Bailey Solutions Ltd

KnowAll Matrix G-Cloud 13

KnowAll Matrix is a hosted library management system to manage print and/or electronic library & information resources and knowledge. It is a scale-able & modular system, written in the .Net framework using latest technology. Subscription includes hosting, usage licences, support, updates & back-ups. Pay monthly or annually.

Features

• Catalogue module - with automated cataloguing
• Loans & Access module - with self service options
• Finance module - to handle orders, receipts & invoices
• Serials module - manage receipt of journals and serial publications
• Pre-configured reports in every module
• Electronic Resources Management (ERM) to control access
• Web OPAC - for library users to discover resources
• Regular releases - contain fixes, improvements & new features
• Knowledge management functionality

Benefits

• Quickly download bibliographic details, additional text and images
• Efficiently chase all outstanding orders grouped by supplier
• Claim missing serial issues before it's too late
• Intuitive system means low training overheads
• Users can (optionally) self-loan & renew saving staff time
• Track usage to inform whether replacement/renewal is justified
• Users made aware of all resources both print & electronic
• Easily review spending and control budgets throughout the financial year
• Control access to resources and enforce licensing constraints
• Searchable help centre with comprehensive articles and training videos

£1,950 an instance a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@baileysolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

323206572857287

Contact

Shaun Ellenger
01273386849
info@baileysolutions.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No
• System requirements:
  • Library staff users only need an up-to-date browser
  • Library users only need an up-to-date browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: All questions are responded to within 1 hour, between 9 AM and 5 PM, Monday to Friday. The support desk is closed at weekends.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: The subscription includes:; ; Initial installation and set-up on the hosted platform.; ; Phone, email support and the online help centre during weekdays and normal working hours, 9.00 am - 5.30 pm.; ; Automatically applying releases to your software. Frequent releases include fixes for errors and improvements.; ; Nightly back-ups; ; Support queries should be addresses to support@baileysolutions.co.uk and then it will be assigned to a named technical consultant.; ; The subscription does not include:; ; Technical support for data services, e.g. bulk data cleansing and data manipulation. ; ; On-site support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Free installation and site set-up including the initial branding. ; We provide free training videos, quick guides and manuals. There is a searchable online help centre with step-by-step instructions and video guides.; We can provide online training sessions and there is an hourly rate currently set @ £80 per hour + VAT.; We recommend 2-3 one hour online sessions per module purchased.; We can provide on-site training and there is a half-day charge currently set @ £345 per half day + travel expenses + VAT.; We recommend one half-day training per module purchased.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: We supply a SQL Server database with the client's data in tables but with the software's system objects (code modules, views, stored procedures) removed. There is no charge for this service.
• End-of-contract process: At the end of the contract a SQL server database containing the client's full relational data is provided at no extra cost.; If the client requires continued hosting or re-directs to their new system then this can be be provided at cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Differences between the mobile and desktop service; ; Mobile display is linear and re-scaled to fit neatly on mobile screens. Menus change icons on mobile to (optional) words on desktop. You can tap buttons and selections in the mobile and use a mouse with desktop service. The software will also scale up on wide screen monitors.
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: Yes
• What users can and can't do using the API: Clients can use the API to allow third party search engines to search the records, return search results and link through to the web page with the resource details.; Users are not making changes they are simply receiving search results with records that match their search criteria and then viewing the individual records by clicking through to the full details.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Library Staff can can select alerts and reminders on their home page.; Library Staff can set various system options for the system, e.g. fines on or off, reservations allowed, cataloguing templates used. There are settings for each module.; Library Staff can edit the cataloguing templates.; Power Users can configure the web OPAC and how it works for Library users. They can change the displayed field names, configure the search results, the indexed fields, the timing of the indexing, the bibliographic display, and various other attributes in the OPAC. Power Users can also add and remove standard gadgets, create custom gadgets and custom pages, and manage the menu items. Power Users can create a theme for the appearance of the OPAC. Library users can change the font size. This list is not comprehensive.

Scaling

• Independence of resources: Normally your software would be housed on a server shared with other clients. The server serves many clients, There is one database per client so it's not a multi-tenanted database. The client activity is monitored 24/7 and more resource is added to meet demand when necessary.

