Skip to main content

Help us improve the Digital Marketplace - send your feedback

SOVA ASSESSMENT LIMITED

Digital / Virtual Assessment Centres

Our digital assessment centre combines all aspects of scheduling, virtual assessment tools, online results capture and reporting in one cohesive solution. Sova’s digital assessment centre can be deployed in face-to-face environments or in conjunction with video conferencing technology for a fully virtual assessment experience in a work from anywhere world.

Features

  • Candidate self-scheduling to select AC to attend
  • Embedded video software to enable virtual AC's to occur
  • Upload existing client exercise/ interview content
  • Remote access by the web using mobile or desktop devices
  • Automated candidate feedback reports are available
  • Timer feature to enable exercises to be completed without observation
  • Real-time reporting on Sova platform or via ATS
  • Available as standalone platform or integrated with ATS
  • All assessor scoring and notes captured online in one location
  • Fully client branded candidate and assessor portals

Benefits

  • Allows for AC's to be run face-to-face or virtually
  • Restricted access to materials for candidates to protect exercise content
  • Self-scheduling by candidates reduces admin
  • Significant cost savings with removal of printing AC materials
  • Automated candidate feedback reports reduces Admin time
  • Platform integration with any ATS for easy access to results
  • Instant access to scores via the platform dashboard or ATS
  • Captures all assessor scores and notes in one location
  • Fully branded platform to provide an engaging experience for candidates
  • Platform can support end-to-end process providing a seamless service

Pricing

£4.08 a unit

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at will.goggin@sovaassessment.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

2 8 1 1 9 5 7 8 0 6 5 3 7 6 2

Contact

SOVA ASSESSMENT LIMITED Will Goggin
Telephone: +44 (0)7399224012
Email: will.goggin@sovaassessment.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Sova has one platform hosting a wide range of assessment methods.

Sova provides assessment solutions to support all stages of the recruitment process; sifting assessments, video interview, virtual assessment centres.

The cognitive assessments can be combined with other Sova assessments including personality, motivational and scenario formats.
Cloud deployment model
Private cloud
Service constraints
No
System requirements
  • Internet access with minimum broadband speed of 1Mb
  • Annual subscription licence to use the system

User support

Email or online ticketing support
Email or online ticketing
Support response times
First time response within 1 business hour.
The team is accessible 6 days a week, excluding public holidays covering the following days/times; 12am - 6.30pm, (Mon-Fri), 5am - 4pm (Sun).
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Sova offer the following levels of Support to Customers:
- Support is provided to the administrative users of our Customers (not the candidates/participants)
- 1st line (Tier 1) support cover provides basic / common assistance to the Customer
- 2nd Line (Tier 2) support cover for more complex tasks
- 3rd line (Tier 3) support cover for external services or highly technology-specific issues

They provide triage escalating to technical experts when required.

Support is included within the subscription fee.

We do not provide client specific technical support, but instead the IT support team are responsible for all IT related issues.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We offer a range of training options to suit the different users:

Candidates: For those completing assessments, we have a dedicated candidate hub which provides supporting information about different assessment formats, technical guidance as well as practice tests.

Admin Users/Hiring managers : We have an online training portal which is accessible for all admin users/hiring managers. This portal includes different training modules on different areas. The modules cover training on using the platform as well as training to use and interpret the different assessments. These training modules are self-directed and can be completed at any time by users. The modules include different learning aids such as videos, transcripts of the videos and technical guides. Access to the training portal is free of charge.

Depending on the type of requirement, we can also provide training webinars which are recorded for future use.

We also have technical manuals and practitioner guides, freely available for each of the ready to use assessments. For customised solutions, we will provide a bespoke guide for clients.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
Microsoft Word
End-of-contract data extraction
When a contract is finished, clients can obtain an excel extract of their projects from the Admin UI portal. If a client set-up is complex, IT can provide the data extract.

When sharing information with client organisations, we undertake to meet the
requirements of that organisation’s own information security practices wherever
possible. Prior to sending information via any means, the Sova representative shall
first consult the client for their preferred method of information exchange.
In the absence of client requirements, or when dealing with non-client organisations,
we will adopt the following baseline strategy for security in information exchange.

All information of a sensitive nature that is to be exchanged with an external party via
electronic methods must only be shared in encrypted format.
For large files (e.g. over 5 megabytes), the preferred method of transmission is Secure
FTP, which allows secure access for the deposit and collection of information.
For smaller quantities of information, the method of encryption shall be taken from
the following list, which is shown in order of preference:
• Password protected
• SMIME
• PGP
• GPG
• AES 256 encrypted attachment, e.g. 7Zip
TLS encryption shall be available and can be enforced upon client request.
End-of-contract process
At end-of-life, information or information processing assets shall be destroyed using methods that ensure that data may not be reassembled.

