Bailey Solutions Ltd

KnowAll Matrix G-Cloud 13

KnowAll Matrix is a hosted library management system to manage print and/or electronic library & information resources and knowledge. It is a scale-able & modular system, written in the .Net framework using latest technology. Subscription includes hosting, usage licences, support, updates & back-ups. Pay monthly or annually.


  • Catalogue module - with automated cataloguing
  • Loans & Access module - with self service options
  • Finance module - to handle orders, receipts & invoices
  • Serials module - manage receipt of journals and serial publications
  • Pre-configured reports in every module
  • Electronic Resources Management (ERM) to control access
  • Web OPAC - for library users to discover resources
  • Regular releases - contain fixes, improvements & new features
  • Knowledge management functionality


  • Quickly download bibliographic details, additional text and images
  • Efficiently chase all outstanding orders grouped by supplier
  • Claim missing serial issues before it's too late
  • Intuitive system means low training overheads
  • Users can (optionally) self-loan & renew saving staff time
  • Track usage to inform whether replacement/renewal is justified
  • Users made aware of all resources both print & electronic
  • Easily review spending and control budgets throughout the financial year
  • Control access to resources and enforce licensing constraints
  • Searchable help centre with comprehensive articles and training videos


£1,950 an instance a year

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

3 2 3 2 0 6 5 7 2 8 5 7 2 8 7


Bailey Solutions Ltd Shaun Ellenger
Telephone: 01273386849

Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
System requirements
  • Library staff users only need an up-to-date browser
  • Library users only need an up-to-date browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
All questions are responded to within 1 hour, between 9 AM and 5 PM, Monday to Friday. The support desk is closed at weekends.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Support levels
The subscription includes:

Initial installation and set-up on the hosted platform.

Phone, email support and the online help centre during weekdays and normal working hours, 9.00 am - 5.30 pm.

Automatically applying releases to your software. Frequent releases include fixes for errors and improvements.

Nightly back-ups

Support queries should be addresses to and then it will be assigned to a named technical consultant.

The subscription does not include:

Technical support for data services, e.g. bulk data cleansing and data manipulation.

On-site support.
Support available to third parties

Onboarding and offboarding

Getting started
Free installation and site set-up including the initial branding.
We provide free training videos, quick guides and manuals. There is a searchable online help centre with step-by-step instructions and video guides.
We can provide online training sessions and there is an hourly rate currently set @ £80 per hour + VAT.
We recommend 2-3 one hour online sessions per module purchased.
We can provide on-site training and there is a half-day charge currently set @ £345 per half day + travel expenses + VAT.
We recommend one half-day training per module purchased.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
We supply a SQL Server database with the client's data in tables but with the software's system objects (code modules, views, stored procedures) removed. There is no charge for this service.
End-of-contract process
At the end of the contract a SQL server database containing the client's full relational data is provided at no extra cost.
If the client requires continued hosting or re-directs to their new system then this can be be provided at cost.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
Differences between the mobile and desktop service

Mobile display is linear and re-scaled to fit neatly on mobile screens. Menus change icons on mobile to (optional) words on desktop. You can tap buttons and selections in the mobile and use a mouse with desktop service. The software will also scale up on wide screen monitors.
Service interface
User support accessibility
WCAG 2.1 A
What users can and can't do using the API
Clients can use the API to allow third party search engines to search the records, return search results and link through to the web page with the resource details.
Users are not making changes they are simply receiving search results with records that match their search criteria and then viewing the individual records by clicking through to the full details.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Library Staff can can select alerts and reminders on their home page.
Library Staff can set various system options for the system, e.g. fines on or off, reservations allowed, cataloguing templates used. There are settings for each module.
Library Staff can edit the cataloguing templates.
Power Users can configure the web OPAC and how it works for Library users. They can change the displayed field names, configure the search results, the indexed fields, the timing of the indexing, the bibliographic display, and various other attributes in the OPAC. Power Users can also add and remove standard gadgets, create custom gadgets and custom pages, and manage the menu items. Power Users can create a theme for the appearance of the OPAC. Library users can change the font size. This list is not comprehensive.


Independence of resources
Normally your software would be housed on a server shared with other clients. The server serves many clients, There is one database per client so it's not a multi-tenanted database. The client activity is monitored 24/7 and more resource is added to meet demand when necessary.


