Digital / Virtual Assessment Centres
Our digital assessment centre combines all aspects of scheduling, virtual assessment tools, online results capture and reporting in one cohesive solution. Sova’s digital assessment centre can be deployed in face-to-face environments or in conjunction with video conferencing technology for a fully virtual assessment experience in a work from anywhere world.
Features
- Candidate self-scheduling to select AC to attend
- Embedded video software to enable virtual AC's to occur
- Upload existing client exercise/ interview content
- Remote access by the web using mobile or desktop devices
- Automated candidate feedback reports are available
- Timer feature to enable exercises to be completed without observation
- Real-time reporting on Sova platform or via ATS
- Available as standalone platform or integrated with ATS
- All assessor scoring and notes captured online in one location
- Fully client branded candidate and assessor portals
Benefits
- Allows for AC's to be run face-to-face or virtually
- Restricted access to materials for candidates to protect exercise content
- Self-scheduling by candidates reduces admin
- Significant cost savings with removal of printing AC materials
- Automated candidate feedback reports reduces Admin time
- Platform integration with any ATS for easy access to results
- Instant access to scores via the platform dashboard or ATS
- Captures all assessor scores and notes in one location
- Fully branded platform to provide an engaging experience for candidates
- Platform can support end-to-end process providing a seamless service
Pricing
£4.08 a unit
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
2 8 1 1 9 5 7 8 0 6 5 3 7 6 2
Contact
SOVA ASSESSMENT LIMITED
Will Goggin
Telephone: +44 (0)7399224012
Email: will.goggin@sovaassessment.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
-
Sova has one platform hosting a wide range of assessment methods.
Sova provides assessment solutions to support all stages of the recruitment process; sifting assessments, video interview, virtual assessment centres.
The cognitive assessments can be combined with other Sova assessments including personality, motivational and scenario formats. - Cloud deployment model
- Private cloud
- Service constraints
- No
- System requirements
-
- Internet access with minimum broadband speed of 1Mb
- Annual subscription licence to use the system
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
First time response within 1 business hour.
The team is accessible 6 days a week, excluding public holidays covering the following days/times; 12am - 6.30pm, (Mon-Fri), 5am - 4pm (Sun). - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Sova offer the following levels of Support to Customers:
- Support is provided to the administrative users of our Customers (not the candidates/participants)
- 1st line (Tier 1) support cover provides basic / common assistance to the Customer
- 2nd Line (Tier 2) support cover for more complex tasks
- 3rd line (Tier 3) support cover for external services or highly technology-specific issues
They provide triage escalating to technical experts when required.
Support is included within the subscription fee.
We do not provide client specific technical support, but instead the IT support team are responsible for all IT related issues. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
We offer a range of training options to suit the different users:
Candidates: For those completing assessments, we have a dedicated candidate hub which provides supporting information about different assessment formats, technical guidance as well as practice tests.
Admin Users/Hiring managers : We have an online training portal which is accessible for all admin users/hiring managers. This portal includes different training modules on different areas. The modules cover training on using the platform as well as training to use and interpret the different assessments. These training modules are self-directed and can be completed at any time by users. The modules include different learning aids such as videos, transcripts of the videos and technical guides. Access to the training portal is free of charge.
Depending on the type of requirement, we can also provide training webinars which are recorded for future use.
We also have technical manuals and practitioner guides, freely available for each of the ready to use assessments. For customised solutions, we will provide a bespoke guide for clients. - Service documentation
- Yes
- Documentation formats
-
- Other
- Other documentation formats
- Microsoft Word
- End-of-contract data extraction
-
When a contract is finished, clients can obtain an excel extract of their projects from the Admin UI portal. If a client set-up is complex, IT can provide the data extract.
When sharing information with client organisations, we undertake to meet the
requirements of that organisation’s own information security practices wherever
possible. Prior to sending information via any means, the Sova representative shall
first consult the client for their preferred method of information exchange.
In the absence of client requirements, or when dealing with non-client organisations,
we will adopt the following baseline strategy for security in information exchange.
All information of a sensitive nature that is to be exchanged with an external party via
electronic methods must only be shared in encrypted format.
For large files (e.g. over 5 megabytes), the preferred method of transmission is Secure
FTP, which allows secure access for the deposit and collection of information.
For smaller quantities of information, the method of encryption shall be taken from
the following list, which is shown in order of preference:
• Password protected
• SMIME
• PGP
• GPG
• AES 256 encrypted attachment, e.g. 7Zip
TLS encryption shall be available and can be enforced upon client request. - End-of-contract process
-
At end-of-life, information or information processing assets shall be destroyed using methods that ensure that data may not be reassembled.
As information exists in various formats, it is necessary to adopt several methods of destruction;
• paper documents – cross-cut shredded
• optical media – cross-cut shredded
• removable media – disintegrated
• HDDs – disintegrated
• HDDs for re-use – three-times overwrite
• ID cards – disintegrated.
