Causeway Technologies Limited

Causeway365

Causeway365 is an analytics and integration platform, with functionality covering:
Real-Estate Lease/Property
FM/Operations/Workforce
Workplace/Occupancy – including utilisation
Environmental, HS&E
Operations– with self-service for employees and preventive scheduling
Asset-Management
Financial analysis
It is designed for ease of use and visualisation of valuable information

Features

• Covers real-estate, FM operations, workplace, environmental, projects, financials
• Scalable – adaptable for small or large global organisations
• Integration - fullest range of options, including APIs, ETL module
• Configuration – user managed dashboards- revise or create new
• Extendible database – users can add new tables and attributes
• Intuitive, visually compelling dashboards with extensive use of maps
• Multi-platform – available on all devices and browsers, responsive design
• Branding – look and feel to match organisation “house-style”
• Secure, scalable solution – with high availability and reliable performance

Benefits

• Rapid deployment – with simple, robust, client focused methodology
• Flexibility – adapt to any organisation model
• Early benefits realisation – with mobilisation to match organisation priorities
• Low-risk proven solution, with diverse and demanding client base
• Acceptance – integrates into organisation with single-sign-on (SSO)
• Minimal training needed, help guides can be embedded within system
• Evolution – roadmap of constantly improving functionality
• Service Management Framework – ITIL based, comprehensive model
• Ensure effective use with comprehensive tracking and auditing of use
• Low TCO with simple but comprehensive systems administration module

£1,750 a licence a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hywel.evans@causeway.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

917414063301335

Contact

Hywel Evans
01628552000
hywel.evans@causeway.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Causeway365 can be used stand alone as an "analytics and integration platform". It provides comprehensive and cohesive analytics across an organisations property, FM operations, workplace, energy and capital projects. It integrates data from multiple, diverse systems. This can be used to enhance Maximo, TRIRIGA, FM:Systems, Planon or other IWMS/CMMS systems.
• Cloud deployment model: Private cloud
• Service constraints: Limited off peak Planned Maintenance as set out in the Service Description document
• System requirements: Entirely web based and works on all common browsers

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: All tickets are responded to in accordance with the SLA assigned to that ticket in Business Days only; P1 - 1 hour, P2 - 2 hours, P3 - 4 hours, P4 - 9 hours, P5 - 9 hours. More detail in the Service Description Document; ; More detail in the Service Description Document
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The same level of support is offered to all customer. The Causeway Support team operates a structured and documented methodology for logging, prioritising, progressing and closing enquiries, giving customers visibility of progress and peace of mind that their enquiries are getting the attention they rightly deserve. All requests for Causeway Support will be handled according to the severity level provided by the customer – Critical, High, Medium or Low. A request may include any issue a customer reports regarding the documentation, operation or configuration of the Software. ; ; All customers are assigned an Account Manager.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Causeway have a simple, but robust and proven, methodology for deploying Causeway365. This is an “output” driven model that uses rapid-prototyping to configure a solution that meets client needs – without starting from a “blank sheet”. Deliverables from this include:; • Prototype of Causeway365 – configured to meet all agreed requirements; • Business Value Assessment – impacts on processes, activities and data quality; • Application architecture – how Causeway365 integrates with other systems; interface specifications; • Data Quality – analysis of quantitative and qualitative issues with data; actions to address at source; • Deployment plan – including acceptance criteria and UAT plan; training; communications; cutover; • Service management framework – how Causeway365 will be supported, changed and upgraded
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: At any time clients can export data from within Causeway365. At the end of a contract should a client wish a bespoke export in a defined format this can be agreed and provided. There may be a charge for this depending on the format required and work involved.
• End-of-contract process: At the end of the contract when service terminates Causeway will provide to the client documentation to confirm the removal / deletion of all client data. If a client wishes a specific data export this can be provided at a charge depending on the format and work involved.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Causeway365 is developed using "responsive design" and will automatically optimise its layout for the device on which it is being viewed.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Causeway365 offers an extensive range of API interface options for interacting with the application, and our preferred approach is to interface with your underlying systems to provide our analytical capability on up-to-date information without any additional administrative overhead for your internal teams. We have connectors built for common applications, but our API is flexible and configurable allowing other data sources and systems to be integrated. The API:; · can be used to export data to a database, a web service or an attachment on an email; · can be used to automatically populate and synchronise information from your data warehouse or golden source of information. Multiple sources can be combined.; · accepts data “pushed” to it from another system, or can “pull” data from any source; · can be used in real time or based on a schedule or trigger; There are no limitations on the number of users who can be granted permission to make changes through the API. Role based security controls which users have permission to use the API.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Causeway365 has extensive configuration options. These include modifying existing dashboards and reports; creating new dashboards and reports; and extending the database with new entities and attributes. All of this is achieved with a single code base. Therefore although clients can have deployments unique and specific to them, there is only one Causeway365 application.

