday through Friday. We ensure support is accessible during standard business hours in the GMT time zone.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We offer a structured support system through its built-in ticketing system, which prioritises tickets based on severity from P1 to P5: ; ; P1 (Highest Priority) - Critical issues that severely impact operations or system functionality. These are addressed with the highest urgency. ; ; P2 - High-priority issues that affect major functionality but do not completely halt operations. ; ; P3 - Moderate issues that affect some system functionality but have workarounds. ; ; P4 - Low-priority issues that have minor impact on operations. ; ; P5 (Lowest Priority) - General requests or issues that have negligible impact on operations. ; ; Support is available during business hours from 8 AM to 6 PM GMT, Monday through Friday. This schedule ensures that support is accessible during standard business hours for users in the GMT time zone. ; ; Support is all included within the annual subscription cost.; ; All customers are supplied a Technical and Commercial Account Managers, that include Quarterly reviews.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The onboarding phases that take place to make this happen are highlighted below: ; ; Mobilisation - ; ; Create and Agree Scope of Work ; Mobilise Resources ; Identify Roles & Responsibilities ; Identify System Integration Points ; Agree Communication and RACI ; ; Data Collection- ; ; Template Population ; Data Validation ; Data Structure & Dependencies ; Users & Group Access ; UI Design and System Outputs ; ; System build and Configuration- ; ; Development ; System Configuration ; Data Migration ; Customise Look and Feel ; Workflows and Version Control ; Configure Integration Points ; Beta Testing Workshops ; ; Training & Go-Live -; ; Training – Admin & End-Users ; Gain system acceptance ; Continuous Improvement ; Go-Live ; Post On-Boarding Check Up ; Handover to Support ; Introduce Customer Success
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Excel
  • Word
  • PowerPoint
• End-of-contract data extraction: End-of-Contract data extract is provided as structured set of folder / files for all content and XML / JSON meta data.
• End-of-contract process: Data is provided at an agreed cut-over point and is made available to download securely for an agreed period before all data is removed from Collab Advisor systems.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There is no difference between mobile and desktop services. Satori is a browser-based application.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Satori is a browser-based application for managing workplace standards. The system is accessed 100% via any currently supported browser. The user can interact with different types of content, PDF, Free text fields, Revit Models, AutoCad files without the need for additional 3D plug-ins.
• Accessibility standards: None or don’t know
• Description of accessibility: We have targeted the product for WCAG 2.1 AA accreditation, but have not carried out an independent review at this stage. However the system has numerous features to allow the end user to customise their own end-user experience, so the end-user can personalise their home screen, content they see, colours, widgets and reporting templates.
• Accessibility testing: No testing has been carried out with assistive technology.
• API: Yes
• What users can and can't do using the API: We have an API framework consisting of a library of API endpoints that enable integration and extensions with other 3rd party systems.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can customise the service based on the user rights given to them by admin. The onboarding program will train personnel in doing the following:; ; Dashboard - the user can see what is relevant to them in terms of support tickets, frequently visited spaces etc.; ; Creating Spaces - training can be provided in creating spaces, 3D images, implementing construction phases and attaching Points Of Interest; ; Creating projects - training can be provided on setting up specific projects by utilising certain spaces and data that is only relevant to the project. The same can be achieved with setting yp third parties and managing the tendering process.; ; Satori is extremely customisable and largely depends on the client and how much work they want to do themselves. Everything is done on role based access.

Scaling

• Independence of resources: Satori is hosted by Azure (UK South and North). Ongoing performance monitoring is in place to ensure the suitability of the running stack to the observed load and activity. Satori is a shared SaaS solution, which allows our service to dynamically scale on user demand inline with our SLAs. Service guarantees are available for dedicated instances where an enhanced Service level agreement is in place.

Analytics

• Service usage metrics: Yes
• Metrics types: The end-user has the ability to configure their entire home screen to present a range of metrics and widgets of their choice. There are multiple out of the box widgets, and these range from end-user access of the system, role based access, project and specification updates, latest changes, access to updated projects, quick links and more.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data is imported / exported into the system using XML files or the publish API. Any data is validated before changes are made. Any files can be uploaded into the system content.
• Data export formats: Other
• Other data export formats: XML
• Data import formats: Other
• Other data import formats: XML

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The standard SaaS SLA for availability is 99.95%. Enhanced availability can be provided with client dedicated instances. Service credits are available for failure to meet SLA. Service credits will be accumulated on a calendar-year basis, and any credit will be applied to the annual bill immediately following the end of the prior calendar quarter.
• Approach to resilience: We have implemented fault tolerance across the solution as a whole. The solution runs only in Azure in the UK. We use all of the latest security controls from Azure and all data is encrypted by default at rest. We do everything in line with our ISO 27001 certification. We erase data when provisioning and de-provisioning. We run out of 2 Azure Data Center's (UK North and South) to add to resilience and back up strategy. Databases are backed up daily, with transaction log archiving allowing for point in time recovery in between these daily backups. Backups are encrypted (AES-256) and are kept for 30 days.
• Outage reporting: Outages are reported to client’s technical contacts via email.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access is controlled as follows; • Multi-factor authentication for named admin users to the hosted environment • Support Portal - dedicated client users with username and password • An email alert goes to the support agent with a unique ID • Access levels are reviewed periodically
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 25/01/2022
• What the ISO/IEC 27001 doesn’t cover: No restrictions
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: ISO 27001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Satori are committed to the establishment and maintenance of the Information Security Management System (ISMS) described in our Information Security Policy and implemented to meet the requirements of ISO 27001. All members of staff adhere to the policies and security procedures, which support the Information Security Policy. The objectives of the ISMS are to: • Meet legislative and regulatory requirements • Design, develop and run secure resilient applications • Identify and manage Information Security and Cyber Risks • Identify and manage risks within the supply chain. These intrinsically include: • Continual review and improvement of the ISMS and Controls • Comply with Customer security requirements • Report on the effectiveness of the ISMS and controls to the CEO • Provide assurance that Information Security is inherent within Business as usual activities

