Symplicity

Symplicity CareerHub Core

CareerHub Core is a career development platform which universities use to provide end to end employability enhancing services to students (from prospective, enrolled student to graduate/alumni). It enables students to access key services whilst increasing employer engagement and deliver jobs to student faster. Highly configurable to meet institution’s needs.

Features

• Students can access jobs, placements, internships, volunteering opportunities
• Employability initiatives – awards, leadership and excellence programs
• Events, Fairs and Appointments management (in person and online) virtual
• Form and Workflow modules to capture data and student journey
• Employer registration and online interface for collaboration
• Dynamic content filtering and personalisation based on student data
• Integration with other University systems
• 'Skills Development' module: Validated skill claiming and reflection (optional)
• 'Talent' module: Integrated application management and tracking system (optional)
• 'Check-In' module: Automated event and appointment tracking system (optional)

Benefits

• Available anywhere, anytime
• Increase student engagement and employability
• Increase Employer engagement
• Increase engagement with Graduates/Alumni
• Students have access to key careers services
• Easy to follow career plans for students
• User reporting for real-time analytics / data trends
• Fully scalable to meet changing needs
• Ensure data security and GDPR compliance
• Leverage our experience and learnings from 100s of global deployments

£15,800 a licence

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at SymplicityEurope@symplicity.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

212070973574504

Contact

Frank Griffiths
07384668122
SymplicityEurope@symplicity.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Hybrid cloud
• Service constraints: CareerHub Core is fully cloud based with no local hardware requirements.
• System requirements: An internet browser from the list of supported browsers

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Issues are broken down into the following categories: ; ; Severity Level 1 (Critical Error) ; ; Production Installation is down and not functioning. Initial response time is within 2 hours. ; ; Severity Level 2 (Non-Critical Error) ; ; Production installation is functioning, but major components are unavailable. Initial response time is within one business day. ; ; Severity Level 3 (Non-critical Error) ; ; Production installation is operating close to normal; however minor components are functioning abnormally. Initial response time is within one business day. ; ; Severity Level 4 (Non-critical Error) ; ; Software is operating normally but you may be in need of instructional assistance. Response time is within three business days.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Utilising 3rd party chat system Zendesk
• Onsite support: Yes, at extra cost
• Support levels: The Symplicity Help Centre consists of: ; ; Dedicated Implementation Manager (IM): ; ; An IM is assigned to the customer at the very beginning of implementation and will guide them through 4 key phases: ; ; Discovery and Planning (strategic review and information gathering) ; ; Building and Learning in Production (configuration of the system) ; ; Training and Testing to Go Live (system review and training of core team) ; ; Go Live and Beyond (final preparation and handover to Client Manager) ; ; Dedicated Client Manager (CM): ; ; Once full handover from the IM is complete, the CM will be a dedicated system expert who provides oversight of your account. In conjunction with Symplicity Support, the CM works with customers to resolve issues, ensure quality of service, provide additional training support, and maintain positive relationships with internal teams. ; ; Symplicity Support: ; ; The Symplicity Help Centre (SHC) is web-based and accessible 24/7. Customers will find set-up guides, cheat sheets, and video tutorials that will answer many of their questions about system functionality. ; ; Customers can initiate help-tickets through the SHC for functional issues, bugs, other problems. All issue tickets can be viewed to add updates, re-open, or resolve them. ; ; All support is included in the cost of the annual licensing fee.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Prior to going live, Symplicity provides the customer with training on the core modules being used. The cost of training is included in the contract and can be either onsite or online depending on what is agreed upon between the customer and Symplicity when preparing the contract. Recordings of the training sessions are provided to the customer and access to the CareerHub Core training site is provided to all users that contains training resources and activities.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: CareerHub Core provides download tools for key modules where data can easily be downloaded to CSV format. All system reports provide a CVS and PNG download function. Data can also be extracted through the use of custom reports and the CareerHub Core API
• End-of-contract process: At the end of a contract period, we will have worked with the customer to ensure that they have retrieved any required data from the platform. ; ; Once the customer has retrieved any data from the software the instance will be deleted and the data will also be deleted (unless subject to any legal requirement to maintain data, securely archived, for any period of time). ; ; Customers will be invoiced for all work performed and reasonable expenses incurred up to the effective date of termination.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: A ‘responsive’ web design has been adopted, ensuring that the solution can be used on a web enabled device, irrespective of screen size. The solution scales and adapts based on the screen width, ensuring easy access and visibility. All aspects of the system are accessible via touchscreen.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The ‘service’ interface is designed for Symplicity CareerHub Core staff only and is fully integrated into the platform. This interface enables ‘Support staff’ only access to system configuration areas which are configured as per request from the customer.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: The Symplicity design team continually works to increase satisfaction with the user experience of our solutions. Our UX designers do end-user testing to make sure our products are user-friendly, and easy to use. We test our applications with assistive technology tools such as JAWS, ChromeVox, and others. ; ; Additionally, we have a contracted arrangement with a disability testing company. The testing team consists of users with a range of disabilities working in a university academic environment.
• API: Yes
• What users can and can't do using the API: The CareerHub Core API allows nominated ‘users’ access to specific API endpoints available as part of the software. As new features are added to the solution, corresponding API endpoints are often included to ensure access via the dedicated system interfaces or via the API endpoints. New requirements requested by users are considered and developed in discussion with our customer community.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customisable items are as follows: ; ; Appointment types ; ; Event types (workshops, seminars, careers fair etc) with a customisable email template, icon and banner ; ; Email templates with header and signature ; ; Newsletter template and its frequency and time sending ; ; Online forms for data collection ; ; Workflow for automation and creating a process/program (employability award, career readiness, cv check, internship/placement process/progress etc) ; ; User groups and permissions ; ; Categories and fields (Education status, domicile, ethnicity, date of birth, type of work, industry etc) ; ; Resources (upload documents, create information pages with HTML, add links, FAQs) ; ; Reports ; ; Tags/labels ; ; Domain (URL), email addresses, name of the system & branding ; ; Authentications (SAML, LDAP, CAS and default logins) ; ; Some items can be customised on the interface via settings, others are set by the support team. The support team will guide and can make suggestions if needed.

