Every question worth asking about a CMMS,
answered plainly.

Most CMMS ship a single parent-child tree and call it hierarchy. That works until the day a resident calls "no AC in apartment 101" — and the system says Apt 101 has no children, because the rooftop HVAC unit lives in a different branch of the tree (it serves six apartments; you had to pick one as its "home"). The tree is an org chart, not a wiring diagram, and a CMMS that only models the org chart is structurally incapable of routing maintenance correctly. Sympl models three independent relationships — containment, installation, and service — because that's what real facilities actually have.

• Containment is where it lives in the org chart — Site → Building → Floor → Apartment, or Plant → Production Line → Equipment. A strict tree, used for navigation and reports that ask "what's in this building?"
• Installation is what position the equipment is mounted at right now. A pump goes to the rebuild bench, a replacement is installed, both pumps' histories survive — and the position itself accumulates a failure pattern. This is the "Functional Location" concept from SAP PM and Maximo, but without forcing customers to model two parallel trees from day one.
• Service is what this asset feeds, controls, or backs up. A roof HVAC unit serves six apartments. A backup generator backs up the fire pump and the IT closet. Typed, directional relationships between assets — serves, feeds, controls, depends-on, backs-up.

SAP PM and Maximo handle the modeling — Functional Location plus Equipment as separate object types, with installation events between them. They get the data model right, and have for decades. The cost is that customers have to choose between FLOC and Equipment from day one, which ripples through onboarding, reporting, permissions, and integrations. We treat them as the same object with an optional installation field; the complexity only appears when the customer needs it. The result: a Maximo-grade reliability story without the Maximo onboarding curve.

The HVAC unit is one asset. The apartments are six separate assets. We connect them with six service edges — one HVAC → Apt 101, → Apt 102, … → Apt 203. On the HVAC unit's detail page you see "Serves: Apt 101, Apt 102, …" On Apt 101's detail page you see "Served by: HVAC Unit, Boiler, Electrical Panel." Same edge, two surfaces. When a resident calls about Apt 101, the system suggests routing the work order against the HVAC unit and logs Apt 101 as an affected asset — so reporting can still answer "how many WOs affected Apt 101 this quarter."

Rotating equipment moves. Pumps go to the bench for rebuilds. RTUs get swapped after compressor failures. When a pump physically swaps positions, you have two distinct lifecycles to preserve: the pump's history (every position it's lived in, every overhaul) and the position's history (every pump that's been mounted here, how long each lasted, what failed). Sympl tracks both via a separate install/dismantle event log. The payoff is the question only this model can answer: "this position has gone through 3 pumps in 5 years — is the failure pattern positional (cavitation, suction-side, environmental wear) or unit-specific?" Most CMMS can show a pump's PM history. Sympl can also show the position's failure pattern.

A 60-second mobile workflow: scan the QR on the failing asset, tap "Swap." The dismantle and the install are recorded in one transaction — the old pump moves to the spare pool marked in repair, the new pump (also scannable) installs at the same Functional Location, the work order that drove the swap stays linked to both. Both pumps' histories survive intact. The position's install/dismantle log gets one new event. The audit trail reflects the swap as one logical operation, not two separate edits a tech might forget the second half of.

Replacements work the same way — the only difference is the old asset is decommissioned at the end instead of returned to the spare pool. Same workflow, same atomic transaction, same link between the retired asset and its replacement.

Position-level history is the foundation, but the value is in the pattern across positions. The line-history view rolls up by Functional Location group: every pumping station on Cooling Water Loop 2, every roof RTU pad on Building B, every CIP skid on the brewhouse line. The question it answers is the one a reliability engineer actually asks:

"Why does Pumping Station A consume pumps at twice the rate of Pumping Station B, when they're identical specs from the same supplier?"

The answer is almost never "bad pumps." It's suction-side cavitation, an alignment problem, a vibration source, an environmental issue, a piping defect — none of which the pump itself can tell you, and none of which a unit-only history will surface. The line-history view shows mean position-uptime, swap frequency, and dominant failure modes per position, side-by-side across the line. The 2× outlier jumps off the page.

