Sirsi Ltd (trading as SirsiDynix)

EOS.Web Cloud Library Management Software

EOS.Web Cloud library management software cost-effectively serves the stringent knowledge and content management needs of government, corporate, scientific, and other special libraries. Fully web-based and hosted on our secure servers, EOS.Web offers librarians and knowledge services an easy-to-use interface while increasing operational efficiency, enhancing services to end-users, and reducing costs.

Features

• Web-based Library Management System (LMS/ILS)
• Cataloguing, Circulation, Serials, Acquisitions, Reference Tracking, Z39.50
• Design and manage your own OPAC (online public catalogue)
• Powerful reporting and exporting capabilities
• Responsive, high quality customer service
• Easy to learn and use

Benefits

• Quickly/easily make your catalogue data available on the web
• Simplified maintenance (we handle upgrades, security patches, etc.)
• Get around-the-clock access to customer support
• Easily edit record data (MARC or non-MARC/labels)
• Catalogue traditional library materials (books, serials, etc.)
• Catalogue non-traditional materials (objects, images, files, etc.)

£3,800 an instance

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at margaret.mcevaddy@sirsidynix.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

156161787329201

Contact

Margaret McEvaddy
01923 202923
margaret.mcevaddy@sirsidynix.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Hybrid cloud
• Service constraints: EOS.Web software updates are loaded once a month late on a Sunday evening (or very early Monday morning), outside of UK business hours.
• System requirements:
  • Modern versions of Internet browsers (IE11, Edge, Chrome, Firefox, etc.)
  • A PDF reader utility

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Critical support queries can expect a response within one hour; other support queries can expect a response within 4 hours (though often a response will be received in less than an hour).
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: Our web chat facility meets WCAG 21.A and most of WCAG 21.1AA and AAA. We have not tested with assistive technology users.
• Onsite support: Yes, at extra cost
• Support levels: Questions and issues may be reported to the EOS.Web Help Desk team via phone, email, chat, and through the SirsiDynix Support Center. Our Help Desk is staffed 24 hours a day, 365 days a year. The yearly EOS.Web Cloud subscription includes unlimited access to EOS Help Desk services.; ; Support Structure; - Level 1 support is provided by the EOS.Web Help Desk. Help Desk staff are very experienced with the product, and generally able to resolve application questions, training issues, and deal with most any matter regarding features or functionality. They also have an initial level of expertise regarding application errors or possible server-related issues, and connectivity or performance problems.; - Level 2 escalation occurs when an issue requires a higher level of expertise regarding something not working as designed (escalated to Development) or based on networking, connectivity, or performance issues (escalated to IT or the SaaS team).; ; This combined approach allows SirsiDynix to resolve all issues that come in through the Help Desk. The relatively flat support structure means we are generally able to answer questions or resolve issues very quickly.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We provide an online consultation to help setup the system initially. Typically onsite training would occur near the time the system was expected to go Live. The EOS.Web Help system includes not only information about the various features and workflows within the application but also quite a variety of recorded trainings and presentations on aspects of the software.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Authority and bibliographic data may be exported in MARC21 or MARC XML formats. Borrower/patron data may be exported in CSV or XML formats. Additional data can be exported using system reports in PDF, XML, CSV, Word, or Excel formats.
• End-of-contract process: Clients are expected to export their data themselves (MARC records, etc.) before the contract expires. When the contract expires the system becomes inaccessible, with the system's data being retained only as long as stated in our security policies.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The OPAC offers an interface for searching the catalogue that is sized appropriately for mobile device users (i.e., a much smaller screen). Tablets and larger mobile devices can access the full software package (OPAC and library staff modules) using a browser.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The EOS.Web OPAC includes simple and advanced search capabilities, using an autosizing template design whereby elements on the interface adjust to the resolution of the viewing screen giving full interface functionality for browsers on computers, tablets, and phones. Functionality includes title lists, saved search strategies, item requests, item or title reservations, rating/reviewing titles, and printing or emailing of search results. A “My Account” area can allow users to access their patron information, password, circulation desk transactions (view checked out items, renew items, view checkout history, reservations, charges, serial routing lists), and reviews.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: OPAC accessibility testing tool: aXe Chrome extension. Screen readers: JAWS, Narrator with Edge. Manual evaluation using supported tools specific to browsers. Mobile testing included manual evaluation based on standard template. Help accessibility testing tool: WAVE. Screen Reader: Narrator with Edge. Manual evaluation using supported tools specific to browsers.
• API: Yes
• What users can and can't do using the API: The catalogue may be searched using Z39.50; Web Services are available to get, delete, add, and update the following types of records: authority records, bibliographic records, category records, patron records. In addition Web Services are available for obtaining item status information searching the bibliographic catalogue, and adding/getting reference tracking records.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Library users with administrative rights can access EOS.Web's General Setup and User Setup areas, allowing them to customise the look and behaviour of the OPAC and library staff modules.