Destruction methods, including size of shredding cuts, are taken from BS EN15713:2009 (Secure destruction of confidential material). All waste shall be removed by suitably accredited secure waste removal contractors in accordance with the requirements of the WEEE directive.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Our assessments are developed for mobile first and so the platform detects if the user is using a mobile or desktop device and adjust the screen accordingly.
- Service interface
- Yes
- User support accessibility
- None or don’t know
- Description of service interface
-
1 - Admin UI. This interface is used by admin, recruiters, and other HR users.
2 - Candidate Interface. Access to assessments
Both can be accessed by any device including mobile, tablet and desktop pc.
Both interfaces can be branded.
It has been designed with usability at the forefront, using clear language. - Accessibility standards
- None or don’t know
- Description of accessibility
-
- Text size can be increased by browser
- Clean, white backgrounds are used where possible
- The use of colour can be changed on the platform
- Text font is always black
- No flashing content is used
- Use of clear instructions
- Where videos are used, captions can be provided
- The screen view is responsive to the user's device
- There is no timer limit on assessments so candidates progress at their own speed.
- Additional time can be added for cognitive assessments as the time is recorded. - Accessibility testing
- The system has been tested on Microsoft Edge and Google Lighthouse.
- API
- Yes
- What users can and can't do using the API
-
Clients can use the Sova Platform as a standalone platform or access via the API integration. Client accounts are set up with separate accounts and projects as required. A project may contain one type of assessment or an entire workflow of assessments with automated rules to manage the progression of a candidate through the assessment journey.
A candidate is added to a project with a request ID that uniquely identifies that specific order. Sova’s API is the basic template for interaction with Sova. Some customisation is available per client; Assessment content, Branding and non-assessed content. Assessment content may be Sova developed content, content provided by a client or a blend of contents.
Currently Sova completes all implementation or changes of assessments for clients. However, by the end of 2022, clients can have self-authoring capability to customise their own assessment content.
Candidate names/ID are transferred across API to the Sova platform. Candidates receive a unique URL link to complete assessment activities. Once completed, Sova can return results, URL report links, Assessor scoring links as required. The configuration through the API is agreed during the scoping phase as each client requirement is customised. - API documentation
- Yes
- API documentation formats
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
The entire platform can be customised including:
- Client branding added
- Imagery as required
- Assessment content. Assessments can be used as ready to use assessments or can be customised, selecting relevant questions/items to create an assessment to assess for specific requirements.
- Workflow configuration. The workflow of each project can be customised with the use of automatic scoring available using algorithms to progress candidates as required onto the next stage of the process.
- Addition of non-assessed content provided by clients.
Sova work with clients to manage the configuration of the set-up which includes the branding and assessment make-up. By the end of 2022, clients will have self-authoring rights to configure their own project set-ups, creating assessments for each campaign.
Scaling
- Independence of resources
-
The platform decouples front- and back-end systems for robust performance, making extensive use of auto-scaling groups behind load balancers, as well as separate scalable light-weight worker servers and read-only database replicas.
Sova is hosted at Amazon Web Services (AWS), with network and systems administration being performed directly by Sova.
Utilization rates
Roughly 20k candiates per month
Average CPU utilization ~3%
Load tested to 1,000 concurrent users:
Error rate: 0%
Average response time 4.6s
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Most of our clients monitor usage themselves through automated results which can be set up at the outset of the contract (included within the fee).
Sova can also provide service usage metrics (chargeable) as agreed with clients. These might include:
- Monthly usage
- Adverse Impact analysis on a campaign/annual basis
- Predictive correlation with work performance - Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
Data extracts are generated from the Admin UI for a particular project via the 'Results' tab. Data extracts are provided in excel.
Customised client extracts can be configured to include selective fields as agreed with clients.
Individual reports (such as candidate and manager) are generated from the Admin UI.
Automated candidate reports can be sent to candidates upon completion of the Psychometric assessment. - Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
Every Amazon Web Services (AWS) region contains multiple data centres, known as “availability zones”. AWS in Ireland, for example, maintains 3 availability zones.
High availability in Sova’s infrastructure is provided by:
• EC2 server instance launched in multiple availability zones behind the load balancer.
• Amazon Aurora database synchronously replicated across availability zones for immediate fail-over.
Sova SLA target uptime is 99.5% (which is no more than 3.5 hours of downtime in a month, including planned maintenance and updates). Our uptime over the past year has been > 99.8%.
Whilst AWS do not guarantee recovery times, by taking advantage of availability zones in the way that Sova’s platform does, AWS have provided the following guidance on RPO (Recovery
Point Objective) and RTO (Recovery Time Objective) times:
• Failure of a single AWS Availability Zone
o Recovery point: few minutes
o Recovery time: few minutes (automated) - Approach to resilience
-
Data is backed up daily, with an additional 24-hour rolling journaled database log that ensures the database can be restored to a specific point in time.