No. The model is additive. A new hub can register an asset with just a name and a kind. Containment alone gets you a working CMMS — work orders, PMs, parts, dashboards, all of it. Installation history and service edges are opt-in; they appear when you want them and stay invisible when you don't. There's no "phase 2 implementation" — the data model expects you to grow into it.

We seed every demo workspace with reference taxonomies that tag assets with codes from open standards. The current set:

• ISO 14224 — petroleum/process reliability data taxonomy.
• ISO 55000 / 55001 — asset management governance.
• ISA-95 / IEC 62264 — manufacturing operations hierarchy.
• UNIFORMAT II (ASTM E1557) — building element classification.
• OmniClass Tables 21/22/23 — construction classification.
• VMRS — fleet maintenance reporting (SAE / TMC).
• eCl@ss — international cross-industry product classification.
• NFPA 20 / 25 — fire-pump operational requirements.
• EN 15341 — maintenance KPI definitions; cited on every standard report.

Two things. First, when you bring data in — from a Maximo export, a Fiix CSV, a Fleetio API pull — we map onto open codes (ISO 14224 equipment classes, VMRS fleet codes, etc.) rather than into a vendor-specific taxonomy you can't take with you. Second, when you take data out — via API, scheduled CSV, Snowflake export — those open codes go with you. You're never locked into a Sympl-specific taxonomy that needs translation if you switch tools.

When a tech closes a corrective WO, we ask for a problem / cause / resolution triple drawn from ISO 14224 Annex B. Free text is fine for the description; the structured triple is what powers MTBF, MTTR, top-failure-mode Pareto charts, and replace-vs-repair signals. AI suggests the triple from the tech's free-text description; the tech accepts or corrects; the structured data flows downstream. This is the difference between "we have failure data" and "we have failure data we can report on."

Yes. The seeded taxonomies are starting points, not fences. You can add your own equipment classes, failure modes, or asset types alongside the seeded ones. Custom Types let you extend the catalog with your own field bundles — stamped with their own codes if you have them.

Yes. Because containment and the service graph are both first-class, the scheduler can group open WOs by site → building → floor → line, or by upstream service edge (everything fed by the same panel, served by the same roof RTU). The dispatcher sees "5 WOs on Roof RTU Pad #1 — schedule together?" instead of 5 individual line items.

A tech going to Floor 2 to swap a thermostat shouldn't make a second trip for the burned-out fixture they could have carried up at the same time. The schedule board groups WOs by spatial proximity (same floor, same line, same panel) so the dispatcher can pack a route in one pass. The grouping isn't manual — it falls out of the hierarchy you've already modeled.

Every corrective WO is checked: did a second corrective WO open on the same asset within 48 hours with a matching failure code? If yes, the WO is flagged as a return trip, and FCR rate appears on the dashboard and the asset detail page. FCR is one of the cleanest indicators of planning quality — return trips usually mean the tech showed up without the right part, the right tool, or the right diagnosis.

A standard report shows the percentage of work that's corrective vs. preventive. Industry benchmarks put a mature program above 70% planned/preventive; the ratio is the single best maturity number a CMMS can report. We surface it on the home dashboard with an EN 15341 citation.

• A kit is a part-catalog entry that explodes into individual stockable components at planning time. "Oil Change Kit" = 5 qt oil + 1 filter + 1 drain plug washer. Kits are operational shorthand: add the kit to the WO; the components reserve and pick as a unit.
• A maintenance BoM (mBoM) is a structured, type-level parts list attached to an asset type, with the ability to override at the individual asset level. The Boiler type's mBoM lists the parts a typical boiler PM consumes — the planner pulls from it.
• Kits are pick-as-a-unit conveniences; mBoMs are reference data that informs planning. Both ship.

A tech's van isn't a theoretical concept — it's where parts physically are when the tech is in the field. Sympl treats it as a first-class stock location: morning loadout is a normal transfer from "Main Storeroom" to "Tech Van #3"; issuing a part from the van to a WO is a normal issue transaction; and end-of-shift reconciliation is a quick count cycle. No parallel tracking system, no spreadsheet, no "where did that part actually go?"

