OPEN RECRUITMENT SOLUTIONS LIMITED
human resources and employee management
supply best in class people for projects, assignments and service provision
Features
- cost effective, cost reduction, continuity of service
- cost effective, cost reduction, continuity of service
Benefits
- reduction in staffing costs
- reduction in staffing costs
Pricing
£300 to £3,000 a unit a day
- Education pricing available
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at chris.davis@openrs.co.uk.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 14
Service ID
1 5 6 9 6 7 1 2 4 6 2 0 4 2 3
Contact
OPEN RECRUITMENT SOLUTIONS LIMITED
chris davis
Telephone: 07833555870
Email: chris.davis@openrs.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
- No
- System requirements
-
- Software Licenses, Antivirus and Security Software, Resource Allocation
- Software Licenses, Antivirus and Security Software, Resource Allocation
User support
- Email or online ticketing support
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- No
- Support levels
- 24/7 365 availability
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Intial briefing call to outline needs/requirments
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- All user data transfered at end opf agreement, once finiancial settlements have been confirmed
- End-of-contract process
- No additional cost
Using the service
- Web browser interface
- No
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- No
- User support accessibility
- None or don’t know
- API
- No
- Customisation available
- Yes
- Description of customisation
- Tailored / flexible solutions to meet changeable environment
Scaling
- Independence of resources
- Impact assessments to avoid any conflict of interests
Analytics
- Service usage metrics
- Yes
- Metrics types
- Streamlined metrics for deliverables
- Reporting types
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Upon request
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- Private network or public sector network
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- 24/7 365 availability, failure to meet slas would initiate full refund
- Approach to resilience
- We deploy geographically distributed data centres and backup systems to ensure business continuity in the event of a localised outage or disaster. Continuous monitoring, automated failover mechanisms, and regular testing of disaster recovery plans further enhance the resilience of our data centre infrastructure, ensuring high availability and reliability for our customers' critical applications and data.
- Outage reporting
- Email and phone and facetoface engagement
Identity and authentication
- User authentication needed
- Yes
- User authentication
- 2-factor authentication
- Access restrictions in management interfaces and support channels
- Access to management interfaces and support channels is tightly controlled through role-based access control, multi-factor authentication, network segmentation, privileged access management, and encryption. Access is logged and monitored in real-time, with regular reviews to ensure alignment with business needs. These measures reduce the risk of unauthorized access and potential security breaches, safeguarding critical systems and resources.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- 2-factor authentication
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- By adopting a holistic approach to security governance, we aim to proactively manage security risks, protect our assets, and maintain the trust and confidence of our stakeholders, customers, and partners.
- Information security policies and processes
- Information security policies and processes are essential for protecting sensitive data, mitigating security risks, and ensuring compliance with regulations. They encompass policy development, risk management, access control, data protection, incident response, security awareness training, compliance with standards, security monitoring, third-party risk management, and continuous improvement. By establishing comprehensive policies and implementing effective processes, organisations can safeguard their assets, maintain the trust of stakeholders, and mitigate the impact of cyber threats.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Our configuration and change management approach involves meticulous tracking of system components, version control for code and configurations, and robust change management processes. Changes undergo careful assessment for security impacts, prioritization, and thorough testing before deployment. Transparency and communication are prioritised, with all changes documented for audit purposes. Continuous monitoring and feedback loops drive ongoing improvement, ensuring system integrity and availability.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Our vulnerability management process entails continuous assessment, prioritization, and mitigation of security vulnerabilities. Regular scans identify vulnerabilities, categorized by severity, and promptly addressed. We monitor emerging threats, conduct audits, and maintain communication with stakeholders. Continuous improvement ensures our vulnerability management evolves to combat evolving cyber threats.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Our protective monitoring processes involve continuous surveillance of systems and networks using advanced security tools to detect and respond to security incidents promptly. Suspicious activities trigger immediate alerts, leading to thorough investigation and response by our dedicated security team. Post-incident analysis informs future security improvements, ensuring ongoing protection against cyber threats.
- Incident management type
- Supplier-defined controls
- Incident management approach
- Our incident management processes ensure swift detection, response, and resolution of security incidents. Incidents are categorized, assessed, and escalated promptly. A dedicated response team activates predefined procedures for containment, eradication, and recovery. Transparent communication channels keep stakeholders informed. Post-incident analysis drives continuous improvement. Our goal is to minimize operational impact, restore normalcy swiftly, and enhance incident management capabilities.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
we are a paperless work environment, we recycle all technology through authorised dealerTackling economic inequality
we regularly review and update salary/rate card reviews to ensure economic equality within organisationEqual opportunity
all vacancies are available to all, nationality and visa stautusWellbeing
we are constantly striving for a better workplace, unlimited holiday and medical care provision for all
Pricing
- Price
- £300 to £3,000 a unit a day
- Discount for educational organisations
- Yes
- Free trial available
- No
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at chris.davis@openrs.co.uk.
Tell them what format you need. It will help if you say what assistive technology you use.