Whilst AWS do not guarantee recovery times, by taking advantage of availability zones in the way that Sova’s platform does, AWS have provided the following guidance on RPO (Recovery
Point Objective) and RTO (Recovery Time Objective) times:
• Failure of a single AWS Availability Zone
o Recovery point: few minutes
o Recovery time: few minutes (automated)
We have a Business Continuity Process in place which covers the following areas:
- Business Continuity Purpose
- Managing the Business Continuity Plan
- Emergency Management Procedures
- Maintaining the Plan
- Declaring a Disaster
- Business Recovery - Outage reporting
- Outages are reported by Account Managers via email. The Account Key Contact will be informed by email.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
-
We have an IT Access Control Policy.
Access to systems, information, applications, functions is limited on a need-to-know basis, and only to authorised persons.
The need-to-know principle dictates that controls ensure access to assets are limited during which the need-to-know exists. Formal user access control procedures are documented and cover all stages of the user access lifecycle.
Regular reviews are carried out relevant to the ‘Need to know’ policy. Processes are in place whereby access to information is controlled when internal processes change. - Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- Between 1 month and 6 months
- How long system logs are stored for
- Between 1 month and 6 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- The British Assessment Bureau
- ISO/IEC 27001 accreditation date
- 24/07/2017
- What the ISO/IEC 27001 doesn’t cover
- The certification covers all aspects relating to the Sova platform.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
Sova has a ISMS framework with clear roles and responsibilities for managing policies.
Policies exist for the key areas:
Access Control Security - (Asset Inventory and Assess control register)
Information Technology (SDLC and System Patch and Release Procedures)
Internal Management - (including business continuity)
ISMS - (including GDPR)
Security Reporting
Risk Management
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Sova follow an agile software development process in accordance with our Software Development Lifecycle. The phases include:
• Change request
• Prioritisation
• Business Analysis
• Security implications analysis
• Software architecture and detailed design
• Project planning and resource allocation
• Coding and unit tests
• Security and performance review
• Integration
• Deployment and verification
All projects begin with a formal request for change for either a new feature or modification. Requests include:
• Business rationale
• Anticipated client impact
• Details of risks and security considerations
Acceptance tests are completed in staging/test environments before release to production. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Sova use Amazon’s Security Hub for vulnerability scanning. The service provides a real-time overview of our platform’s security posture across all systems using a variety of tools:
• Static scanning of code and infrastructure against known vulnerabilities
• Dynamic scanning of the infrastructure to actively probe for weaknesses
and intrusion points
We deploy planned patches twice weekly on Tuesdays and Thursdays at c.6am. However, if an urgent fix is required, it will be deployed as soon as possible. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
The Sova platform uses a variety of monitoring tools;
• AWS CloudWatch:
• AWS CloudTrail:
• AWS GuardDuty:
• New Relic:
• Rapid 7:
The goal is to restore normal service operations quickly to minimise adverse effect on client operations. The incident is recorded using the Customer Helpdesk so that the resolution can be built into the development project schedule amongst other commercial priorities.
Scheduling of incidents flagged considers each incident in terms of its severity and impact. Each ticket will be reviewed and categorised by severity from P1-4. Resolution for P1, the most severe is 2 business hours. - Incident management type
- Supplier-defined controls
- Incident management approach
-
We have a pre-defined incident management process plan which clearly defines levels of security breach and the associated process. The plans includes a process flow for reporting an incident depending on type of incident.
The operations department complete an Information Security Report for all security incident reports.
We can provide incident reports upon request
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Covid-19 recovery
-
Covid-19 recovery
MAC 1.1: Focus on Employment.
The impact of COVID-19 has resulted in Sova adapting our technology with all recruitment processes now able to be completed remotely, including assessment centres. This has resulted in positive impacts to those living in remote geographies and those with mobility challenges. Clients are able to broaden the pool of candidates applying for roles and encourages a more diverse population. Additionally, all assessment solutions can be completed on any device, including mobile, increasing the accessibility for candidates applying from all social groups. This has been extremely effective for Early Careers schemes and many clients are continuing to manage their entire recruitment process virtually due to the success of this approach. They have also received positive feedback from both candidates and internal recruiters/assessors.
With the skills shortages now wide-spread as a result of COVID-19, we have worked with clients to develop assessments that assess candidates that demonstrate key behaviours for a role, therefore removing the need to rely on previous work experience. This has significantly broadened the candidate pool as they source for transferable skills. Through analysis following post campaigns, we can demonstrate that the assessments are shown to be more predictive than considering previous work experience.
Pricing
- Price
- £4.08 a unit
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- The free version link is access to the practice site. We can set-up a trial project to provide access to the platform to understand the candidate and assessor experience. The exercises included are only illustrative with no scoring in place.