Advice Infrastructure Ltd

The FORT System - Fast Online Referral Tracking

The Fast Online Referral Tracking (FORT) system allows agencies to refer clients to each other through a cloud-based portal. The system also offers a multi-partner CRM function for the secure exchange of non-referral information.

Features

• Integrated Texting
• Remote Access
• Business Intelligence Reporting at Datazone Level
• Group Register Function
• Integrated Letter Templates
• Integrated Educational Psychology System
• Integrated System for Support Services in Education
• Integrated Youthwork Management System

Benefits

• Improves communication across teams
• Better understanding of client base
• Clients get to the right service
• Improve Referral Flow
• Quickly Track Family Support Interventions

£8,000 to £100,000 an instance

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Joe@adviceinfrastructure.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

989729644300617

Contact

Joe MacIntyre
01382 238906
Joe@adviceinfrastructure.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements: System requires modern Browser (IE11 and above)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 1 working day - Saturday and Sunday are not working days
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: This product includes all technical support and unlimited helpdesk support for all users.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide online and onsite training for our system. User documentation is presented in the form of a solutions article repository and can be amended to suit the exact requirements of each buyer. In the case of amended support documents, the buyer is responsible for suggesting / managing any amendments. Users can access a range of videos explaining how the system works and these can be amended to suit each buyer.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Users are given the option of extracting data in CSV or a similar format.
• End-of-contract process: Towards the end of the contract, we will discuss with the buyer options regarding the deletion / transfer of existing data. The transfer of data to the client in a flat format (eg CSV) is included in the price as is the secure and final deletion of data. An additional cost may be incurred should clients request a data transfer in a bespoke format.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: Logged in users can access a tabbed navigation structure leading to the various system functions.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: Users with visual difficulties use the system and have fed back to us on site navigation issues.
• API: No
• Customisation available: Yes
• Description of customisation: The logos on the system can be customised and all the functionality within the system (CRM Design, Referral forms etc) can be customised for exact client requirements.

Scaling

• Independence of resources: We monitor system use and flex resources to ensure all users have the required level of service.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics are dependent on what information is collected. We work with services to develop a bespoke suite of service metrics that can then be accessed on a self service basis
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Services are given access to a secure reporting site allowing the export of data. Using filters they can self service their own data export requests
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • PDF
  • Excel
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We provide 99.5% uptime (over any 12 month period) and users are refunded pro-rata for any service delivery below that. The refund process can be initiated from the helpdesk.
• Approach to resilience: Details of resilience are available on request
• Outage reporting: Email alerts are sent to the system administrator and details are published on a separate section of our help desk.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: The system and support channels allow for the creation of user groups with restricted access to various functions and information items of our system. The user groups are either managed by (at request) advice infrastructure or self-managed by service super users.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: 2 qualified directors oversee all cybersecurity issues and no changes are made without both of them signing off.
• Information security policies and processes: We have an information security policy which is given to all agencies using our system. We are registered with the ICO and the information security policy is a director-level document that is reviewed quarterly. ; We have named individuals at the director level responsible for Information insecurity and all requests that impact information security are reported to both these directors.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All our packages are provided, compiled and maintained by RHEL (Red Hat Enterprise Linux).; When a new stable version of NGINX is released by the vendor; there is then a great deal of testing and validation that RHEL undertakes to ensure stability in the RHEL environment, incorporating; changes to other package dependencies that are also then tested and validated. Only then does a new RHEL NGINX compiled package find its way into the RHEL release channel. At all times, all relevant security exploits are back-ported by the OS vendor into the latest RHEL NGINX; version.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Security patches are automatically downloaded on a daily basis, as soon as they are released by our OS and application vendors. Those patches are then installed/tested on mirror (non-production) servers before being installed/tested on our production system. Penetration tests are undertaken regularly, both by external agencies and by ourselves.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: All servers and systems are provided with uptime monitoring and real-time notification of issues by SMS and email to technical directors. We are able to respond to any issues instantly. Our systems are deployed in docerkised containers which reduces exposure and means that any compromise to the application will not be carried forward when the container is restarted.
• Incident management type: Undisclosed
• Incident management approach: Users can use any of our support channels to report incidents. All incidents are graded by our support staff using a template agreed with the buyer and monthly incidents reports are available for each buyer from our helpdesk facility. There are predefined processes for common events and these are notified/agreed with the buyer at launch.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality

  Fighting climate change

  Our systems help people work from home effectively, reducing greenhouse gas emissions. We also have a green transport policy that encourages our staff to prioritise Public Transport while travelling for work.

  Tackling economic inequality

  As an SME our business has grown over the last 5 years and we have seen our workforce double from 3 to 7 Employees. The delivery of this contract will create employment opportunities in a high-growth sector.

Pricing

• Price: £8,000 to £100,000 an instance
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Joe@adviceinfrastructure.com. Tell them what format you need. It will help if you say what assistive technology you use.