KEYSTONE TALENT BANK

Keystone Talent Bank

Keystone Talent Bank is a complete online suite of tools for the sourcing, hiring, managing, compliance and payment of employees, contractors and contingent workers. It is to allow organisations to hire and manage diverse workforces with automation around all key controls including work assignments, worker compliance and pay controls.

Features

• Recruitment and Resourcing
• Talent pool creation
• Electronic Timesheets
• Automated right to work checks
• Automated worker compliance
• Pay rate control and management
• Employee reporting and management information
• Shift Booker Function
• Worker Groups and Families
• Work assignment control

Benefits

• Find and hire staff from any device 24x7x365
• Manage all recruitment process online
• Automate and approve e-timesheets remotely
• Full audit trail and tracking of all recruitment activity
• Self service for hiring managers (no agency involvement)
• Removal of agency fees
• Automated right to work and worker compliance controls
• Management information for all hiring and pay activity
• Option to outsource payroll functions
• Automate the applying of differing pay tariffs per task

£54,000 to £130,000 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at malcolm.paice@keystone-jobs.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

222645846011696

Contact

Malcolm Paice
07703396669
malcolm.paice@keystone-jobs.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Buyers will need to choose whether to have Talent Bank output to their own existing payroll service or to use Talent Bank to also run payroll directly for them (either option is available).
• System requirements: Web browser (Google recommended)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Usually same working day.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: N/A
• Onsite support: Onsite support
• Support levels: Keystone provides support for implementation, service initiation and ongoing technical account management. An account manager is appointed to each buyer to provide support during and following implementation and this is included in the set up and licence fee costs.; Support also includes training and ongoing support for users of the service during normal office hours.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onsite training is available and is usually combined with the provision of online FAQs, online tutorials (including video), service support documentation and support with live chat, email and telephone support.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Keystone can export all data either to the user's preferred destination systems/database or can export the data into common formats such as .csv, Excel, SQL etc
• End-of-contract process: At the end of any contract a data export (or migration process) is provided, or the client can request a GDPR compliant purge of data and the client-specific instance of Talent Bank is then deleted from service, with evidence provided from the hosted environment. The URL that was utilised would then be decommissioned and made unavailable.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Layout will be displayed according to device and orientation, but all functions and features remain available on any device.
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: End users gave a full interface for accessing the solution to undertake all transactional activity. Talent Bank usually utilises JSON for its published Service Interfaces, but can also utilise XML if preferable.
• Accessibility standards: None or don’t know
• Description of accessibility: A wide range of service calls can be made to/from Talent Bank, typically these will be exchanging data such as worker information, pay information, tax codes etc. Talent Bank can facilitate any functional requirements from the buyers.
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: The API is designed for integrations with third party applications (for example HR, ATS or payroll systems). Talent Bank supports JSON and XML readily and can adapt for others if needs be. Talent Bank has previously successfully integrated with systems such as iTrent, Agresso and other third party HR and Payroll solutions.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The web interface is largely customisable and a whitelabel approach is adopted, allowing buyers to have their own branding, URL and content added to the user interface. In addition buyers can customise key fields relating to workers, pay rates, job types. Users can customise these during the service specification stage and then can customise certain use fields on an ad hoc basis. Some of the main interface customisation needs to be executed by Keystone development team as service deployment but can be modified at a later date as well.

Scaling

• Independence of resources: Talent Bank utilises auto-scaling to monitor system resources to monitor system resources and if the demand increases, automatic scaling takes place to increase capacity on server space. Keystone monitors all database activity and scales it up accordingly based on projected usage and demand. Talent Bank operates in an efficient multi-tenanted environment with adaptive scaling in AWS cloud hosting.

