FMIS Ltd

FMIS Fixed Asset Management

Fixed Asset Management Software for public sector bodies to ensure compliance with UK GAAP and all other major accounting standards. FMIS provides Asset Tracking, Accounting and Maintenance with UK based hosting and support. The software is well suited to NHS, Local & Central Government as well as Non-Profit organisations.

Features

• Automated depreciation calculations
• IFRS 16 compliant lease accounting
• UK based hosting and support
• Compliant with IFRS, SORP, CIPFA and HM Treasury guidelines
• Comprehensive reporting suite
• Integrated barcode/RFID tracking
• Equipment maintenance schedules and work orders

Benefits

• Save time, simplify year-end and close down periods faster
• Automatically depreciate property, plant and equipment
• Calculate and forecast asset depreciation for large volumes quickly
• Extensive reporting and search facilities for assets and equipment
• Faster audits with integrated barcoding and RFID
• track all asset events from purchase to disposal
• Import/export data directly from spreadsheets to save time
• Attach files such as photos, purchase orders or warranty documents
• Reduce maintenance costs and equipment downtime
• Set automated reminders for all maintenance tasks

£500 a licence a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at johnderobeck@fmis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

996872326233056

Contact

John de Robeck
+44 (0) 1223 773003
johnderobeck@fmis.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: The FMIS desktop application can be accessed through any browser and the mobile application is available for Android and iOS. For private cloud implementations, the client may be required to handle server configuration and backups.
• System requirements:
  • Desktop application requires browser with appropriate network access
  • Mobile application is available for iOS or Android

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: FMIS operates a priority-driven support model with high priority tickets receiving a response within a maximum target of 1 hour. FMIS Standard Support Hours are 9 am to 5 pm UK time Excluding public holidays and December 24th – January 1st.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: FMIS offers comprehensive UK-based support for all our solutions. Support is provided for all trained users and covers implementation, training, technical and functional support tickets. Tickets can be raised via email, web or phone and the number of tickets is not capped.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: FMNIS provides end-to-end implementation support from requirements workshops to installation, configuration, training, data imports, UAT and post-implementation support.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: FMIS allows users to export most data at any stage without the need for FMIS support. For end-of-contract data exports, FMIS is able to provide support for any background data not available through the system import/export tools.
• End-of-contract process: FMIS does not charge any termination fees for completed contracts as standard. Clients may elect to extend their contract on an annual renewal basis after the initial term.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The FMIS Mobile Asset Manager Application is available for Android and iOS devices through the relevant stores.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: FMIS provides extensive user-driven configuration options without the need for development. For clients that require additional enhancements, FMIS offers bespoke feature development and a client-driven development roadmap.

Scaling

• Independence of resources: For public cloud clients, FMIS provides each client with a separate database instance. FMIS Cloud hosting is UK-based and deploys real-time load monitoring and management with offsite server replication and backups.

Analytics

• Service usage metrics: Yes
• Metrics types: FMIS allows authorised administrators to view a full user audit history including access history and actions.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: FMIS offers a full suite of import and export tools within the system to allow clients to export data to Excel or PDF. Where automated interfaces are available, data may be exported directly to an integrated application.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XLSX
  • PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats: XLSX

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: FMIS guarantees a minimum of 99.5% uptime for FMIS Cloud Hosted solutions.
• Approach to resilience: FMIS Cloud hosting includes:; - Redundant dual-path power distribution and switching; - Resilient uninterruptable power supplies; - Dual auxiliary power generators; - Redundant air handling and conditioning systems; - An external plant area accommodates energy-efficient dry-air coolers and two auxiliary diesel generators.
• Outage reporting: FMIS will notify clients directly when a system outage is identified either via email or phone.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to and acceptable use of all FMIS and client information assets is controlled under the FMIS Access Control Policy contained within the FMIS information security Management System (ISMS).
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
• Description of management access authentication: Management access to any FMIS Cloud server environment is restricted by user profile, IP address, server certification and username and password.