Service usage metrics
Metrics types
OPAC usage statistics are available in the web OPAC for Library Staff.
Pre-configured management reports in the Loans module also provide loans and usage statistics.
The Library Staff dashboard provides at-a-glance information about system state, e.g. how may orders, outstanding orders, loans, outstanding loans, outstanding serial issue, etc.
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Library staff can export catalogue data and data in any list screen.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • XLSX
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • XLSX

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
99.7% uptime
Approach to resilience
Built by the MOD as a command and control centre protecting people and technology from nuclear threat, the construction and security standards are what you might expect of such a purpose built fortress. It sits 30 metres beneath a 3.5m high perimeter fence, with concrete walls 3 metres thick, steel doors weighing several tons and includes military Electro Magnetic Pulse and Tempest RFI intrusion protection. Layered on top of this physical inaccessibility is a 24-hour watch with guard dogs, CCTV and a series of sophisticated access controls.
• 24/7/365 security guards and guard dogs permanently on site
• Vehicular gate with control barrier
• Infrared CCTV with 24 hour capture covering all entrances and operational areas
• Visual verification of all users entering data floor – NO un-manned escort
• Borer security card access system
• Very early sophisticated smoke and heat detection systems
• Firetrace detection and extinguishing system
• Redundant air conditioning units to guarantee stable data floor temperature and humidity @ N+1
• Redundant UPS conditioned power @ N+1
• Diverse Power Supplies with diesel generator backup @ N+1
Outage reporting
Email alerts

Identity and authentication

User authentication needed
Access restrictions in management interfaces and support channels
Library Users do not have to be authenticated to search and discover library and information resources. The client can optionally decide to apply IP filtering and or Single Sign On to restrict users who have access to the system depending on whether they are offering a private or public catalogue.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Username or password
  • Other
Description of management access authentication
Single Sign On (SSO) using SAML method

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
Alcumus ISOQAR
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
A.14.2.7 Outsourced development - N/A
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Our policy is to protect the company’s information assets from all threats, whether internal or external, deliberate or accidental, to ensure business continuity, minimise business damage and maximise return on investments and business opportunities. The Managing Director has approved the Information Security Policy ensure that:

a. Information will be protected from a loss of: confidentiality, integrity and availability.
b. Regulatory and legislative requirements will be met
c. Business continuity plans will be produced, maintained and tested
d. Information security training will be available to all staff.
e. All breaches of information security, actual or suspected, will be reported to, and investigated by, the Information Security Manager.

Supporting guidance and procedures: risk assessment, information classification, data protection, incident handling, information backup, system access, third party services (supplier due diligence), malware controls, mobile device security & remote working, passwords and encryption.

The role and responsibility of the designated Information Security Manager is to manage information security and to provide advice, guidance on implementation of the Policy, review and maintenance.
All managers are directly responsible for implementing the Information Security Policy within their business areas.
It is the responsibility of each employee to adhere to the Information Security Policy.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Identify potential change: A customer encounters a problem, proposes a change or desires new functionality; Determine technical feasibility; Determine costs and benefits; Analyze change impact; Plan change Developer coding using Visual Studio Team Services; Propagate change; Test change; Roll -out change to one client tester; Update documentation; release notes and users' help centre; Release change in a system release rolled out to clients; Review and close change.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We monitor for potential new threats, vulnerabilities or exploitation techniques which could affect our service regularly using F-Secure.
Our hosted platform provider monitors the servers 24/7 for vulnerabilities.
The severity of threats and vulnerabilities is considered within the context of the service and this information is used to prioritise the implementation of mitigations.
Using a suitable change management process, known vulnerabilities are tracked until mitigations have been deployed.
A centralized OS management tool carries out systematic patching across all hosted client sites.
Timescales depend on the severity of the risk. They could be deployed within 24 hours to one month.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Our hosted platform provider monitors 24/7 plus F-Secure warnings.
The risk is assesed. Patch developed. Patch issued as soon as practically possible and released sometimes with 24 hours. Otherwise low risk compromises are addressed inthe next monthly release.
Incident management type
Supplier-defined controls
Incident management approach
Often we find incidents are picked up by our hosted platform provider's 24/7 monitoring of their servers and we are notified by mobile phone if they happen out of hours. Our hosted platform provider will manage incidents on our behalf and have a predefined process. They will restore normal service as quickly as possible. Users can report incidents via our dedicated support number +44 (0)1273 242958 or our support desk: We provide incident reports via email.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks

Social Value

Equal opportunity

Equal opportunity

Bailey Solutions is an equal opportunity employer and is committed to a policy of treating all its employees and job applicants equally. The Company will avoid unlawful discrimination in all aspects of employment including recruitment and selection, promotion, transfer, opportunities for training, pay and benefits, other terms of employment, discipline, selection for redundancy and dismissal. It is the policy of the Company to take all reasonable steps to employ and promote employees on the basis of their abilities and qualifications without regard to age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race (including colour, nationality and ethnic or national origins), religion or belief, sex and/or sexual orientation. In this policy, these are known as the ‘protected characteristics’. The Company will appoint, train, develop and promote on the basis of merit and ability alone. Our full policy is available on request.


£1,950 an instance a year
Discount for educational organisations
Free trial available
Description of free trial
Buyers can trial the complete software application for free for 30-days without providing a credit card or other payment method.
Doesn't include data import services.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.