Analytics

• Service usage metrics: Yes
• Metrics types: These can be performance based (response times, processing times, number of database requests etc) or end user based- for example metrics on number of active users, workers, hiring managers, pay rates, worker assignments, hours processed, compliance metrics etc.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Named contacts within the user/client organisation can complete a Data Access Request form directly with Keystone and can nominate their chosen destination and/or export format. Keystone then undertakes the export in accordance with the Data Access Request and prevailing GDPR guidelines.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel
  • Access
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Excel
  • Sheets
  • Numbers
  • Access

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99% uptime for core operating hours (Mon-Fri 0900-1700); 100% accuracy of MI and transactional data
• Approach to resilience: A fully ISO27001:2022 and Cyber Essentials Plus certified set of resiliency and recovery policies and procedures are available upon request.
• Outage reporting: Users will receive email alerts. Updates will be available within the application home page as well.

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Keystone utilises Two factor Authentication and Access is IP restricted.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS
• ISO/IEC 27001 accreditation date: 30/08/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Policies and Procedures include, but are not limited to: GDPR Data Governance and Security, System Access Management, System Availability, Incident Management, Business Continuity and Disaster Recovery, Secure Development Policy. All of these are certified to ISO27001:2022 and Cyber Essentials Plus. Reporting structure is all reporting lines are to the Managing Director who is also the DPO. The business delivers induction and annual refresher training on all of the above processes and the regulatory environment.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Keystone operates a secure and certified development and change management process that complies with ISO27001:2022 and Cyber Essentials Plus which incorporates a full audit trail and risk analysis of all changes with sign off from senior users/owners at key milestones. This includes tracking of services components as well as any inter-dependencies and any improvements, upgrades or regulatory requirements that may affect them. Regular management reviews of the service components, including hosting environment take place to ensure up to date version control and best practice are supported.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Keystone has an ISO27001:2022 and Cyber Essentials Plus certified approach to assessing and tackling vulnerability and undertakes periodic penetration testing and other vulnerability testing as part of this process. Patches are deployed dynamically and can be undertaken 24 hours a day, although they are usually deployed out of peak operating hours. Keystone uses code analysis software to assist in identifying threats and vulnerabilities and active threat management is via the web application firewall and GuardDuty within AWS.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Keystone utilises an ISO27001:2022 and Cyber Essentials Plus certified approach using a combination of AWS provided and custom developed services to identify and protect against compromises and threats. Keystone has implemented AWS Web Application Firewall and Antivirus at server level to prevent /quarantine threats. AWS Guard Duty detects and alerts on any potential compromises. These measures are real-time and immediate. Keystone operates a 24/7 response to such threat alerts and so all such alerts get tackled within the hour.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Keystone operates and Incident Response Policy and process in accordance with both ISO9001 and ISO27002: 2022. These include pre-defined processes and scenarios for common events and extraordinary events (ie security incidents, terrorism, natural disaster etc) and all users can report incidents via email, in-application or by telephone, with named persons at Keystone responsible for then enacting the response internally. Incident reports are provided via email at key milestones (discovery, update, resolution and debrief).

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  The Talent Bank solution offers a 100% paperless solution to the hiring, onboarding and management of workers.

  Covid-19 recovery

  Talent Bank enables frictionless, remote engagement of workers, including the sourcing, hiring and ongoing management of the workforce in a zero contact manner, where desired.

  Tackling economic inequality

  Talent Bank offers frictionless access to work across all user groups and enables economically disadvantaged workers to access work opportunities in a transparent and easy-to-access manner. Rich reporting and Management Information allows for granular reporting on all such activity and outcomes.

  Equal opportunity

  Talent Bank supports specific feature sets to increase work opportunities across all applicants and to record equal opportunity data whilst doing so. Specific reporting suites and Management Information are included as standard to provide insightful Equal Opportunities data on all aspects of an organisation's workforce management.

  Wellbeing

  Talent Bank includes many metrics, as part of a worker's online profile, that are useful in recording and measuring worker wellbeing, and the application can be further customised to include wellbeing tools, such as a 'fairness' matrix for the availability of work opportunities.

Pricing

• Price: £54,000 to £130,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: A feature limited instance can be requested for use for up to 30 working days. This includes main features but excludes customisation and certain payroll and timesheet functionalities.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at malcolm.paice@keystone-jobs.com. Tell them what format you need. It will help if you say what assistive technology you use.