Analytics

• Service usage metrics: Yes
• Metrics types: OPAC usage statistics are available in the web OPAC for Library Staff.; Pre-configured management reports in the Loans module also provide loans and usage statistics.; The Library Staff dashboard provides at-a-glance information about system state, e.g. how may orders, outstanding orders, loans, outstanding loans, outstanding serial issue, etc.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Library staff can export catalogue data and data in any list screen.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XML
  • XLSX
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • XLSX

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.7% uptime
• Approach to resilience: Built by the MOD as a command and control centre protecting people and technology from nuclear threat, the construction and security standards are what you might expect of such a purpose built fortress. It sits 30 metres beneath a 3.5m high perimeter fence, with concrete walls 3 metres thick, steel doors weighing several tons and includes military Electro Magnetic Pulse and Tempest RFI intrusion protection. Layered on top of this physical inaccessibility is a 24-hour watch with guard dogs, CCTV and a series of sophisticated access controls.; • 24/7/365 security guards and guard dogs permanently on site; • Vehicular gate with control barrier; • Infrared CCTV with 24 hour capture covering all entrances and operational areas; • Visual verification of all users entering data floor – NO un-manned escort; • Borer security card access system; • Very early sophisticated smoke and heat detection systems; • Firetrace detection and extinguishing system; • Redundant air conditioning units to guarantee stable data floor temperature and humidity @ N+1; • Redundant UPS conditioned power @ N+1; • Diverse Power Supplies with diesel generator backup @ N+1
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: Library Users do not have to be authenticated to search and discover library and information resources. The client can optionally decide to apply IP filtering and or Single Sign On to restrict users who have access to the system depending on whether they are offering a private or public catalogue.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Username or password
  • Other
• Description of management access authentication: Single Sign On (SSO) using SAML method

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 17/09/2020
• What the ISO/IEC 27001 doesn’t cover: A.14.2.7 Outsourced development - N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our policy is to protect the company’s information assets from all threats, whether internal or external, deliberate or accidental, to ensure business continuity, minimise business damage and maximise return on investments and business opportunities. The Managing Director has approved the Information Security Policy ensure that:; ; a. Information will be protected from a loss of: confidentiality, integrity and availability.; b. Regulatory and legislative requirements will be met; c. Business continuity plans will be produced, maintained and tested; d. Information security training will be available to all staff.; e. All breaches of information security, actual or suspected, will be reported to, and investigated by, the Information Security Manager.; ; Supporting guidance and procedures: risk assessment, information classification, data protection, incident handling, information backup, system access, third party services (supplier due diligence), malware controls, mobile device security & remote working, passwords and encryption.; ; The role and responsibility of the designated Information Security Manager is to manage information security and to provide advice, guidance on implementation of the Policy, review and maintenance.; All managers are directly responsible for implementing the Information Security Policy within their business areas.; It is the responsibility of each employee to adhere to the Information Security Policy.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Identify potential change: A customer encounters a problem, proposes a change or desires new functionality; Determine technical feasibility; Determine costs and benefits; Analyze change impact; Plan change Developer coding using Visual Studio Team Services; Propagate change; Test change; Roll -out change to one client tester; Update documentation; release notes and users' help centre; Release change in a system release rolled out to clients; Review and close change.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We monitor for potential new threats, vulnerabilities or exploitation techniques which could affect our service regularly using F-Secure.; Our hosted platform provider monitors the servers 24/7 for vulnerabilities.; The severity of threats and vulnerabilities is considered within the context of the service and this information is used to prioritise the implementation of mitigations.; Using a suitable change management process, known vulnerabilities are tracked until mitigations have been deployed.; A centralized OS management tool carries out systematic patching across all hosted client sites.; Timescales depend on the severity of the risk. They could be deployed within 24 hours to one month.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our hosted platform provider monitors 24/7 plus F-Secure warnings.; The risk is assesed. Patch developed. Patch issued as soon as practically possible and released sometimes with 24 hours. Otherwise low risk compromises are addressed inthe next monthly release.
• Incident management type: Supplier-defined controls
• Incident management approach: Often we find incidents are picked up by our hosted platform provider's 24/7 monitoring of their servers and we are notified by mobile phone if they happen out of hours. Our hosted platform provider will manage incidents on our behalf and have a predefined process. They will restore normal service as quickly as possible. Users can report incidents via our dedicated support number +44 (0)1273 242958 or our support desk: support@baileysolutions.co.uk We provide incident reports via email.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Equal opportunity:

  Equal opportunity

  Bailey Solutions is an equal opportunity employer and is committed to a policy of treating all its employees and job applicants equally. The Company will avoid unlawful discrimination in all aspects of employment including recruitment and selection, promotion, transfer, opportunities for training, pay and benefits, other terms of employment, discipline, selection for redundancy and dismissal. It is the policy of the Company to take all reasonable steps to employ and promote employees on the basis of their abilities and qualifications without regard to age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race (including colour, nationality and ethnic or national origins), religion or belief, sex and/or sexual orientation. In this policy, these are known as the ‘protected characteristics’. The Company will appoint, train, develop and promote on the basis of merit and ability alone. Our full policy is available on request.

Pricing

• Price: £1,950 an instance a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Buyers can trial the complete software application for free for 30-days without providing a credit card or other payment method.; Doesn't include data import services.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@baileysolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.