Scaling

• Independence of resources: All instances of CareerHub Core hosted on dedicated, appropriately specified server infrastructure, ensuring that it can easily handle high demand during peak periods and will be unaffected by any other users (e.g. from other universities). We also have integrated uptime monitoring and server error logging which automatically notified technical staff 24/7 of any issues requiring attention.

Analytics

• Service usage metrics: Yes
• Metrics types: CareerHub Core has over 50 standard reports that provide multiple parameters enabling a vast reporting capacity. Our reporting engine provides the capacity to create as many custom reports as necessary. Almost every single transaction in the system is logged and linked to relative data enabling an extensive reporting structure. The statistics held in the CareerHub Core database are permanently maintained (unless deletion is requested), therefore you will be able to track the statistics and usage patterns throughout the years at the click of a button. Currently some customer databases contain over a decade of reportable data.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: There is a download tool in Search (students, employers, jobs, events) and Reports (standard & custom reports, form submission reports) where customers can download selected fields such as name, Id, email address and so on.
• Data export formats:
  • CSV
  • Other
• Other data export formats: XLS in some areas
• Data import formats:
  • CSV
  • Other
• Other data import formats: XLS

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: The hosted software is accessible 24/7, with a 99.9% target uptime. 99.9% means that for 99.9% of the time during any calendar month, service shall be available. Unavailability is a condition in which customer’s users are unable to access the application. Unavailability does not include network availability due to: i) scheduled maintenance ii) inability of client to connect due to internet or telecommunication problems outside of the control of Symplicity iii) Any third-party applications or integrations, or customisations client has requested.
• Approach to resilience: Symplicity utilises AWS for our hosting and storage needs. The Symplicity Virtual Private Clouds within the AWS infrastructure is designed for resilience and follow the AWS well-architected framework recommendations.
• Outage reporting: Symplicity has a number of internal systems that monitor client systems. Should these client systems become heavily loaded, un-responsive or log critical errors – internal Symplicity teams are notified from which further investigation can take place. On many occasions, issues will be fixed before clients are aware of them.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Users need to be created by the support team or existing users for the management interface. Each user is required to have a ‘role’ with permissions allocated. If a user does not have a permission to view, create, edit or delete a certain item (I.e. job, event, appointment) then they will not have an option to access at a component/module level. ; Level of access can be defined and set by the licence owners and the support/implementation team work with the customers to set it up at first.
• Access restriction testing frequency: Never
• Management access authentication: Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: AFNOR
• ISO/IEC 27001 accreditation date: 28/12/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Self-Attestation of Compliance (AOC) with Qualys Scans Required
• PCI DSS accreditation date: 08/03/2022
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • SSAE 18 SOC
  • ISO 9001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The Symplicity team leverages best industry practices promoted by the Open Web Application & Security Project (OWASP) - leveraging relevant tools and processes within the development lifecycle. A key component of this relates to the Code reviews & acceptance process build into the development lifecycle. Code is reviewed, approved (or rejected) by appropriate accounts (stakeholders) to ensure that OWASP practices are implemented together with automated testing to verify prior to being promoted to QA for further testing.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The Symplicity team leverage JIRA to manage the respective software development sprints. Team members peer review & QA all code modifications. Any applications changes are underpinned by software development best practices as promoted by the Open Web Application & Security Project (OWASP) ; Software updates are initially deployed to internal development systems for testing. Depending on the type of release (bug fix or major software release) - it will then be deployed to the customer facing dev site for further testing and exploration. Certain customers may also opt in to be an early adopter prior to full release.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Symplicity continues to closely monitor the security and any associated vulnerabilities of its applications. We rely on AWS to provide the underlying infrastructure that supports a secure and robust platform. We deploy a uniform infrastructure fleet with monitoring and patch management to ensure these are kept up to date and in line with recommendations from core providers - eg Microsoft. ; Releases are put through a QA process with automated and manual testing performed by the QA team prior to the release being made available.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: AWS provides Symplicity with tools that aid us in the identification of potential compromises and so the Sympicity team are continuing to closely monitor the application for any potential compromises. ; ; Should clients discover any issues – these should be immediately logged via the Symplicity support portal and marked with appropriate severity. ; ; Symplicity will follow up in line with our Incident Response Plan notifying affected customers of the compromise.
• Incident management type: Supplier-defined controls
• Incident management approach: Symplicity works in close partnership with customers to keep them informed around key updates /notifications / alerts for the system. To enable this, CareerHub Core has a dedicated notifications system. Notifications are added by Symplicity staff and can be tailored according to the notification type, with emails being sent to key contacts if it is marked as important. ; ; From within the application, clients can connect through to the Symplicity Support Portal where they can log a new support request or view/interact with existing requests they have in the system. Symplicity will triage and prioritise support requests as they are logged.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Symplicity has implemented our software remotely to thousands of institutions. Additionally, the majority of our staff work remotely. Through remote meetings within the company and with outside clients, we provide minimal impact on greenhouse gas emissions.; ; Our goal is to produce the deliverables of our contract through remote means, eliminating the need to travel, use paper, or other resources. Through our vast experience with remote implementation and support, we influence our staff and customers to be more efficient and leave less of a carbon footprint.
• Covid-19 recovery:

  Covid-19 recovery

  Our company has always kept the wellbeing of our employees a top priority throughout the Covid-19 pandemic. Throughout the pandemic, we worked with employees to create flexible, work-from-home schedules that would accommodate their specific situation for childcare, healthcare, etc. Our Human Resources department has remained in constant communication with employees to provide information on resources and to set up any needed accommodations. Managers scheduled and continue to hold 1-on-1 meetings with employees to discuss any issues that may be affecting the employee.; ; Our company has always kept the wellbeing of our employees a top priority throughout the Covid-19 pandemic. We enabled all of our employees to work remotely throughout the pandemic; our IT department worked quickly to get everyone set up with the appropriate equipment to be able to work safely from home. Managers worked with employees to create flexible schedules that would accommodate childcare or any other needs. We converted our office into a safe, social distancing environment for any employees that did wish to leave their home; desks and seats were re-arranged for social distancing, public areas such as the break room were clearly marked to ensure proper social distancing, and signs were placed prominently throughout the office about the virus, masks and sanitation. Additionally, our building vastly increased the sanitation of high-touch surfaces, and upgraded the building’s HVAC system to one that is certified for virus-reduction and clean air. When local and government authorities indicated that it was safe to return to the office, Symplicity slowed the return process to ensure that employees felt comfortable. We continue to maintain flexible, work-from-home schedules for employees.
• Tackling economic inequality:

  Tackling economic inequality

  Symplicity is committed to ensuring that there is no modern slavery or human trafficking in our supply chains or in any part of our business. Our Anti-Slavery and Human Trafficking Policy reflects our commitment to acting ethically and with integrity in our business relationships and to implementing and enforcing effective systems and controls to ensure slavery and human trafficking is not taking place in our business and in our supply chains. The Symplicity Code of Conduct provides a system for our employees to escalate ethics issues, including slavery and human trafficking issues and breaches of our Ethics Policies. Both policies are reviewed annually. There have been no breaches or suspected breaches of our Anti-Slavery and Human Trafficking Policy at the time of this initial publication.
• Equal opportunity:

  Equal opportunity

  Symplicity Corporation is an affirmative action employer, and provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to protected statuses such as race, colour, religion, gender, sexual orientation, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws.
• Wellbeing:

  Wellbeing

  Symplicity has several events to support employee inclusion, including a weekly happy hour party, holiday get-togethers and several other events such as an annual 5K run and parties to support the holidays of other countries. We provide free access to a gym within our headquarters building, an Employee Assistance Program for personal/emotional support of employees (including free counselling sessions with professional mental health care providers), workout and mindfulness memberships to our Brazilian employees, and provide paid-time for community service. Our employees have several groups they have developed as well, such a book club, steps club and movie club.; ; Our products are aimed at wellbeing; our Advocate and Accommodate/Access solutions aid institutions in identifying and responding to the needs of their constituents. The solutions enable the reporting of incidents, requesting help, and identifying individuals in need.

Pricing

• Price: £15,800 a licence
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at SymplicityEurope@symplicity.com. Tell them what format you need. It will help if you say what assistive technology you use.