Frequently Asked Questions

Frequently Asked Questions iForce

General Business Questions

Founded in 1997, iForce is now owned by Culina Group, a full-service logistics provider. iForce is a leading provider of fulfilment and returns solutions for retailers, manufacturers, and brands of all sizes. iForce’s services span multi-channel fulfilment, returns management, returns repair/refurbishment, re-commerce and carrier management.

iForce can provide warehousing, including Bonded / HMRC Custom and Excise Approved and multichannel fulfilment services. iForce will comply with all applicable laws and regulations governing the storage and transportation of restricted products like alcohol and Cigarettes. This includes laws and regulations related to:

  • Age restrictions
  • Licensing
  • HMRC Custom & Excise controls and reporting
  • Taxation
  • Product safety
  • Environmental protection

iForce take several measures to ensure that all our warehouse are secure, and product is handled and accounted for correctly. These include:

Physical security: The warehouse is equipped with security measures such as fencing, security cameras, patrolling security guards and access control systems.

Training: All employees are trained on the security procedures for handling regulated/restricted products.

Audits: Our warehouses are regularly audited to ensure that security procedures are being followed.

iForce provides fulfilment solutions across multiple product categories and supply disciplines, meeting varying legislative and regulatory requirements as well as varying levels of technology complexity. By remaining abreast of industry changes and investing in our own suite of software applications and technology, we are able to implement change quickly, thus remaining ahead of the competition.

Quality Management

We ensure that we deliver a quality service to our customers by having an experienced team, utilising suitable technology, implementing quality controls, and being responsive to their needs, observations, and feedback. We invest in training, technology, and development, and we are proactive in our approach to continuous improvement. We also set clear, measurable goals and KPIs that demonstrate the quality of the services we provide.

Complaints and issues are flagged and dealt with as a priority. Any root cause that requires further action or longer-term review is added to the Client Development and Action Plan. The Client Action Plan logs and tracks all customer complaints, allowing for an investigation, the findings of the investigation, and the corrective and preventive actions required or taken.

We set clear quality standards and expectations for our suppliers, and we communicate and measure their performance against these standards. As part of our commitment to sustainability, health and safety, and environmental management, we regularly audit our suppliers to ensure that they are meeting not only our quality standards, but also our business requirements. We take a proactive approach with our suppliers, working with them to identify and address quality issues.

The key risks that could impact our ability to supply our services can be split into two areas, total loss/major incident and partial/minor incidents.

Total Loss / Major Incident could include:

  • Natural disasters and Fire
  • Cyberattacks / IT Failure

Partial / Minor Incident

  • Localised Labour issues such as COVID outbreak
  • Weather events – causing disruptions to staffing levels and/or supply chain
  • Localised IT/Communication/power failures and issues
  • Supplier Failure

By understanding the risks iForce could face we are able to have in place, and regularly review, our risk management and disaster recovery plans. We look to mitigate these risks and build in resilience to ensure continuity of supply of our services, these include but not limited to – Back-up IT not just for data but localised operational IT, Back-up communications – satellite/cellular, regular supplier reviews and alternative supplier list.

iForce continue to be proactive and flexible in our approach to risk management and believe that by taking these steps, we can reduce the likelihood of a disruption to our services and ensure we can continue to meet the needs of our customers.

As a business that operates multi-client, multi-warehouse solutions, we systematically operate from multiple sites on a daily basis. In the event of a complete loss of a single warehouse facility, all inbound goods and consumables would be diverted to an alternative warehouse. Our warehouse management system would then receipt the goods and make them available for our clients to sell or access.

We have multiple sources of supply for critical components, we maintain a buffer stock of critical components, we have the scale and ability to transport goods in the event of a disruption, we have a plan for communicating with suppliers and customers in the event of a disruption.

Health & Safety

Leadership commitment: Our CEO and senior leaders are committed to health and safety. They set the tone for the organisation and make it clear that Health and Safety is a top priority.

Training: We provide comprehensive training to all employees on Health and Safety. This training covers a wide range of topics, such as fire safety, electrical safety, and workplace violence prevention.

Risk assessments: We conduct regular risk assessments to identify and mitigate hazards in the workplace. This helps us to identify and address potential risks before they cause an injury or illness.

Incident reporting: We have a system in place for employees to report incidents and near misses. This helps us to learn from our mistakes and to make improvements to our health and safety procedures.

Investment in safety equipment: We invest in safety equipment to help keep our employees safe. This includes personal protective equipment (PPE), such as protective clothing, safety shoes and gloves.

Enforcement of safety rules: We have a system in place to enforce safety rules. This includes disciplinary action for employees who violate safety rules.

Communication: We communicate regularly with employees about Health and Safety. This includes providing safety updates, reminders, and training.

We are committed to creating a safe and healthy workplace for all of our employees. We believe that health and safety is everyone’s responsibility, and we are working hard to ensure that everyone is kept safe.

Yes, we hold ISO45001, which replaced ISO18001. We have also been awarded ROSPA Gold, and An International Safety Award (Merrit) from the British Safety Council.

Forming part of our ISO45001 and ISO14001 audit and requirements we verify our supply chain and we use approved supplier logs, preferred suppliers, competency review packs.