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The platform adheres to ISO 27001 standards, ensuring robust configuration and change management processes. Configuration management is systematically handled to maintain the integrity and traceability of system components. Changes undergo a rigorous assessment to identify potential security impacts. A formalized change management process involves documented procedures, including approval stages from relevant stakeholders and thorough testing before implementation. All changes are logged and reviewed in compliance with our audit requirements. This structured approach ensures that any modifications enhance system reliability and security without disrupting service continuity, thereby maintaining compliance with ISO 27001 standards.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our internal processes follow the OWASP Vulnerability Management Guide (OVMG).; ; The OWASP Vulnerability Management Guide (OWASP VMG) project seeks to establish guidance on the best practices that organizations can use establish a vulnerability management program within their organization. The guide provides in depth coverage of the full vulnerability management lifecycle including the preparation phase, the vulnerability identification/scanning phase, the reporting phase, and remediation phase. It covers off assessing risks, deploying patches and where potential threats may come from
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Automated alerts go to the security office. In the case of an availability or performance metric alert, the support team will be notified. In the case of an intrusion or intrusion attempt, the security team will be notified. A triage will take place to classify, prioritise and assign the incident. Classification will fall into one of four categories. Critical, Significant, Minor, Negligible Checks are performed automatically on the application, and automated alerts are dispatched to the team in case of availability events. Non critical are patched within next maintenance window. Critical within 30 days following successful testing
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident Identification-Notifications are emailed to IT, CEO, and Security. An impact Assessment is carried out, and immediate threats are resolved within the next maintenance window. The issue is recorded and added to IENC (Incident, Event, Non Conformity, Weakness) log. An investigation is carried out and evidence is collected independently for legislation. Reporting in the Quality, Safety & Environment forum Evaluation of Results and QSF updated. Discussed with CEO for action, improvement & risks. Continuous Improvement communicated to QSF. The incident is either closed in the QSF or action is taken until closure can be achieved. The IENC log is updated.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Buildings account for 37% of global carbon emissions [Source: UN 2022 Global Status Report for Buildings and Construction]. ; ESG is a framework for evaluating a company's sustainability and ethical impact, looking at environmental, social, and governance factors. It helps measure business risks and opportunities related to these issues, and its strong performance can enhance a company's reputation and stakeholder relationships. Essentially, ESG goes beyond profit to consider a company's broader societal and wider environmental impact.; The 3 pillars of ESG are:; Environment: Protecting nature for future generations (e.g., emissions, resource management, climate resilience).; Social: Promoting community well-being and equity (e.g., employee treatment, human rights, public health).; Governance: Ethical leadership practices (e.g., integrity, shareholder rights, transparency).; • Satori serves as a comprehensive solution that not only optimises 3D space management but also addresses key aspects of ESG initiatives.; • Satori promotes sustainability, efficiency, and responsibility across environmental, social, and governance dimensions, making it an ideal asset for organisations committed to holistic and responsible business practices.; • Satori is designed to reduce travel time and meetings, as a Global collaborative and repeatability solution for office fitouts, that also breaks down language and local barriers.

  Covid-19 recovery

  Satori equips organisations to rapidly adapt to future health and safety concerns, via our existing highly configurable collaboration solution.; Satori’s visual insights enables a data-driven approach to designing safer spaces, to reduce the chance of infection and provide employees with peace of mind.; Collaboration and Communication:; • Collaboration: Overcoming language barriers with visualisations fosters collaboration, enabling diverse teams to work seamlessly together on projects without the need for social interaction.; • Remote Collaboration: Satori promotes remote collaboration, significantly reducing the need for site visits, minimising carbon footprint, public transportation usage and the possible transfer of infection across project teams.

  Equal opportunity

  Satori is committed to encouraging equality, diversity and inclusion among our workforce, and eliminating unlawful discrimination. The aim is for our workforce to be truly representative of all sections of society and our customers, and for each employee to feel respected and able to give their best. The organisation - in providing goods and/or services - is also committed against unlawful discrimination of our clients and their staff members.; The wider benefits of Satori include Error Reduction: The platform's capabilities identify errors early in the design phase, mitigating risks, reducing rework, and contributing to responsible governance practices allowing local teams to collaborate and build with confidence.; Transparency and Accountability: Satori promotes transparency by providing stakeholders with a clear understanding of design and construction processes, aligning with governance principles, applying clear communication across all stakeholders, and promoting a one-team ethos across the business.; The system allows for different types of end user engagement, free text fields, visual aids in the form of PDF, Word, Excel, Cad Layouts, 3-D images and more.

  Wellbeing

  Those who are responsible for caring for others, those who live further away from city centres and those who suffer from disabilities can achieve greater flexibility by using Satori to help bridge that gap on Team collaboration.; Satori helps organisations rebuild social connection by making it easier to work collaboratively through one version of truth. ; With the ability to have a single source of truth, this means less mistakes to projects and reduced impact to cost and time. All parties benefit from access to the right information, first time and digital information is easy to obtain in a way the end user can tailor to suit.

Pricing

• Price: £7,500 an instance a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We offer a Proof of Concept for eligible opportunities and the period is user defined.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dylan@satori-data.com. Tell them what format you need. It will help if you say what assistive technology you use.