A tech finds they need a part that's not on their van but another tech 10 minutes away has one. That's a van-to-van transfer — same mechanic as a transfer between sites. Both vans' inventories stay accurate; the transaction is auditable.

A guided count flow at end of shift: scan or click through van inventory, mark counts, reconcile differences, capture variance reasons. The variance feeds back into inventory accuracy reporting so van shrinkage is visible, not invisible.

When a transfer is initiated, the inventory doesn't atomically vanish from the source and appear at the destination — there's a real-world gap. Sympl models an "in transit" virtual location that captures the limbo state. If a truck is in an accident with $50k of parts on it, that inventory isn't at either site — it's still trackable as a known quantity. When the transfer is received, the in-transit balance drains to zero. Insurance, audit, and operational reality all stay coherent.

Add an "Oil Change Kit" to a WO; the kit explodes into its component lines (5 qt oil, 1 filter, 1 drain plug washer), each with their own reserve / pick / issue / return lifecycle. The WO shows which lines came from a kit ("From: Oil Change Kit") vs. individually added. At close, kit-level consumption is reported correctly even if components were substituted or returned.

The four-step lifecycle that keeps inventory honest:

• Reserve — when the WO is planned, parts are earmarked. Other planners see the reservation; the count's "available" balance reflects it.
• Pick — storeroom worker physically pulls the parts and stages them.
• Issue — tech consumes the part on the WO; balance decrements.
• Return — anything unused goes back; balance increments.

Most CMMS skip "pick" and conflate reserve with issue, which means the inventory count is wrong from the moment a part is reserved until the WO closes. We model the four phases explicitly.

Three goals, hard discipline. Every AI feature in the product must achieve at least one of:

1. Save the user time.
2. Save the user money.
3. Make the user smarter / more informed.

If a feature doesn't clearly map to one of these, it doesn't ship. We don't do "ask AI anything!" tiles, we don't summarize 3-line WO descriptions, and we don't generate content that has structured-input alternatives.

Yes. AI configuration is managed centrally per hub. Customers on the BYOK tier point us at their own provider — Anthropic, OpenAI, Azure OpenAI, AWS Bedrock, or self-hosted Ollama — and supply the key. We use that key for that hub's inference calls; the bill goes to your account. For hubs that don't want to manage providers themselves, Sympl-managed inference is the default (a vision model for classification, Claude on Bedrock for grounded reasoning).

We expose the CMMS API as a Model Context Protocol server so customers can connect Claude Desktop, Cursor, or their own agent tooling directly to their hub data with natural language. A reliability engineer can ask Claude "find me the pumps that failed within 90 days of installation across all sites, with the supplier names" — and Claude executes the right API calls against your hub. Same login, same permissions, same audit trail; every MCP-driven action is logged with the connected tool's identity. We don't host your agent; we host the connection point.

No. Per-hub data isolation is absolute. AI features run with the active hub's data only. We never mix data across hubs for training or inference unless the hub explicitly opts into a benchmark or anonymized program — and even then, individual records never leak. This rules out a single fine-tuned model across all customers' data without consent.

No AI output without traceability. If the system says "this asset's PM frequency could be relaxed," you can click to see the WOs and time series the recommendation is based on. If it can't show its work, it doesn't ship. For document Q&A, answers cite the specific document and page. If the source doesn't contain the answer, the system says "this isn't in your documents" — never fabricates.

No, by default. AI suggests; human commits. AI can pre-fill a form, propose a status change, or draft a notification — but a human clicks the button. Exceptions are explicit, scoped, opt-in, and audit-logged. When an AI suggestion influenced a record, the audit log captures it: which user committed it, which model suggested it, the confidence, and the citations used.

Upload a PDF floor plan; the system classifies it as a floor plan, renders pages, and stores a high-resolution viewable. From there, you pin assets to coordinates on the plan — clicking an asset on the floor plan jumps to its detail page; clicking an asset's location on its detail page highlights it on the floor plan.

PDFs go through the same classifier as other documents but with a specialized post-processing path: the page images are persisted at full fidelity (so they're zoomable in the UI), the classifier confirms the document is a floor plan (not, say, a P&ID misfiled as one), and the result becomes a navigable spatial layer attached to a building or floor. Image floor plans (PNG, JPG) skip the classifier and go straight to the spatial layer.

