TALENT CLOUD SOLUTIONS LIMITED

Whole workforce compliance

AI-powered, cloud-based platform enabling companies to truly understand their workforce and reduce their compliance risk and exposure. Collects, visualises and analyses every element of a workforce's employment checks, skills and safety statuses, providing actionable insights and predictive analytics.

Features

• DBS, RTW, Referencing, Digital ID, DVLA, SMC, AMC, PAYE
• Skills verification, professional certification, professional accreditation, safety certification
• Visualise the compliance and risk status of your entire workforce
• AI-powered predictive analytics provide early warnings and alerts
• Integrates with wide range of ATS and HRIS

Benefits

• Predict compliance risk before it happens
• Instantly address, reduce and remove identified risks and gaps
• Whole workforce compliance insight in one central platform
• Real-time, shareable, actionable insight
• Automated crisis management ensures complete eradication of risk

£0 to £200 a user

• Education pricing available
• Free trial available

Service documents

• Pricing document

  ODS

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@talentclouds.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

106815566294697

Contact

Miranda Pickford
07972797200
publicsector@talentclouds.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard SLA is 2 hours, though often much faster.; UK office hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Extensive and continual
• Onsite support: No
• Support levels: Optional additional packages; Standard £150 6 x hours of Support for Applicants Per Month; Bronze £270 12 x hours of Support for Applicants Per Month; Silver £810 36 x hours of Support for Applicants Per Month; Gold £1,620 72 x hours of Support for Applicants Per Month; Dedicated Customer Support Manager £5,000 ; Custom Support Package £150-£10000
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online training, online documentation, built-in help centre, built-in messenger service, in-product help, videos
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Talent Clouds provides a full extract of all customer data upon request
• End-of-contract process: Decommissioning of the system and irretrievable deletion of all data (save for any required by the Laws of England Wales to be held) is included in the price of the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None. The mobile experience is optimised for that form factor, so that all services are accessible equally.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: There is an executive-level interace, where C-level and other senior leaders can view and action the compliance and risk status of their entire workforce.; There is an administrative user interface, where for example HR users can request checks, view check progress, generate reports and so on.; There is a worker interface, where for example an applicant or colleague can provide all of the information required to complete various checks.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Extensive and ongoing testing.
• API: Yes
• What users can and can't do using the API: All front-end features are accessible through the API.; Additionally, the API can be used to connect to applicant tracking systems, HR information systems, additional reporting and visualisation tools.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: User portals can be customised as needed.; All electronic communications can be customised as needed.; All reports and dashboards can be customised as needed.; Role based access control is configured as needed.; Elements such as role catalogues, compliance checking packages, counter-signing workflows can all be configured as needed.

Scaling

• Independence of resources: The platform is hosted in Microsoft Azure, and the system is architected to cope with massive volumes of concurrent user sessions.

Analytics

• Service usage metrics: Yes
• Metrics types: As principally a checking platform, service metrics in aggregate and in detail the volume and type of check requested, the progress and status of those checks.; Other information such as session information and audit logs is available
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The platform provides data export in .xls and .csv formats.; Extraction via the API is also supported
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our data centre has 99.99% availability and is regularly backed up to a different geo-located data centre. Our infrastructure is completely server-less and hosted in Azure cloud with frontend facing resources having Microsoft's guaranteed SLA of 99.95%. The system is hosted in UK South, however, can be deployed to any location. Also, our production workloads are deployed from automated build pipelines allowing for easy recovery.
• Approach to resilience: Available on request
• Outage reporting: All users are notified by email alert

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: We employ the latest OpenID and OAuth technologies to generate short-lived access tokens and custom claims; each user type has only the minimum level of access required for their tasks. Each user type has a predefined set of permissions, providing customers with granular control over access.; ; An organization's data can only be accessed by admin users from that organization or by our system administrators. Each of our endpoints is protected by permission control, and every access token is encrypted using state-of-the-art encryption technology. Each access token is valid for 24 hours. We continuously monitor to detect and prevent suspicious activity.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 13/10/2023
• What the ISO/IEC 27001 doesn’t cover: Nothing. All policies and controls are available for inspection
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All of our ISO27001 security policies are stored, managed, maintained and operated within our ISMS.online platform

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We have a secure development pipeline managed with Microsoft Azure DevOps. This covers all configuration management, quality assurance, security testing, staged and production deployment.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our infrastructure, including our vulnerability management, is managed entirely by Microsoft. This includes assessment and receipt of information on potential threats to the service.; ; After penetration testing, all high priority and critical items found to be a threat to the platform are resolved immediately.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our infrastructure, including our protective monitoring approach, is managed by Microsoft. This means Microsoft identify potential compromises to our system. As a further protective measure, all physical resources are hidden behind CloudFlare, providing additional protection such as against DDoS.; ; When we find a potential compromise, we rank the severity of the threat on a Low, Medium, High or Critical Risk level, and alert users who may have been impacted. We respond to incidents in the higher two categories of severity within 1 working day.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Users can report incidents through a variety of avenues, including through the help function within the portal, or contacting their Customer Point of Contact. Once our customer service team is notified of the incident, we then categorise it according to its severity - low, medium, or high, depending on the number of users the incident is impacting, and whether the platform is otherwise fully operational.; We commit to resolving all low category faults within 2 working days, medium category faults within 1 working day, and high category faults within 8 hours. Incident reports are then sent to the user.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks: DBS Business Messaging Service

