The Access Group

Access Volcanic

We have an award-winning, recruitment website platform which provides all the features needed to enhance candidate attraction and client engagement. We have built a website toolkit dedicated to the needs of the recruitment industry to enable us to deliver websites which reflects brands and sets you apart from the competition.

Features

• A world-class content management system
• GoogleForJobs optimised job posting
• SEO monitoring tools and console
• Candidate portals
• A secure and personalised environment for hiring managers
• An advanced reporting suite
• Fully integrated with Access Recruitment CRM and Vincere
• Data-driven DEI and accessibility
• GDPR and Compliance module
• Tools for client and candidate attraction

Benefits

• Supercharge your brand with world-class design capabilities
• Simplify job posting through integration with multiposters
• Capture and report on diversity data in a compliant way
• Demonstrate inclusive hiring practices with our advanced DEI tooling
• Save time through integration with other Access software and systems
• Maximise candidate conversion with job alerts
• Simplify SEO with built-in best practice and management console
• Candidates can search in multiple languages
• Keep your website optimised with blogging
• Clear and relevant insights, centralised in a single dashboard

£723.00 an instance a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tendernotifications@theaccessgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

225780080357258

Contact

Access UK
01206322575
tendernotifications@theaccessgroup.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Access Workspace, Access Recruitment CRM, Access Screening, Access Pay and Bill, Access Financials and Mobile Worker App, Access Vincere, Access Fast Track
• Cloud deployment model: Private cloud
• Service constraints: Planned maintenance is outside of normal working hours
• System requirements: Internet Explorer 11 and above, Firefox, Safari, Google Chrome

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Access has developed a range of support plans. Our online Knowledge base and Community service plans are available to all our clients. We have made significant investment in our client support tools. The Success portal provides around the clock access to log incidents, browse articles and videos to find solutions. Our Support teams are available M-F 9-5 ( or 8-6 on Standard/Premium) On these plans P1 cases are responded to in 1 hour. Please refer to Access for further details.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: End user testing using web chat tools to provide feedback on the experience
• Onsite support: Yes, at extra cost
• Support levels: Priority Description Response time Target resolution time Priority 1 The entire Access Product service is "down" and inaccessible. Complete failure of Access Product Telephone Based Electronic Monitoring Service (where applicable). This does not include local Customer issues for example, but not limited to Customer infrastructure or internet connectivity issues. Priority 1 incidents shall be reported by telephone only when outside Normal Business Hours. Within two hours during Extended Business Hours. Within four hours during Extended Business Hours. Continuous effort after initial response and with Customer co-operation. Priority 2 Operation of Access Product is severely degraded, or major components of Access Product are not operational and work cannot reasonably continue. Within 4 hours during Normal Business Hours. Within two Business Days after initial response. Priority 3 Certain non-essential features of Access Product are impaired while most major components of Access Product remain functional. Within 12 hours during Normal Business Hours. Within seven Business Days after initial response. Priority 4 Errors that are non disabling or cosmetic and clearly have little or no impact on the normal operation of Access Product. Within 24 hours during Normal Business Hours. Next release of Access Product.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Each FlightPath implementation programme from Access follows a well-defined journey with key milestones. These milestones represent – at a high level – the individual phases of your implementation journey. We’ll be using these milestones to help us both track and communicate progress towards successfully launching to your users. Our aim is to give you value from your investment as quickly and as fully as possible.; ; At the ‘Getting Started’ milestone phase, you will receive a Welcome Pack. In here you’ll find clarity on roles and responsibilities. What you’ll need to do, and what we will do. Crucially our FlightPath approach also clarifies our joint expectations, helping us both understand the process that we will jointly commit to, in order to successfully launch your chosen software to your end users in a timely and efficient manner.; ; We offer 3 flightpath tiers for the implementation of Volcanic. The onboarding process is 8 weeks from the Welcome Call for each FlightPath. Included in the onboarding are design consultancy, bespoke front end development work, project reviews with your Onboarder, early access to your website and an online LMS, go-live and post go-live support.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Users can run reports using the custom export facility in the software. Also clients are passed their data upon request, subject to standard T's & C's.
• End-of-contract process: At the end of the contract the client is given 30 days to migrate any data before it is erased from all servers.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The candidate-facing services are built using responsive design to work on multiple devices. The CMS itself can be accessed via mobile but is optimised for desktop.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Job data in and Candidate data out; Public documentation is available
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The CMS uses toggle options to provide maximum flexibility for customers when applying different settings including the degree of visibility they wish their job to have, and what questions are mandatory on their application form among other options. Services options sometimes exist for more bespoke requests, depending on the nature of the requirements. The candidate-facing websites are customisable in varying degrees depending on the package the customer purchases.