Environmental Management & Sustainability

iForce, as part of the Culina Group, are committed to achieving net zero by 2050 in line with government and industry expectations.  We believe that this is the only way to ensure a sustainable future for our business and for the planet. By committing to the Science Based Targets Initiative we are demonstrating our commitment to taking action on climate change.

Our sustainability strategy focuses on reducing our emissions in the logistics industry. We have a consistent program of investment in our fleet, warehousing, and technology to make our operations more efficient. By reducing our emissions, we will improve our resilience to climate change and make our business stronger and more sustainable.

We use both our internal intranet and external social media channels to announce the various initiatives and projects we are undertaking. Direct communications are also delivered at daily briefings along with visual activities like green days to bring to life our sustainability activities.

iForce is ISO14001 accredited across all its sites. We also are a Certified Carbon Neutral organisation, along with being a fully Co2e Assessed organisation.

iForce are already a certified zero carbon footprint organisation. This has been achieved by reducing our overall consumption, with several initiatives, for example, purchasing renewable energy across all our facilities, retrofitting LED lighting in all our facilities, solar on our some of our facilities and investment in technology. The remaining emissions across scope 1,2 & 3 have been offset with Gold Standard Verified community projects.

Across the Culina group there are several initiatives including but not limited to, investment in more efficient vehicles, LED retrofitting of all facilities targeted by the end of 2026, increasing HVO across the entire fleet with the potential to reduce emissions by up to 90%, Electric shunters and investment in renewable energy and energy efficient equipment.

The retrofitting of LED lights in two of our facilities has already resulted in a reduction of more than 150 tons of CO2e in a year. Our continued investment in automation and technology is also having a positive impact. For example, the with the installation of our Exotec Skypod automated solution, this has the potential to deliver up to a further 20 tonnes of CO2e Scope 3 savings per annum.

Data Protection

All users of iForce’s IT systems, complete a mandatory training programme for data security awareness.

  • A secure e-mail gateway limits the amount of potentially malicious e-mail reaching our staff and secure Internet gateway restricts outbound access to dangerous or non-desirable websites.
  • The Mobile Device Management solution protects our corporate smartphones and other devices.

Our overall security is monitored 24×7 by a leading Security Information & Event Management (SIEM) solution which is operated by a specialist third party Security Operations Centre (SOC). QRadar is used for continuous monitoring and threat identification whilst Qualys is used to perform a weekly vulnerability scan. We also periodically commission specialist third parties to conduct focused penetration for which NCC and PenTestPeople are the preferred vendors.

iForce’s IT infrastructure is ‘up-to-date’ and has in-built resilience:

  • Daily encrypted backups can be relied upon, should we encounter any serious incidents requiring recovery actions.
  • Monthly security patches are applied as standard and more frequently if required (eg: the recent Log4j vulnerabilities).
  • Our ‘vulnerability management solution’ provides visibility of any potential issues.
  • We operate a next-generation anti-virus solution with Extended Detection & Response (XDR) enabled.
  • Our network edge is protected by two layers of firewall, one of which is a next-generation solution.

Periodically, we commission specialist third parties to conduct penetration tests of our systems and applications.

 

Data Segregation & Restricted Data Access

Within our core systems, a set of ‘Libraries’ allows programs to be stored separately from data files. Each Client’s data to stored separately within its own ‘Library’.

User permissions control access to one/more specific Client ‘Libraries’ and the ‘user role’ will control which menu options are available and whether these have read-write or read-only access.

All actions in our core systems (both human and systemic) are logged for monitoring and audit purposes. These actions includes for example user interface actions; system integrations, business rules execution, etc. The logs are automatically monitored using observability platforms (i.e. DataDog, etc.) with automated alerts raised in case of anomalies

 

Encrypted Data Back-up, Retention & Disposal

Our data centre and network service provider is Daisy, who perform encrypted data back-up routines, based on iForce’s strategy, including:

  • Daily Incremental 7 days onsite
  • 31 Days offsite
  • Full Backup 12 Monthly

This ensures we have the latest version of the backup onsite and with a number of incremental versions securely stored.

iForce have not had any significant data breaches in the last 3 years. Our Director of IT Security & Risk leads a skilled and qualified in-house IT security team, who continually review and improve our security posture.

  • The outcomes from this continuous review feed into the IT Security Incident Response Plan (IT SIRP), as well as relevant amendments to a broad suite of IT security policies and standards.
  • The ‘IT SIRP’ and other policies are reviewed quarterly and signed-off by our Director of IT Security & Risk.
  • All associated technical and procedural measures are maintained, to ensure confidentiality, integrity and availability of our data and systems.
  • Our overall security is monitored 24×7 by a leading Security Information & Event Management (SIEM) solution which is operated by a specialist third party Security Operations Centre (SOC).

Data is retained for 7 years (linked to statutory requirements) before being purged from locations. In terms of physical data disposal, all Culina Group utilise providers which specialise in physical asset disposal and hold ISO9001, ISO14001 and ISO27001 certifications. Once the assets and data are disposed of, we obtain certificates of destruction for all storage devices.