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International (ASCB Accredited)
• ISO/IEC 27001 accreditation date: 10/09/2019
• What the ISO/IEC 27001 doesn’t cover: The statement of applicability covers all areas under ISO 27001 with controls in place from A5 to A18:; Area Number of ISO/IEC 27001 (Controls); A.5 Information security policies 2; A.6 Organization of information security 7; A.7 Human resources security 6; A.8 Asset management 10; A.9 Access control 14; A.10 Cryptography 2; A.11 Physical and environmental security 15; A.12 Operations security 14; A.13 Communications security 7; A.14 System acquisition, development and maintenance 13; A.15 Supplier relationships 5; A.16 Information security incident management 7; A.17 Information security aspects of business continuity management 4; A.18 Compliance 8
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials
• Information security policies and processes: FMIS maintains the following Information Security Policies amongst others in line with ISO 27001 requirements:; • Access Control Policy; • Anti-Piracy Policy; • Backup Policy; • Clear Desk Policy; • Cloud Computing Policy; • Complaints Policy; • Cryptographic Controls Policy; • Data Protection Policy; • E-mail & Internet Acceptable Usage Policy; • Hiring Policy; • Information Classification Policy; • Information Exchange Policy; • Laptop Policy; • Leaving Policy; • Network Systems Monitoring Policy; • Password Policy; • Remote Access and Mobile Computing Policy; • Retention of Records Procedure; • Secure Development Policy; • Security Incident Reporting Policy; • Social Networking Policy; • Teleworker Risk Assessment (replaced by Remote Access Request Form); • USB Memory Sticks Usage Policy; • Virus Protection Policy; • Whistleblowing Policy

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All FMIS projects and changes are managed in line with the FMIS Change Management Policy and ISO 27001 requirements. FMIS works with our clients to ensure that all necessary security checks and assurances are provided.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: FMIS actively monitors new and known threats using a combination of industry resources, scans and penetration testing. All high-risk patches are applied as soon as available and at least monthly.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: FMIS Cloud Hosting Partners, proactively monitor all applicable network and hardware performance and availability to ensure early visibility of any issues that may affect network performance.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents, breaches and near misses are recorded, notified and managed in line with the FMIS Information Security Management System (ISMS) and specifically the FMIS Security Incident Reporting Policy in line with ISO 27001, GDPR and ICO requirements.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  FMIS actively supports initiatives to reduce the company's carbon footprint and that of our clients through a range of initiatives including a digital-first work environment, remote working and environmentally friendyr vendor selection.
• Covid-19 recovery:

  Covid-19 recovery

  FMIS is committed to keeping our community, clients and staff safe. We understand that many of our clients are providing essential services or products and all are working in a very challenging time. We are working hard to ensure that we can continue to provide the support that all our users need.; Ongoing support; In response to Covid-19 and in line with government and healthcare guidelines, FMIS has implemented a number of changes. These changes include remote working for all staff where possible and may influence how we can best meet your needs.; Support is available as normal. We recommend contacting us via email at support@fmis.co.uk as this will enable us to respond more quickly to your request where staff are working remotely. ; On-site meetings – All FMIS meetings are conducted electronically wherever possible.; Opening hours – FMIS remains open from 09:00 to 17:00 UK time. ; FMIS will continue to monitor the situation closely and will update our policies in line with government advice as this is updated.
• Tackling economic inequality:

  Tackling economic inequality

  FMIS has a zero-tolerance approach to modern slavery and human trafficking and are committed to acting ethically and with integrity in all activities and business relationships and we expect our supply chain, contractors, employees and all other business partners to commit to the same, including implementing and enforcing effective systems and controls to prevent and detect modern slavery.
• Equal opportunity:

  Equal opportunity

  FMIS is committed to equal employment opportunity and employs all qualified persons without regard to race, colour, religion, national origin, sex, age, handicap, or any other classification.
• Wellbeing:

  Wellbeing

  FMIS is committed to providing a healthy working environment and improving the quality of working lives for all staff.

Pricing

• Price: £500 a licence a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at johnderobeck@fmis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.