Thesis Systems UK Ltd

Thesis Student Management

Transform your institution with Thesis Student Management, a comprehensive Student Information System engineered to streamline administrative processes and cultivate a collaborative educational environment that enhances the learning journey.
Designed for Cloud
All UK statutory reporting complete
Implementation model based upon UCISA Higher Education Reference Model
Ready built for the UK

Features

• Modern cloud-based SIS covering the complete applicant and student journey
• A true SaaS solution developed in the Cloud
• UK-Ready with full suite of UK Statutory Functionality available now
• No-code configuration. Customisation is automatically protected through upgrades
• Seemless integration using our comprehensive suite of API's
• Higher Education Model provides preconfigured UCISA referenced HE processesgood
• Highly experienced UK based HE consultants
• Faster than industry standard implementation times
• Delivered with a UK HE data set
• Unique flexi-field capability

Benefits

• Meets the full student management requirements of a UK institution
• Ensures customers are always supported on the latest release
• Reduces time and effort to provide statutory reporting
• Customisations are part of the standard solution and fully supported
• Integrations are automated and fully validated as standard
• Provides faster time to value HE implementations
• Consultants understand UK HE ensuring the delivery of good practice
• Reduced cost and time spent on implementation
• Institutions have example processes and data to work with immediately
• User defined fields and tables can be added as standard

£40.00 to £40.00 a user a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andy.mcginn@thesiscloud.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

237262497612391

Contact

Andy McGinn
+44 7725 595349
andy.mcginn@thesiscloud.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Cases are submitted via a webform which is located in our online Community. P1 issues are responded to urgently and within 1 hour. P2 will be responded to within 2 hours. P3 issues are responded to within 8 hours. P4 issues are responded to within 2 days. P1 issues are responded to on weekends.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Thesis has a tiered support team, Client Support Consultants and Senior Support Consultants will perform the first line of issue validation and troubleshooting to resolve reported issues. If support requires assistance with complex issues the case is escalated to the next level of support, Tier 3 Solutions Engineer who also has an escalation path for defects and enhancement request. Our in-house Cloud Operations team works directly with support where needed.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: During the implementation phase, users will receive training and guidance use of the software. Training can be conducted virtually or onsite based on the needs of the institution.; Workbooks guide users through the necessary configuration and use of Thesis SM for each workstream, providing step-by-step information.; The training of Users falls into three groups: ; -Technical users ; These users are given technical training. These are usually a small group of users who are responsible for multiple systems within your institution. The technical understanding falls into these main areas: ; Integration ; Data Migration; SSRS Reporting; Security ; ; - Super Users ; These are functional super users who will be trained to understand the full system. These users form the base of a “Train the Trainer” approach. Once trained, they can train the remaining users within the Institution. These users are able to seek assistance from Professional Services to ensure that they are supported throughout the implementation. These users need no technical knowledge to operate the system. ; ; - Base Users ; These users are trained by the institution trainer in the areas they will be responsible for. The workbooks used in the training of the trainer can be used and adapted to ensure a fit to need.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Thesis will provide customer with a data extract of customers data from Thesis SM for client to use in their transition to another service. Assistance provided by Thesis will be at the then current rates for Professional Services.
• End-of-contract process: Thesis will provide customer with a data extract of customers data from Thesis SM for client to use in their transition to another service. Assistance provided by Thesis will be at the then current rates for Professional Services.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Apart for changes in layout to fit screen dimensions there are no differences on services offered.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: ThesisSM offers a suite of APIs and an Integration Platform to:; ; - Query: Retrieve information from the system; - Create: Add new records; - Modify: Update existing data; - Delete: Remove records; - Execute Business Processes and complex Workflow; ; To ensure robust security, our APIs adhere to industry best practices such as:; ; - Encryption in Transit: All communication is encrypted to safeguard data during transmission using TLS; - Authorization: Access to APIs requires proper authentication using either username and password or OAuth tokens; - Role-Based Access: Permissions are granted based on the identity of the calling account
• Accessibility standards: None or don’t know
• Description of accessibility: Integration platform is accessed through any support Azure Service Bus connection methods. Users subscribe to predefined topics and queues on the Azure Service Bus, where the platform publishes changes. The user consumes messages from the service bus and applies them to their destination system. ; The user publishes changes made to destination system back to service bus, where the platform can consume and update the SIS, enabling bidirectional data synchronization; ; APIs are accessible via HTTP(S):; - Swagger Documentation: provide information on requirements and usage; - Technical Documentation: explains how to call the APIs ; - Request Body Format: JSON or XML format
• Accessibility testing: None
• API: Yes
• What users can and can't do using the API: Users can use the Thesis SM APIs to create/read/update/delete almost all Thesis SM entities.; APIs are authenticated via username/password or OAuth, with entity-level permissions configured within Thesis SM.; Users can perform UPDATE commands via the API, providing JSON payloads that contain the information to update.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Any user given the right level of authorisation can make functional customizations with our no-code configuration throughout the system.

