ATKINSRÉALIS UK LIMITED

FARYNOR™

FARYNOR™ is a comprehensive and adaptable Fire Safety Records Management System. It greatly improves fire safety management by providing accurate and timely information and is fully compliant with Government requirements for the Regulatory Reform (Fire Safety) Order 2005 and helps services capture data required under the Building Safety Act 2022.

Features

  • Compliance with legislation and statutory reporting requirements
  • Single source of truth about location-based information
  • Customisable to help meet your organisations needs
  • Comprehensive – manages all fire safety activities
  • Mobile – increasing productivity and data accuracy

Benefits

  • Key risk data available when needed
  • Easier to share data with stakeholders allowing greater stakeholder input
  • Flexible to allow for changes in legislation and operating procedures
  • Efficient, promoting best practice saving time and money

Pricing

£39,500 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ccs@atkinsrealis.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

3 0 7 0 9 4 2 4 2 7 1 2 4 8 5

Contact

ATKINSRÉALIS UK LIMITED Martin Yeoman
Telephone: +44 1372 75 2023
Email: ccs@atkinsrealis.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
No
System requirements
  • Gazetteer Service
  • Mobile Applications – Windows 10
  • Azure Active Directory for authentication/authorisation e.g. Office 365

User support

Email or online ticketing support
Email or online ticketing
Support response times
Business Day, Monday - Friday:

• A – Critical, respond in 2 working hours, providing circumvention instructions where possible or fix within 1 working day
• B – Major, respond in 4 working hours, providing circumvention instructions where possible or fix within 2 working days
• C – Functional failure, respond in 8 working hours, providing circumvention instructions where possible or fix within 7 working days
• D – Intermittent failure, respond in 8 working hours, providing circumvention instructions where possible or fix within 15 working days
• E – Minor, fix included in next appropriate release.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Standard Support - 09:00 – 17:00 hours, Monday to Friday (exc. English Public Holidays).
Incidents may be logged via the web, telephone or email during these times. Additionally, Incidents
may be logged via the web outside of these hours, but will not be progressed until the next
working day. Software fixes will be progressed during these hours, and a release made available in agreement with the customer and Atkins release schedule.

7 days per week – see Standard Hours, with the addition of being able to log and receive responses to Incidents on Saturday and Sunday. Please note, we operate a Restoration of Service (RoS) during hours outside of our standard hours e.g., Saturday, Sunday and English public holidays –
See below for RoS definition.

24/7 - see 7 days per week, with the addition being able to receive responses on a 24/7 basis.

RoS – during extended out of hours support, the aim is to get the Customer operational as soon as possible. Software fixes will not be provided out of hours e.g., outside of our standard hours of Monday – Friday, 0900 – 1700. Incidents remain the responsibility of the Technical Support team throughout the life cycle.
Support available to third parties
No

Onboarding and offboarding

Getting started
Training is available at an extra cost.
Data restoration and migration are not part of this service by default. These services can be purchased separately. Atkins can migrate existing client data into FARYNOR™. The price of this service is dependent upon the amount and variety of legacy data to be migrated and will be determined during a clarification exercise prior to the commissioning of any work.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
A standard database backup of any record data will be made available to the client upon Termination of the service. Any files stored will be made available for download.
End-of-contract process
Once the contract has ended the account will be removed from the service and any records destroyed.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
Yes
Compatible operating systems
  • Android
  • Linux or Unix
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The mobile service is designed explicitly for capture of form related information (eg Fire Safety Audit Forms).
Service interface
No
User support accessibility
None or don’t know
API
No
Customisation available
Yes
Description of customisation
User Defined fields can be defined against primary record types by authorised users; these enable the storing of additional data in key types (single/multi-select lists, numbers, yes/no fields, text, etc). Additional (charged) custom business logic can be written by Atkins to support extensibility and automation.