Yes. Drag-and-drop pinning, with the pin coordinates stored as part of the asset's spatial relationship. A floor's detail page shows the floor plan with every pinned asset visible; an asset's detail page shows the floor plan zoomed to the asset's location. Overlays — WO-density heatmaps, criticality coloring, open-WO badges — render directly on the plan.

Both, simultaneously. The floor plan is a document (classified, stored, audited like any other PDF) and the floor it represents is a spatial asset (in the hierarchy, navigable, with its own work orders and PMs). The document is attached to the spatial asset; the spatial asset is the queryable primitive. This way, "what floor plans does Building B have?" and "what's on Floor 2?" are two different questions with two different answers, both correct.

• Type — a typing overlay applied to existing entities. The "Boiler" type, when applied, activates fields like BTU rating, pressure rating, ASME stamp, and fuel type, links default PMs, and scopes the failure-mode picker.
• Instantiation template — a starter for creating new entities quickly with defaults pre-filled.
• PM template — a recurring-work generator. Distinct from one-shot WO templates and from Types.

Master-data inheritance. When you customize an industry-preset Type, the parent fields stay live — your child overrides are tracked field by field. Fields you haven't touched continue to receive parent updates. Fields the parent has marked as locked can't be overridden at all. So you fork what you need to fork, keep inheritance on everything else, and don't lose the next preset improvement. This is the model used by package managers and language ecosystems; we apply it to CMMS reference data.

A custom field can scope to a Type. Boiler-only fields show up only on assets with the Boiler type applied; reports filter automatically. Fields can also scope to asset kinds, sites, or be global.

We ship pre-built Types per vertical: chemical manufacturing → Reactor, Distillation Column, Heat Exchanger; multi-family residential → Apartment, Common Area, Roof Equipment; water utilities → Pumping Station, Treatment Train, Disinfection Bank. Each preset bundles the fields, default PMs, and failure-mode subsets that vertical actually uses. New customers pick a preset at onboarding and start in week one with the structure their domain needs.

About 21 standard reports, drawn from EN 15341 (KPI definitions) and ISO 14224 (reliability). Each report cites its standard reference. Categories:

• Reliability & maintenance KPIs — PM Compliance, Schedule Compliance, WO Throughput, Backlog Aging, MTBF, MTTR, Asset Availability, Top Failing Assets (Pareto), Top Failure Modes (Pareto), Reactive vs. Preventive Ratio.
• Cost & financial — Maintenance Cost per Asset, Maintenance Cost Ratio, Cost Trends, Replace-vs-Repair Candidates.
• Workforce — Technician Productivity, Labor Allocation, Skills & Certification Status.
• Compliance & risk — Criticality Assessment Coverage, Compliance Program Status.
• Operational — Inventory Turnover & Stockouts.
• Performance management — KPI Scorecard.

Custom report builders are a tarpit. Customers ask for them; vendors build them; they consume product engineering for years and never satisfy power users (who use real BI tools anyway) or simple users (who want one-click answers, not a query designer). Better discipline: ~21 well-built standard reports + an excellent API + scheduled exports → your BI tool. New reports require retiring or merging an existing one.

Each report has a "Schedule" action: pick recipients, cadence (daily/weekly/monthly/quarterly), format (CSV/Excel/PDF), and filters. The notifications service delivers; recipients see the version filtered to their scope (not the senders' scope) so a regional VP gets their region's data even if the schedule was set up by the corporate FM.

Hub Admins can configure scheduled CSV or Parquet exports to S3 (we write directly with your credentials), email, SFTP, or your data warehouse via standard ELT connectors. We don't compete with Tableau / PowerBI / Looker / Sigma — we make ourselves an excellent data source.

Every chart segment, table row, and Pareto bar is drillable. Click it, you land on the underlying entity list (WOs, assets, parts) filtered to exactly that slice.

Yes. Every entity is queryable via REST + GraphQL with filtering, sorting, cursor pagination, and modified-since semantics. Every state change is a write API. Every event is published to webhooks and the internal event bus. The OpenAPI spec is the source of truth; the MCP server is generated from it; new endpoints automatically become MCP tools.