Scaling

• Independence of resources: Multi-source monitoring and alerting. Examples include Nagios, Solarwinds, PRTG, vCenter tools.

Analytics

• Service usage metrics: Yes
• Metrics types: Information about library staff logins, OPAC user logins; counts of new records, edited records; total linked media storage in use; counts of circulation activities. An admin can see how many library staff are currently accessing the system.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Other
• Other data at rest protection approach: Secure containers, racks or cages; Physical access control. All systems run on Pure Storage arrays encrypted at AES 256.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Authority and bibliographic records may be exported in MARC21 or MARC XML formats. Patron records may be exported in CSV or XML format. A wide variety of reports are available to obtain data from the system in PDF, XML, CSV, Word, or Excel formats.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • MARC21
  • MARC XML
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • MARC21
  • MARC XML

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: Other
• Other protection within supplier network: We can optionally configure internal communications for Software as a Service (SaaS) systems to use TLS v1.2 or a similar technology

Availability and resilience

• Guaranteed availability: Covered Services will be available 24/7 with the exception of Scheduled Maintenance periods or any events or occurrences due to the products, services, and/or actions of 3rd parties beyond EOS’ reasonable control, including but not limited to any Force Majeure events, which result in Reduced Functionality or an Unscheduled Outage. Scheduled Maintenance will only be performed after 24 hours notice. ; ; In the event the Covered Services are not available the Customer is entitled to credit(s) as outlined below if the Customer: (1) provides written notice to EOS of the circumstances giving rise to this credit request, (2) provides such written notice no later than the last business day of the next calendar month, and (3) identifies the relevant Client Care incident(s) relating to the event(s) during which the Service Availability was not met and for which the Customer seeks credit(s). ; ; Service Availability Interruption Service Credit (*); Less than 1% of hours in a calendar month No Credit; ; 1% to 4% of hours in a calendar month 5%; ; 4% to 6% of hours in a calendar month 10%; ; 6% to 12% of hours in a calendar month 25%; ; 12% of hours or more hours in a calendar month 50%.
• Approach to resilience: Available upon request.
• Outage reporting: Combination of email alerts and a customer-accessible dashboard (scope of coverage soon to include all customers).