Scaling

• Independence of resources: Causeway365 installations are client specific without any shared infrastructure resources. The system is also hosted with a professional third party hosting firm that has scalable resources.

Analytics

• Service usage metrics: Yes
• Metrics types: As a standard all clients are provided with metrics that match all services in our catalogue. These include availability, response and resolution times for incidents and requests.; Clients themselves can see usage statistics from within Causeway365.; Client specific metrics can be agreed.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Every dashboard has an ability to export to Excel and PDF. There are also mechanisms for export of large volumes using the ETL and API framework.
• Data export formats: Other
• Other data export formats:
  • PDF
  • Excel
  • ETL and API framework
• Data import formats: Other
• Other data import formats:
  • Excel
  • ETL and API framework

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Availability Uptime of 99.5%.; ; This is measured monthly and reports can be provided.; ; Customers are not refunded if availability is not met. This can be discussed on an individual basis.
• Approach to resilience: Causeway and our hosting provider are ISO27001 certified and this information is available on request.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: The serviced is managed in-house and access is not granted to any external support channel.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyds Register
• ISO/IEC 27001 accreditation date: Originally 20/1/2014 and 20/1/2017 and 20/1/2020
• What the ISO/IEC 27001 doesn’t cover: All covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: ISO22301

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Causeway is ISO27001 certified and has all relevant information security policies. ; All employees must read and accept all policies on induction and when any changes are made. ; Information Security training is provided at induction and annually thereafter. ; The Information Security Team led by our Chief InfoSec Officer (CISO) review and update (where necessary) policies annually. ; Employees are encouraged to report all information security breaches and these are reviewed by the Information Security Team. ; Breach of policies forms part of our disciplinary processes.; The CISO is supported by an Information Security Team represented by the main departments of the business.; Policies include: InfoSec, BCP, Electronic Communications, Data Protection, BYOD, Secure Development, Source Code, Removeable Media, Password, Access Control, Change Control, Social Media.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: There is a structured approach to configuration and change management. System patches and updates are managed via a range of automated tools such as WSUS and SCCM. Change to systems, infrastructure and application are managed through a formal change management process – with assessment and authorization granted via the Change Advisory Board (CAB). The CAB meets on a weekly basis to assess proposed changes for implementation during the following weeks change window. Emergency changes require the same approvals but expedited procedure. All changes undergo a retrospective review to ensure the change went as planned or if further action is required.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Causeway’s programme is a fully integrated approach to managing all the assets and products. The assessment process includes reviews across the development cycles, release and deployment. The program combines both internal and external scanning solutions. An external qualified third party are engaged at various points during the year to conduct a combination of application and infrastructure pen-testing and vulnerability assessments. The Qualys CloudGuard Vulnerability Management and Web Application Scanning tool is deployed for internal scanning. Vulnerabilities are defined and prioritized according to the CVSS and CVE releases. All reports are review by the Compliance team and issues defined and actioned.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: The asset and infrastructure are monitored using the Solarwinds network monitoring tool, this ensuring the capability to track the overall health of the network, infrastructure and other assets – using event logs, threat detection, capacity thresholds and activity alerts. these are actively monitored in real time across our international established support teams. The process meets the guidelines set out in both the Cyber Assessment Framework V.3 and also NIST SP800-137 (Network Security Monitoring)
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: The Causeway incident management procedure is fully aligned with industry best practice standards – the process is managed in two parts allowing for the appropriate prioritisation of activities, controls and mitigating actions – 1. The Cyber / security incidents are aligned to ISO 27035 2. Support and other technical incidents are managed within the ITIL Framework / ISO 20000. Users report incidents via Support Helpdesk or Account Managers and incident reports are provided on request.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Causeway365 has standard dashboards for reporting on key areas of Energy, Waste and Sustainability.
• Covid-19 recovery:

  Covid-19 recovery

  Financial and Metric dashboards allow reporting over time and comparisons. Useful for analysing how recovery is progressing and highlighting strong/weak areas; ; Supports working from home
• Wellbeing:

  Wellbeing

  Document repository could store key well being docs; Some flexibility exists for adding client specific wording/links to company intranet or other sources of related wellbeing resource

Pricing

• Price: £1,750 a licence a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hywel.evans@causeway.com. Tell them what format you need. It will help if you say what assistive technology you use.