Scaling

• Independence of resources: Access Volcanic hosted servers are monitored ensuring that the service can expand sufficiently if required. In addition to this we use automated monitoring tools to alert us when demands on resource meet or exceed certain thresholds (CPU, RAM, I/O, disk usage etc). The infrastructure is sized to deliver comfortable capacity for even our peak service periods, day-today usage currently runs at 1/3 total capacity.

Analytics

• Service usage metrics: Yes
• Metrics types: Reports are available upon request
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Via API, CSV download or email
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We will use commercially reasonable efforts to make the SaaS available 24 hours a day, seven days a week, except for unavailability during emergency or routine maintenance.
• Approach to resilience: Available upon request
• Outage reporting: Users can subscribe to email alerts giving updates on scheduled maintenance and outages. An online portal is also available to clients

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Based on profiles usernames and passwords
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: ISOQAR
• ISO/IEC 27001 accreditation date: 01/09/2014
• What the ISO/IEC 27001 doesn’t cover: Nothing is excluded from the standard
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All controls included within Annex A of the ISO27001:2013 standard. Statement Of Applicability (SOA) available on request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All change management is undertaken in line with ISO27001:2013 using ADO for audit purposes.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Patched and audited by our patch management system. All non-critical OS patches are applied within one calendar month of release, first into pre-production and then into production, as part of the scheduled maintenance window. AV Updates - Signatures are updated hourly. / Rules are reviewed at minimum every 3 months. Logs are reviewed at minimum every 3 months. Access staff responsible for the maintenance of our hosting services subscribe to industry newsletters, belong to various security forums and we additionally receive notifications from our vendors.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We have traffic monitoring and content based alerting which alerts on changes to the site and/or traffic flows implemented at infrastructure and application level. We proactively monitor third party suppliers (hardware, OS, application/web and database server software) vulnerability reporting and security fix availability. Any vulnerabilities found and fixes provided by third party suppliers are patched by our infrastructure team in a timescale appropriate for their level of severity. Any penetration test findings are fixed by Development in a timescale appropriate for their level of severity. Our infrastructure response is within 1 hour in the SLA period 8am-8pm Monday – Friday.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We operate a robust incident management process in line with ISO27001:2013 Staff are encouraged to report all incidents using a pre-defined process using a form available on our Company Collaborate site Incident reports will be provided following forensics and closure

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Access UK Limited is a Software author and provide associated services, including Hosting, Payroll Bureau and Payment services. We recognise that although we do not undertake manufacturing, our day to day operations will have impact on the environment at global, national, and local level. We are committed to the care of the environment and the prevention of pollution. •Access ensures that all our operations are carried out in with the minimum adverse effect on the environment but implementing many available resources and approved processes •We protect the environment by striving to prevent and minimise our contribution to pollution of land, air, and water •We keep wastage to a minimum and maximise the efficient use of materials and resources, and manage disposal of all waste in a responsible manner •We use energy, water, and natural resources wisely and prevent pollution by minimising waste, recycling whenever possible and properly disposing of waste that cannot be recycled. •Our management processes are developed to ensure that environmental factors are considered during planning and implementation •We raise employee awareness and encourage best practices for sustainability at work

  Equal opportunity

  Volcanic provides an advanced range of tools to support inclusive hiring practices, including compliant diversity data capture, a bias analyser which assesses job descriptions for multiple kinds of bias - developed in conjunction with the University of Nottingham's Applied Linguistics department, and an applicant anonymiser to remove bias from the candidate shortlisting process. A range of accessibility services are also provided to reduce barriers to users in accessing Volcanic websites, and we have a range of partnerships available for customers wanting to provide more assistance to users with accessibility needs. We also partner with a pay data organisation to provide full salary transparency and gender pay parity data.

  Wellbeing

  Access places specific emphasis on the health and wellbeing of its staff and provides a “Well-being” hub in workspace that provides support for Mental Health, Finances, Social, Physical, Emotional and purpose. Assistance from Health Assured is available for all staff and there are training resources for “working in the new normal” and “Mental health and wellbeing” . Access also has “well-being” champions throughout the organisation. This is supported by monthly employee “check in” surveys and offers of flexible working for staff to meet caring commitments.

Pricing

• Price: £723.00 an instance a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tendernotifications@theaccessgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.