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Username or password
  • Other
• Other user authentication: SAML and IP Authentication are available.
• Access restrictions in management interfaces and support channels: Individual library staff members will access the library staff side of the application using their own library staff user account. Individual user accounts can be configured to limit access, capabilities, and defaults within the different modules of the software. Library staff access may be limited by IP. EOS/SirsiDynix support access is only (a) via a password obfuscation tool such as Remote Desktop Manager (RDM) or (b) via two-factor authentication.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: A-LIGN
• ISO/IEC 27001 accreditation date: 18 December 2017
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: EOS.web is FedRAMP authorised.
• Information security policies and processes: SirsiDynix has a documented framework for security governance, with policies governing key aspects of information security relevant to the service. High-level security requirements are found in the Corporate Security Policies (CSP) document. The CSP has several subordinate policy and procedure documents, listed below, which describe how SirsiDynix meets each of these requirements. • SirsiDynix Controlled Access Plan; • SirsiDynix Audit Management Plan; • SirsiDynix Change Management Plan; • SirsiDynix Disaster Recovery Plan; • SirsiDynix Incident Response Plan; • SirsiDynix Personnel Security Plan; • SirsiDynix Risk Assessment Plan. The framework ensures that security processes and procedures are defined, and implemented by all staff across the company. All staff are aware of the documentation and receive security training annually.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: EOS/SirsiDynix manages configurations and changes according to industry best practices, requiring reviews and security lead authorisations for changes throughout software or system lifetimes.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: EOS/SirsiDynix uses sources such as the US-CERT ratings and industry and vendor threat reports to assess potential threats, deploying patches as needed based on the severity of the ratings. Policy related to patch deployment is found in the SirsiDynix Risk Assessment Plan (RAP) section 3, with a target of 24 hours for critical patches, 36 hours for high-risk patches, and 2 weeks for moderate-risk patches.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Potential compromises are identified using detection of unauthorised and out-of-policy configuration changes, network behaviour, and other activities; EOS/SirsiDynix also uses logic built into security tools to perform identification. Response to potential compromise includes isolation, investigation, remediation, and reconstitution (from the Incident Response Plan section 6). Goals for speed of response (from IRP section 6.1) are listed below. EOS/SirsiDynix networks are also protected by Sophos network security monitoring, with 24x7x365 threat detection. ; Critical - within 24 hours; High - within 36 hours; Moderate - within 2 business weeks
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: End users of EOS/SirsiDynix products typically report potential incidents to EOS/SirsiDynix customer employees who open tickets with EOS/SirsiDynix support. Internal users similarly report potential incidents to the Information Technology (IT) helpdesk via tickets. Incident reporting includes notification as soon as possible after identification of an incident, regular updates, and a final report upon incident conclusion.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  SirsiDynix regularly monitors and reviews our internal work practices to ensure that, as a company, we are meeting our goals towards minimising our carbon footprint. For example, in 2021 we took the decision to allow all our staff to work from home indefinitely and to minimise business travel, thus reducing the amount of unnecessary carbon emissions expended, and so protecting the environment. ; ; As a responsible supplier, SirsiDynix imposes stringent criteria when selecting a collocation partner to host our software in the UK. Iomart are regularly inspected by independent auditors and hold both 14001 Environmental Management System and IOS 50001 Energy Management certification, which demonstrates continuous work to improve their environmental position and performance, as well as constantly working to upgrade energy use and output in their facilities. ; ; We build sustainability into our development plans, identifying ways our customers can protect the environment. Focusing on the sustainability of resources, our company policy is to go paperless in all our work practices and in the technology we build for our customers. All of our solutions and supporting documentation are web based and available online. Our systems can all be used remotely, supporting our customers to encourage library users and staff to cut down on unnecessary travel.
• Covid-19 recovery:

  Covid-19 recovery

  No member of SirsiDynix staff (currently 32 staff in the UK) has lost their job or been furloughed due to the COVID-19 pandemic.; ; Our experience in supporting remote working places us in a strong position in the continuing and post COVID-19 environment, allowing us to recruit and on-board new employees remotely, including hiring and training in a fully remote environment. ; ; Recruitment during the COVID-19 pandemic has been carried out in a remote only environment, with training and support given remotely, enabled by technology platforms such as MS Teams and Zoom. All employees have access to both local and global training, backed up by our comprehensive self-service Support Portal and our eLearning platform, Mentor, the staff intranet, and Global and UK-specific Employee Handbooks. ; ; In addition, we have been able to keep library staff in jobs by providing remote working technologies through web-based systems, supporting staff working from home. We have also created an extensive catalogue of webinars and self-paced training to support key library staff in delivering their services to end users. ; ; Addressing the wider context of post COVID-19 recovery, we provide a digital interface to customers, enabling their users to access content to support wellbeing, literacy, employment skills, and schools, helping local communities to up-skill in the challenging post COVID-19 environment.
• Tackling economic inequality:

  Tackling economic inequality

  SirsiDynix is an international company with EMEA headquarters based in Watford, UK. We have a team of 32 staff working in the UK, contributing directly to the domestic workforce. We also support local businesses through our third-party supply and delivery chains, partnering with SMEs across the UK. Examples of partnerships include Solus, based in Scotland, for the development of our mobile app, and iomart, UK-based, who host our data centre collocation facilities. ; ; We offer programmes to young adults as internships, helping them to gain valuable work experience. The most recent example is a young man from the local area who has autism, he joined our Engineering Team on a six-month contract and has now been taken on a full-time permanent basis.
• Equal opportunity:

  Equal opportunity

  SirsiDynix is an Equal Opportunities Employer, continuing to comply with the spirit and letter of UK equality laws. We promote a fair and harmonious working environment in which all employees are treated with dignity and respect. All workers and job applicants receive the same opportunities regardless of their age, disability, ethnicity, sexual orientation or gender. These conditions are written into our employment contracts. ; ; In the UK, our average employee tenure is 10 years. 18% of staff in the UK are from a minority background, covering BAME, LGBTQ+ and disability. Women make up 50% of our UK work force and hold the most senior positions in the UK office. SirsiDynix provides appropriate support and adaptations to enable disabled staff to access their work, for example providing specialist equipment for visually impaired staff. We provide mandatory training in equality and discrimination to all our staff on an annual basis, and we continue to build software which is accessible to all and is regularly assessed against WCAG guidelines. ; ; SirsiDynix believes in finding the right balance between responsibilities at home and at work. We honour requests for part-time work due to domestic circumstances, and all of our staff have the option to work from home. ; ; We employ talented people from diverse backgrounds. As an international company with offices around the world, we have a very open mind to different cultures and we adapt our employment policies to make sure we are sensitive to regional differences.
• Wellbeing:

  Wellbeing

  At SirsiDynix we take the obligation to meet the highest standards in looking after our own and customers’ staff very seriously. ; ; Wellbeing is at the core of our values. A healthy workforce means a happy team and leads to happy customers. This belief is led from the very top by our CEO, Bill Davison. The most recent review on GlassDoor has SirsiDynix rated at 4.3 for our Culture & Values, 4.2 for Diversity and Inclusion and 4.4 on Work / Life balance. 92% of raters approve of the CEO. ; ; The active Global HR Department works hard to promote a healthy work-life balance for SirsiDynix staff, and to make staff feel appreciated and included, covering aspects of health, mental health and interests outside of work. Regular team meetings and catch ups, and a monthly slideshow help management and HR communicate motivational thoughts, work anniversaries, birthdays and milestones. ; ; SirsiDynix’s CEO gives regular monthly all-staff updates to ensure staff are aware of any changes to company policy around COVID-19, and to pre-emptively address worries staff might have about visiting the office, travelling for work, work-life balance during the pandemic and other related issues that could potentially affect staff mental health. In addition, all UK staff can opt in to benefit from private medical insurance provided by BUPA, which includes provision of mental health support. ; ; We carry out annual workplace assessments to ensure staff have the right equipment to perform their duties comfortably. Our annual holidays are generous and we recently added an additional two days’ annual leave pro-rata to the allowance for every member of staff for health and wellbeing activities. ; ; As a technology company, SirsiDynix is well placed to promote and support flexible working for our employees, including creating flexible and remote work opportunities without restriction to a specific geographic area.

Pricing

• Price: £3,800 an instance
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at margaret.mcevaddy@sirsidynix.com. Tell them what format you need. It will help if you say what assistive technology you use.