An API token is tied to either a person or a service account. Both go through the same permission engine. A token can be narrower than the user or service account behind it, but never broader — a token never grants more access than its owner has. Three patterns:

• User-bound token — issued by a developer for their own personal use. Inherits the user's role grants and scope. Revoked when the user leaves.
• Service account token — issued for a non-human identity (an integration, a CI/CD pipeline, a vendor system). Service accounts have their own role grants, their own scope, and their own audit trail — they outlive any individual person. Default for any production integration.
• MCP token — bound to either a user or, preferred, a dedicated service account ("Mike's Claude Assistant") with its own role grants for clean audit separation. Every MCP-driven call is logged with the connected tool's identity.

• Permissions — a subset of the owner's effective permissions. "This token can read assets and create WOs, but not delete them, even though I can."
• Scope — a subset of the owner's scope. "This token only acts within Site = Atlanta Plant."
• IP allowlist (optional) — restrict to known networks.
• Expiration — every token has one; rotation is the norm.
• Tokens are validated at issue: if you try to declare a permission you don't have, the request fails. A leaked token can't do anything its scope didn't allow — and revoking the user or service account revokes every token under it.

Service accounts have the same role/scope/ceiling machinery as humans. They just can't log in to the UI. You grant a service account roles in the admin UI, scope it to specific sites or asset classes, and issue it a token. Its actions show in the audit log distinctly from human activity, so you can see exactly what every integration did.

Every domain event (WO created, asset state changed, PM materialized, threshold breached, etc.) is published to the internal event bus. Hubs subscribe via webhook to deliver those events to their own systems — MES dashboards, Slack channels, ERP queues. Webhook deliveries are signed, retried with backoff, and observable in the admin UI.

Every hub gets its own isolated data store inside the platform — no shared columns that have to be filtered correctly on every query. Cross-hub data leakage is structurally impossible at the storage layer. Migrations roll out to every hub automatically. The benefit is data isolation that doesn't depend on application code being correct.

Every state change writes to the audit log via a single central writer. The log captures actor (user or service account), action, entity type and ID, before/after values, request ID, and (where applicable) AI involvement. Immutable from the application; only a database superuser can delete rows.

Effective permissions are the intersection of role grants, direct grants, and a hard member-type ceiling. Roles bundle permissions. Scope narrows where the permission applies — by site, by asset class, or by other attributes you choose.

Every user or service account has a member type — employee, contractor, vendor, etc. The member type is a ceiling: regardless of which roles a contractor is granted, contractors can never have admin-level permissions. A bug in role assignment can't create an escalation path. Hard rule enforced at the permission engine, not a soft suggestion in the UI.

Customers don't hand us a clean CSV. They hand us a folder: 3 versions of an asset list (Excel), 80 PDFs of OEM manuals, photos of equipment nameplates, an old CMMS export, vendor contact lists in Word, scanned paperwork, maintenance procedures, a price list as a PDF. The onboarding agent processes the whole folder: filename heuristics for cheap classification, vision AI for ambiguous files, deep AI extraction for high-value items. Output: a draft asset list, draft PM templates, matched manuals attached to assets, a review UI for low-confidence items, and a documentation pack of what was preserved and what wasn't.

Drop a folder of OEM PDFs; the system classifies, extracts manufacturer + model from the title pages, matches to your asset list, and proposes PM templates from the maintenance sections of the matched manuals. Each proposed PM cites its source page. The planner reviews in a side-by-side, accepts or edits, and the templates are live. This is the difference between "we can attach a PDF to an asset" and "we can convert your OEM manuals into a working PM program."

Every entity is queryable via REST + GraphQL with cursor pagination. Hub Admins can configure scheduled CSV/Parquet exports to your S3 bucket, email, SFTP, or your data warehouse. Audit logs export. Documents export with their original filenames. Open-standard taxonomies (ISO 14224, VMRS, UNIFORMAT II) come with the data; you're not exporting a Sympl-flavored dialect that needs translation. The discipline behind "open standards in, open standards out" is exactly so the export-to-leave story is straightforward — even though we'd rather you didn't.