As information exists in various formats, it is necessary to adopt several methods of destruction;
• paper documents – cross-cut shredded
• optical media – cross-cut shredded
• removable media – disintegrated
• HDDs – disintegrated
• HDDs for re-use – three-times overwrite
• ID cards – disintegrated.

Destruction methods, including size of shredding cuts, are taken from BS EN15713:2009 (Secure destruction of confidential material). All waste shall be removed by suitably accredited secure waste removal contractors in accordance with the requirements of the WEEE directive.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Our assessments are developed for mobile first and so the platform detects if the user is using a mobile or desktop device and adjust the screen accordingly.
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
1 - Admin UI. This interface is used by admin, recruiters, and other HR users.
2 - Candidate Interface. Access to assessments

Both can be accessed by any device including mobile, tablet and desktop pc.
Both interfaces can be branded.
It has been designed with usability at the forefront, using clear language.
Accessibility standards
None or don’t know
Description of accessibility
- Text size can be increased by browser
- Clean, white backgrounds are used where possible
- The use of colour can be changed on the platform
- Text font is always black
- No flashing content is used
- Use of clear instructions
- Where videos are used, captions can be provided
- The screen view is responsive to the user's device
- There is no timer limit on assessments so candidates progress at their own speed.
- Additional time can be added for cognitive assessments as the time is recorded.
Accessibility testing
The system has been tested on Microsoft Edge and Google Lighthouse.
API
Yes
What users can and can't do using the API
Clients can use the Sova Platform as a standalone platform or access via the API integration. Client accounts are set up with separate accounts and projects as required. A project may contain one type of assessment or an entire workflow of assessments with automated rules to manage the progression of a candidate through the assessment journey.

A candidate is added to a project with a request ID that uniquely identifies that specific order. Sova’s API is the basic template for interaction with Sova. Some customisation is available per client; Assessment content, Branding and non-assessed content. Assessment content may be Sova developed content, content provided by a client or a blend of contents.

Currently Sova completes all implementation or changes of assessments for clients. However, by the end of 2022, clients can have self-authoring capability to customise their own assessment content.

Candidate names/ID are transferred across API to the Sova platform. Candidates receive a unique URL link to complete assessment activities. Once completed, Sova can return results, URL report links, Assessor scoring links as required. The configuration through the API is agreed during the scoping phase as each client requirement is customised.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The entire platform can be customised including:
- Client branding added
- Imagery as required
- Assessment content. Assessments can be used as ready to use assessments or can be customised, selecting relevant questions/items to create an assessment to assess for specific requirements.
- Workflow configuration. The workflow of each project can be customised with the use of automatic scoring available using algorithms to progress candidates as required onto the next stage of the process.
- Addition of non-assessed content provided by clients.

Sova work with clients to manage the configuration of the set-up which includes the branding and assessment make-up. By the end of 2022, clients will have self-authoring rights to configure their own project set-ups, creating assessments for each campaign.

Scaling

Independence of resources
The platform decouples front- and back-end systems for robust performance, making extensive use of auto-scaling groups behind load balancers, as well as separate scalable light-weight worker servers and read-only database replicas.
Sova is hosted at Amazon Web Services (AWS), with network and systems administration being performed directly by Sova.

Utilization rates
Roughly 20k candiates per month
Average CPU utilization ~3%
Load tested to 1,000 concurrent users:
Error rate: 0%
Average response time 4.6s

Analytics

Service usage metrics
Yes
Metrics types
Most of our clients monitor usage themselves through automated results which can be set up at the outset of the contract (included within the fee).

Sova can also provide service usage metrics (chargeable) as agreed with clients. These might include:
- Monthly usage
- Adverse Impact analysis on a campaign/annual basis
- Predictive correlation with work performance
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data extracts are generated from the Admin UI for a particular project via the 'Results' tab. Data extracts are provided in excel.

Customised client extracts can be configured to include selective fields as agreed with clients.

Individual reports (such as candidate and manager) are generated from the Admin UI.

Automated candidate reports can be sent to candidates upon completion of the Psychometric assessment.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Every Amazon Web Services (AWS) region contains multiple data centres, known as “availability zones”. AWS in Ireland, for example, maintains 3 availability zones.
High availability in Sova’s infrastructure is provided by:
• EC2 server instance launched in multiple availability zones behind the load balancer.
• Amazon Aurora database synchronously replicated across availability zones for immediate fail-over.
Sova SLA target uptime is 99.5% (which is no more than 3.5 hours of downtime in a month, including planned maintenance and updates). Our uptime over the past year has been > 99.8%.
Whilst AWS do not guarantee recovery times, by taking advantage of availability zones in the way that Sova’s platform does, AWS have provided the following guidance on RPO (Recovery
Point Objective) and RTO (Recovery Time Objective) times:
• Failure of a single AWS Availability Zone
o Recovery point: few minutes
o Recovery time: few minutes (automated)
Approach to resilience
Data is backed up daily, with an additional 24-hour rolling journaled database log that ensures the database can be restored to a specific point in time.
Whilst AWS do not guarantee recovery times, by taking advantage of availability zones in the way that Sova’s platform does, AWS have provided the following guidance on RPO (Recovery
Point Objective) and RTO (Recovery Time Objective) times:
• Failure of a single AWS Availability Zone
o Recovery point: few minutes
o Recovery time: few minutes (automated)