Scaling

• Independence of resources: Each environment is single tenant

Analytics

• Service usage metrics: Yes
• Metrics types: Service Availability and Service Response Time
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: All data held within Thesis SM can be exported in CSV format.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee availability to be greater than or equal to 99.8% for any given calendar month. First month of missed target: the customer has a right to claim service credits of 5% of the equivalent of the Software Service fee paid for the applicable month. Second consecutive month: the customer has a right to claim service credits of 10% of the equivalent of the Software Service fee paid for the applicable month. Third consecutive month: the customer has a right to claim service credits of 15% of the equivalent of the Software Service fee paid for the applicable month. Fourth consecutive month: the customer has a right to claim service credits of 20% of the equivalent of the Software Service fee paid for the applicable month (fourth and following).
• Approach to resilience: We utilise the regions within Microsoft Azure which provides resiliency by replicating systems and data between multiple data centers.
• Outage reporting: Outages are reported to customers by email to nominated contacts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Management and Users are only differentiated in the system by the list of roles or permissions they are given.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our policies and processes are aligned with ISO 27001, and these support our adherence to this standard.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: In our configuration management process, we track service components from inception to decommissioning, ensuring consistency and reliability. When assessing changes for security impact, we prioritise vulnerability management, timely updates, and proactive threat assessments to maintain a secure environment.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We continuously scan for vulnerabilities. We aim to remediate all critical and high security threats within 14 days. We use an accredited third-party platform to continuously scan for vulnerabilities.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We identify potential compromises using proactive vulnerability scans and reactive protective monitoring alerts. We resolve critical and high security issues within 14 days of discovery. If an issue is detected which impacts the confidentiality, integrity or availability of a customer, this is reported to the customer within 48 hours.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Yes, we have pre-defined processes and workflows for common events. Users can report incidents through our ServiceNow platform and incident reports are provided through this same ServiceNow platform.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Thesis has implemented sustainability in our operations by introducing a travel policy which details the expectation of employees to behave in a cost and environmentally conscious way when conducting business travel. We also have an annual travel review to review the analytics which includes things such as emitted CO2 output per traveler for each trip and total business emitted CO2 output.

  Covid-19 recovery

  All physical office spaces were closed during the pandemic. “Remote-first” is our default mode of operation which has continued since 2020. We have policies, tools and systems in place to support remote collaboration, communication, and productivity for all of our employees. This approach allows for greater flexibility and reduced overhead costs associated with maintaining physical office spaces.

  Tackling economic inequality

  At Thesis we have equitable hiring practices to attract a diverse pool of candidates, we also invest in training to enhance employees skills and qualifications. We have a modern slavery policy which ensures that there are ethical sourcing practices and fair treatment of workers throughout our supply chain, including suppliers and contractors, to prevent exploitation and promote fair working conditions. For 2024, we have 2 Thesis charities for fundraising activities, both are Education related.; https://www.schoolinabag.org/ and Operation Backpack |Volunteers of America. These charities support everyone’s fundamental right to education and supporting them is a great way we can give back

  Equal opportunity

  We actively seek diversity in the recruitment process by ‘”casting the net as widely as possible” and reach out to underrepresented groups by using diverse job boards we try to find ways to mitigate unconscious bias. We ensure that all employees receive an equitable salary review process annually for their role, regardless of gender, race, ethnicity or other factors. We Provide equal access to training, mentorship and professional development opportunities for all employees to support their career advancement and skill enhancement. We offer a number of different working patterns or arrangements to allow employees to work flexibly and to accommodate diverse needs and lifestyles. We actively promote and foster an inclusive culture where all employees feel valued, respected, and empowered to contribute their unique perspectives.

  Wellbeing

  We encourage a healthy work-life balance by offering various flexible working arrangements and also have the benefit of an unlimited paid holiday/vacation policy. We provide access to mental health resources and support through our employee assistance programs and have a number of initiatives through our COLERE team (Charity, Opportunities, Leisure, Entertainment, Responsibility & Excellent Wellbeing). We actively promote “walking Wednesdays” to encourage employees to take appropriate meetings outside as they “walk and talk”. We have YuLife as one of our employee benefits which actively encourages stress management techniques such as mindfulness, meditation, and relaxation exercises. Employees can build up “Yucoin” for completing daily and weekly physical and mental health goals which they can then exchange for vouchers. We also have monthly stars awards in addition to quarterly and annual kudos awards to recognize and appreciate employees for their contributions and achievements.

Pricing

• Price: £40.00 to £40.00 a user a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andy.mcginn@thesiscloud.com. Tell them what format you need. It will help if you say what assistive technology you use.