Scaling

Independence of resources
We use a public Cloud platform that can scale automatically based on usage by customers.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
Never
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Reports enable export of most common queries as either PDF, Excel (or CSV); a custom reporting server can be purchased enabling user-defined SQL queries.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Our service provides 99% uptime during the agreed hours of service.
Approach to resilience
We utilise an Azure cloud environment. It provides an environment that is: - Scalable through auto-scaling (up and out) - Highly available through automatic failover and full active-active High Availability The system is deployed across a multi-node environment ensuring that node failures do not bring the system down, the cloud management platform continually balances load across nodes and moves running services across nodes when issues are detected.
Outage reporting
Outages are reported to our clients via email through the Technical Support helpdesk.

Identity and authentication

User authentication needed
Yes
User authentication
Identity federation with existing provider (for example Google Apps)
Access restrictions in management interfaces and support channels
Access to client services is via an authorised user with Active Directory for authentication/authorisation.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Lloyd’s Register Quality Assurance Limited
ISO/IEC 27001 accreditation date
16/06/2010
What the ISO/IEC 27001 doesn’t cover
It excludes information handled within client specific secure environments that operate under more stringent security controls and A.14.2.4 Restrictions on changes to software packages.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Atkins Aerospace, Defence, Security and Technology (ADS&T) holds ISO 27001 and all our UK businesses are independently certified as achieving the ISO 9001:2008 quality management standard. Atkins follows a Business Management System (BMS) approach that brings together all of our business processes in one place. The BMS assures our clients through the certification of ISO 9001, OHSAS 18001 and ISO 14001, and forms a key part of the Atkins Governance Framework, which also includes our Group Policy Statements and Code of Conduct. BMS is key part of our governance process, translating the Group controls into a set of core processes that are applicable across the business.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Configuration control is performed using source code management and version numbering. Our change management process is invoked whenever a change to the system is required. A change management plan is created, including identification of risks and associated mitigation. Software changes are managed in accordance with TickITplus accredited quality framework and taken through rigorous testing cycles. Before installing in the live environment, a rollback plan is formulated, and any required downtime agreed. The changes are installed in live environment and checks performed to ascertain the change was successful. Where problems arise the rollback plan is initiated restoring system to baseline state.
Vulnerability management type
Undisclosed
Vulnerability management approach
None
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
• 24 / 7 / 365 monitoring of server availability and performance with a restart option should the server fail out of hours
• Threshold monitoring to ensure potential problems are detected and addressed before they become critical
• Failover at any time of the day or night in the event of complete server failure
• Secure off-site data backup
• Disaster Recovery procedures and management Business hours support services for non-critical incidents.
Incident management type
Supplier-defined controls
Incident management approach
Priority 1, Critical: The problem is stopping all work on the system.
Priority 2, Major: The problem is preventing the operation of a major sub-system or a group of users.
Priority 3, Functional failure: The problem is affecting a particular function for a significant/high number of users.
Priority 4, Intermittent failure: The problem is affecting a particular function for a minority number of users. Is intermittent and impact to operation is low.
Priority 5, Minor: Minor issue. Very low impact to users or the problem is cosmetic.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

Atkins is committed to fighting climate change as evidenced through becoming carbon neutral in 2021 as we drive our carbon emissions down to our net zero target by 2030. We have signed up to science based targets to reduce our own emissions through the global Race to Zero initiative.
Our commitment does not stop here but supporting our clients to meet their environmental reduction targets to. That is why we are staff upskilling our staff to understand the environmental impact of decisions use these as considerations throughout the delivery lifecycle to provide better solutions for our clients. We will work hand in glove with our clients, helping provide awareness of the climate impact of solutions the decisions that could be made such as circular economy opportunities.
Through providing a cloud hosted platform for Farynor, examples of where this will be achieved are:
• Reduced energy consumption to that of on-site servers
• Improved allocation of resources – less on-premise servers will require less hardware, resulting in reduced cooling and space needs to operate the service
• Reduced travel resulting in less fuel consumption by staff – mobile working allows staff to work more efficiently
Atkins continually reviews its environmental performance to identify areas where a change in approach can drive improvements or new initiatives locally and across our business.

Pricing

Price
£39,500 a licence a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ccs@atkinsrealis.com. Tell them what format you need. It will help if you say what assistive technology you use.