We have a Business Continuity Process in place which covers the following areas:
- Business Continuity Purpose
- Managing the Business Continuity Plan
- Emergency Management Procedures
- Maintaining the Plan
- Declaring a Disaster
- Business Recovery
Outage reporting
Outages are reported by Account Managers via email. The Account Key Contact will be informed by email.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
We have an IT Access Control Policy.

Access to systems, information, applications, functions is limited on a need-to-know basis, and only to authorised persons.

The need-to-know principle dictates that controls ensure access to assets are limited during which the need-to-know exists. Formal user access control procedures are documented and cover all stages of the user access lifecycle.

Regular reviews are carried out relevant to the ‘Need to know’ policy. Processes are in place whereby access to information is controlled when internal processes change.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
The British Assessment Bureau
ISO/IEC 27001 accreditation date
24/07/2017
What the ISO/IEC 27001 doesn’t cover
The certification covers all aspects relating to the Sova platform.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Sova has a ISMS framework with clear roles and responsibilities for managing policies.
Policies exist for the key areas:
Access Control Security - (Asset Inventory and Assess control register)
Information Technology (SDLC and System Patch and Release Procedures)
Internal Management - (including business continuity)
ISMS - (including GDPR)
Security Reporting
Risk Management

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Sova follow an agile software development process in accordance with our Software Development Lifecycle. The phases include:
• Change request
• Prioritisation
• Business Analysis
• Security implications analysis
• Software architecture and detailed design
• Project planning and resource allocation
• Coding and unit tests
• Security and performance review
• Integration
• Deployment and verification

All projects begin with a formal request for change for either a new feature or modification. Requests include:
• Business rationale
• Anticipated client impact
• Details of risks and security considerations

Acceptance tests are completed in staging/test environments before release to production.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Sova use Amazon’s Security Hub for vulnerability scanning. The service provides a real-time overview of our platform’s security posture across all systems using a variety of tools:
• Static scanning of code and infrastructure against known vulnerabilities
• Dynamic scanning of the infrastructure to actively probe for weaknesses
and intrusion points

We deploy planned patches twice weekly on Tuesdays and Thursdays at c.6am. However, if an urgent fix is required, it will be deployed as soon as possible.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
The Sova platform uses a variety of monitoring tools;
• AWS CloudWatch:
• AWS CloudTrail:
• AWS GuardDuty:
• New Relic:
• Rapid 7:

The goal is to restore normal service operations quickly to minimise adverse effect on client operations. The incident is recorded using the Customer Helpdesk so that the resolution can be built into the development project schedule amongst other commercial priorities.
Scheduling of incidents flagged considers each incident in terms of its severity and impact. Each ticket will be reviewed and categorised by severity from P1-4. Resolution for P1, the most severe is 2 business hours.
Incident management type
Supplier-defined controls
Incident management approach
We have a pre-defined incident management process plan which clearly defines levels of security breach and the associated process. The plans includes a process flow for reporting an incident depending on type of incident.

The operations department complete an Information Security Report for all security incident reports.

We can provide incident reports upon request

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Covid-19 recovery

Covid-19 recovery

MAC 1.1: Focus on Employment.
The impact of COVID-19 has resulted in Sova adapting our technology with all recruitment processes now able to be completed remotely, including assessment centres. This has resulted in positive impacts to those living in remote geographies and those with mobility challenges. Clients are able to broaden the pool of candidates applying for roles and encourages a more diverse population. Additionally, all assessment solutions can be completed on any device, including mobile, increasing the accessibility for candidates applying from all social groups. This has been extremely effective for Early Careers schemes and many clients are continuing to manage their entire recruitment process virtually due to the success of this approach. They have also received positive feedback from both candidates and internal recruiters/assessors.
With the skills shortages now wide-spread as a result of COVID-19, we have worked with clients to develop assessments that assess candidates that demonstrate key behaviours for a role, therefore removing the need to rely on previous work experience. This has significantly broadened the candidate pool as they source for transferable skills. Through analysis following post campaigns, we can demonstrate that the assessments are shown to be more predictive than considering previous work experience.

Pricing

Price
£4.08 a unit
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
The free version link is access to the practice site. We can set-up a trial project to provide access to the platform to understand the candidate and assessor experience. The exercises included are only illustrative with no scoring in place.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at will.goggin@sovaassessment.com. Tell them what format you need. It will help if you say what assistive technology you use.