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Fighting climate change; ; Our platform inherently fights the effects of climate change through our digital-first approach. However, the challenge goes further than the process itself; we strive to make an environmental impact through our communication of the benefits of adopting a digital process. The Government’s recent announcements to the use of digital ID checks in background screening checks highlights their position on a greener future for public sector business processes. Workers no longer need to make unnecessary journeys to a central office. Through all our social media and marketing channels, we strive to address this issue. These are in the form of blog articles, social media posts and newsletters, which emphasise the inefficiencies of paper-based methods.; ; Also, a dedicated commercial outreach team make regular calls to organisations with paper-based applications to encourage a change to digital and emphasising the important positive impact it has on the environment.; ; Our networking events will establish stronger working relationships between different public sector HR teams and develops their knowledge around digital systems. Through this, they can begin to implement best practices into their respective organisations, fostering a culture of greener processes. Throughout the contract period with new customers, we will continue to drive this message forward.; Furthermore, our remote-first working arrangements reduce the impact of travel for our staff.

  Covid-19 recovery

  Covid-19 recovery; ; Our primary service directly impacts how quickly we help public sector workers move into new roles. This is shown through our ability to reduce onboarding times by over 85%, and reduce human error in applications to less than 1%. Overall, using our service has meant public sector workers are far more streamlined using our platform to start work. This reduced time from hiring to starting an employee in a new role is particularly vital at a time when the pandemic has emphasised staff shortages across all public sector services. We assist Covid-19 recovery by helping ease the burden on resource-stretched and short-staffed public sector industries by accelerating the pre-employment compliance process.; ; We understood the economic impact Covid-19 had on individual incomes and therefore we made it our priority to reduce these hardships by implementing 'Covid fast-track applications' for social care and healthcare workers as quickly as possible. We also quickly adapted to the Government's changes to Right to Work and DBS checks when the pandemic started, updating to remote verification of checks through Digital Identification. Again, these measures ensured workers onboarding times, and therefore incomes weren't severely disrupted.

  Tackling economic inequality

  Tackling economic inequality; ; From a purely economic perspective, our service has a direct impact on the time it takes for economic upturn to be realised in the local economy. Our platform provides social value to customers by saving valuable time and money through the digitisation of pre-employment processes.; Furthermore, workers attaining their roles faster also results in a reduction on the reliance of social benefits, correlating with a decrease in Government expenditure on job seeking allowances.; ; Our platform also tackles economic inequality by aiding the successful running of short-staffed public sector organisations. Our platform has seen over 6,000 people across one county be placed into public sector roles faster, helping bolster and improve the local services to increase profit margins.

  Equal opportunity

  Equal opportunity; ; We have internal policies and schemes that provide social value to our employees. Talent Clouds offers apprenticeship programmes to employees joining the business, to develop role-specific skills, as well as for the professional and personal development of our workforce. We are also proud to have a diverse workforce, with the cultural fit of an employee playing a key role in the hiring process.

  Wellbeing

  Wellbeing; ; The primary role of our background screening service is to fully ensure the wellbeing of employees in organisations that we work with. While pre-employment checks before an individual starts in a new role offers a point-in-time assessment of the candidate’s compliance and certification, the employee profile the platform provides ensures that all compliance information for employees is regularly updated and easy to access. This supports wellbeing by ensuring that safeguarding is always at the forefront of thoughts and ensuring the safety of everyone in the community.; ; The platform generates social value in the community of users it creates for query resolution. By encouraging discussion and dialogue amongst users, we hope to create a welcoming and friendly community of users and support the wellbeing of users from the benefits of mutual collaboration and assistance.; ; From an internal perspective we are committed to providing policies and procedures that support well-being in our workforce. As a result, the remote working policies were decided, collectively, by the workforce. Another positive social impact of our organisation is the development of its employees. A partnership with a government-backed apprenticeship scheme sees all employees spend 20% of their working hours spend time on honing their skills on a course of their choice, the intent of which is to enhance their professional skills and deliver higher quality of work to our customers.

Pricing

• Price: £0 to £200 a user
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Organisations are able to setup an account free of charge, setup worker profiles free of charge and access the full platform functionality without processing any checks and incurring charges.
• Link to free trial: https://www.compli.app/

Service documents

• Pricing document

  ODS

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@talentclouds.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.