Innecto Reward Consulting

Evaluate

Evaluate™ is a simple to use, global job evaluation and architecture tool guiding you through JD creation, job evaluation and levelling through to organisation design. Using factors to determine the relative value of different roles within your organisation you are able to defensibly place roles into clearly defined levels.

Features

• Defined, objective and transparent framework for career development
• Robust data analytics around organisational structure
• Create your existing and aspirational organisational shape
• Create and store your job description library within the system
• Identify areas of risk through Work of Equal Value criteria
• Overlay gender and ethnicity data on your organisational structure
• Real-time reporting
• Compare roles by title, department, function, location, score etc.

Benefits

• Complies with Equal pay requirements
• Simple to use, no previous job evaluation experience required
• Create departmental efficiencies, complete evaluations quickly and easily
• Give confidence to line managers with consistent & transparent evaluations
• Create & download dynmaic visuals and reports
• View and print an instant summary of job evaluations
• Report your gender pay gap with greater granularity
• Identify high performers, flight risks and past glories
• Foundation to create performance management processes
• Identify gaps and areas of risk within your organisation

£25,000 to £97,000 a unit a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at karen.thornley@innecto.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

153981284307533

Contact

Karen Thornley
07979800886
karen.thornley@innecto.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: A standalone solution sitting on the Innecto Digital platform that can be connected to our other tools:; PayLab (Pay benchmarking and insight tool); Advance (Pay Review Modelling) ; Flourish (Competency Framework); Amplify (Employee Experience)
• Cloud deployment model: Private cloud
• Service constraints: No specific constraints. Monthly upgrades occur with occasional hotfixes between the upgrades. Generally upgrades and fixes require no downtime, but if it is then customers are notified and generally it's limited to a 15-30 minutes
• System requirements: Web browser that is under software support

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We aim to respond within 2 hours for all emails sent to support between the hours of 8.30am-5.30pm Monday to Friday. Out of hours support can be provided but at an extra cost
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: We haven't had the service checked for accessibility, however it is a standard chat package from a well-known provider. However, we will investigate accessibility further.
• Web chat accessibility testing: None.
• Onsite support: Yes, at extra cost
• Support levels: Each customer will have a dedicated account manager and access to the Innecto support desk, Mon – Fri, 9-5 GMT. Both liaise with the technical staff as needed. This support is included in the price quoted. Additional costs are only required if the customer asks for specific, additional technical development of the platform or extended coverage
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We typically hold a scoping meeting to clarify and define the support requirements, including training. Once the system is configured we complete handover of the tool and run training sessions. During these sessions anchor roles are identified and evaluated providing the foundation to evaluate the wider company.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users download/export their data into an excel data sheet that includes all the aggregated data inputted into the system, and they are able to download a PDF report including images and tables
• End-of-contract process: Contracts are typically on a rolling basis unless notice is served. If your contract is terminated, you will be given notification of your last day of access and prior to this period will be able to download relevant data. At the point access is removed your account will be closed.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Functionality remains the same but the screen layout differs
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: There is a standard level of customisation offered during the configuration of the solution including branding and amending the following data fields as required:; Structure / company breakdown; Number of Users; Grading system

Scaling

• Independence of resources: Our service is multi-tenanted, but it is hosted on Amazon's elastic cloud service and we monitor performance and overall usage very closely. If performance is falling off below permitted parameters we can deploy extra servers and bandwidth as needed.

Analytics

• Service usage metrics: Yes
• Metrics types: Time on the system
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Download into a CSV file
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We aim to make Evaluate available 24 hours a day, 7 days a week, whilst this availability is not guaranteed, we do commit to 99.95% uptime. Priority 1 (service down) SLA is a maximum of 8 hours recovery time. Refunds to users not meeting SLA's are specified in the Terms and Conditions.
• Approach to resilience: We have separate development, test and production environments on AWS. The production environment hardware is replicated across AWS data centres in the UK for resiliency in the event of a failure. Each production environment consists of multiple, load balanced servers.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: SAML2 SSO
• Access restrictions in management interfaces and support channels: VPN & trusted IP only
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Isoquar - Alcumuc
• ISO/IEC 27001 accreditation date: October 2012
• What the ISO/IEC 27001 doesn’t cover: The people, processes and technology used to develop, deliver or support the delivery of insurance, employee engagement and reward consultancy services provided to our clients from our offices in Milton Keynes and Marlborough.; AWS who host our solutions are also ISP certified
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: WorldPay
• PCI DSS accreditation date: Feb 2020
• What the PCI DSS doesn’t cover: Up to SAQ-D
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials Plus

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Innecto Reward Consulting are part of the AIM listed Personal Group and have an associated corporate governance structure including main board and risk compliance committees. We have numerous policies approved by these and implemented; Data Policy, Information and Physical security, Cyber security, Clear desk policy and other relating to recruitment, staff vetting and training.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Platform and functionality changes are managed on a ticketing system (Jira), each are assessed for effort, risk and business impact. Estimates are provided, each development is made in a separate development environment with unit testing. Code is then promoted to a full test environment where full regression testing is performed prior to release to production.; Requests that require the transfer of sensitive data are actioned through an online secure data storage site to guarantee safe transfer of data
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Approach Information on threats come from a number of sources; NCSC, 3rd party virus protection vendor, software suppliers, vulnerability scanning that is performed monthly and penetration testing. We access threats as part of a continuous security management programme and deploy patches in most cases immediately after release. Patches that are deemed low priority / require regression testing are schedules as part of our monthly release.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Monitoring of attempted logins, failed logins, successful logins, source IP addresses, IP address risk ratings, firewall probes. In addition, virus scanners and mail gateway services are constantly running, monitoring and reporting activity. We review daily and if deemed appropriate a security incident procedure is instantiated. This will typically be within 24 hours.
• Incident management type: Undisclosed
• Incident management approach: Our suppliers use SOC2 processes and we use an internal ticketing system to report incidents. We have an internal Security Management Response policy and procedure along with Reportable Events Policy and Procedure

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  Our robust system for evaluating jobs gives HR confidence that roles are being assessed fairly and consistently and enables HR to create a strong foundation to build an effective organisation.; ; Our market-leading tool also allows gender and ethnicity lenses, highlighting population clusters or gaps within your current organisational structure as well as the ability to map how to achieve an aspirational picture to aid Diversity and Inclusion strategies.; ; Role heat map reporting allows users to identify where roles are evaluated and compare across the organisation and understand where some levels are more populated than others.; ; Work of equal value flagging, and the generation of the ‘work of equal value’ report, allows roles that are falling inside and outside of this to be investigated to ensure roles are reflected without bias.

Pricing

• Price: £25,000 to £97,000 a unit a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: We will provide a demo platform for a select number to trial the functionality and see the full capability of the solution. This however does require accurate data, supplied by the client to upload

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at karen.thornley@innecto.com. Tell them what format you need. It will help if you say what assistive technology you use.