Elsevier

Researchfish

A cloud-based platform enabling funding organisations to track research and evidence impact. Research grant-related outputs and outcomes are collected from various online repositories and sources. Researchers can report outputs and outcomes of their research directly into Researchfish. This data is used to measure and assess the impacts of funded research.

Features

• Research impact analysis
• Research evaluation tool
• Research impact assessment
• Real-time reporting
• Research outcomes and outputs collection
• Data curation and data management
• Data harvesting and enrichment
• Interoperability

Benefits

• Saves time and administrative burden for researchers
• Allows cross attribution of outcomes and outputs
• Enables benchmarking across organisations
• Identify pathways to impact
• Data harvesting and enrichment

£50,000 to £1,000,000 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at v.mahi@elsevier.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

443034842651175

Contact

Vinod Mahi
+44 7881 002595
v.mahi@elsevier.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Researchfish requires an internet connected device capable of running a supported browsers:; ; 1) Google Chrome (latest version); 2) Mozilla Firefox (latest version); 3) Safari (latest version); 4) Microsoft Edge; ; Researchfish is not designed for use with browsers where JavaScript or cookie functionality has been disabled. Access may be restricted if you are using these types of browsers.
• System requirements:
  • Must have a compatible browser: Microsoft Edge, Firefox, Chrome, Safari
  • Must have an Internet connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support is provided during UK business hours, 9:00am to 5:00pm, via email and live chat. There is no support during weekends and bank holidays.; ; Response times vary according to the severity of the enquiry:; Urgent - first response within 2 hours; Medium and Low - first response within the working day; ; Urgent enquiries are defined as complete system outage, front end limited service outage, back end limited service outage or major licensee impact.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: No testing has been carried out
• Onsite support: Yes, at extra cost
• Support levels: We provide one level of support to all clients, via email and live chat during UK business hours 9:00am to 5:00pm Monday to Friday, excluding bank holidays.; ; Support is included in the annual licence fee.; ; A dedicated customer success manager is allocated to each client and support can be delivered on site if required (e.g. training) at extra cost, described in the pricing document attached to this submission.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We have a well established onboarding process for new clients. This involves working closely with each client to determine the set of grants on which output and outcome reporting will be required. The grant set is built into a spreadsheet which is uploaded to the platform in order to establish the base data set. ; ; Training is provided throughout the year, appropriate and timed to the timeline of the client. For example, administrative training for setup, communications with researchers, and submission period setup comes first. Subsequent to a submission period, training is provided in use of the data.; ; Online documentation is provided and training is usually provided remotely, although can be provided on site at an additional cost (please see the pricing document attached to this submission).
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users are able to download their data directly from the platform via the administrative interface. Alternatively, users can contact our support team on support@researchfish.com requesting an extract of their data and we will do this for them free of charge.
• End-of-contract process: Should the client decide not to renew the annual contract, the agreement will terminate. This will be actioned by the client providing written confirmation of their desire to terminate the contract according to the notice provisions in their licence and services agreement with us. Either the client can download all their data via the interface or the Researchfish team can download the data on the client's behalf and make it available to them.; ; All user accounts will be deactivated by the Researchfish team.; ; We will retain the data for up to year, after which all personal information will be deleted.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: All features are available on both the mobile and desktop offering.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: A read-only API is available as part of the subscription and allows clients to extract agreement and output records programmatically. No write access is permitted to the database via this API.; API documentation can be supplied on request.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Additional sections containing more questions can be added, to complement the standard (or "common") question set.; This can only be done by the Researchfish team and is a paid service.

Scaling

• Independence of resources: We host Researchfish on Amazon Web Services and adopt the elastic cloud computing functionality which auto-scales CPU with demand. This means that as more and more people use the service, the platform will scale to meet the demand.

Analytics

• Service usage metrics: Yes
• Metrics types: Researchfish captures outputs and submissions, which are available via a number of different mechanisms, including platform export, platform search results, platform reports, API and reporting database (if that option is taken). ; ; We can also provide other metrics upon request (e.g. user time spent on platform, page views, etc).
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: There is an export section within the administrative interface. The client can export different sections of the data and can choose from a drop-down list.; ; They can also access data via other technologies: Snowflake, and SQL exports (note that SQL export is being deprecated). ; ; Researchers (who are users but not customers) can also export data in Excel and Word format, via a similar administrative interface.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel (XLSX)
  • Word (DOCX)
• Data import formats:
  • CSV
  • Other
• Other data import formats: Excel (XLSX)

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Traffic within the network is protected through the AWS virtualisation technology which prevents access from other guests.

Availability and resilience

• Guaranteed availability: Our service level agreement (SLA) guarantees a 99.9% system uptime.
• Approach to resilience: The service is built on top of AWS and utilises technology such as auto-scaling and geographically distributed services.
• Outage reporting: Outages are reported through the application itself. In addition to being able to put the platform into "maintenance mode", it's possible to indicate for each of the publication search types if there is currently a problem with the search functionality.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Users authenticate either via a username and password, or using third-party authentication via ORCID (if the user has set this up).
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Description of management access authentication: Authentication of management access is via username and password. The platform's underlying role management system powers the authorisation system to ensure correct access.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI Assurance UK Limited
• ISO/IEC 27001 accreditation date: 23/02/2024
• What the ISO/IEC 27001 doesn’t cover: We hold 27001:2013 Certification. The Information Security Management System in place underpins the provision of all services and activities. ; ; This, in accordance with the Statement of Applicability and Risk Register are underpinned by a set of policies in place that ensure the following areas are covered: ; Context of the business, ; Leadership, ; Planning, ; Support, ; Operations.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The Information Security Management System in place complies with the requirements of ISO/IEC27001. This underpins the provision of all services and activities. ; ; This, in accordance with the Statement of Applicability and Risk Register are underpinned by a set of policies in place that ensure the following areas are covered:; Context of the business; Leadership; Planning; Support; Operations; Performance evaluation; Improvement; ; These policies are reviewed annually by the ISO team to ensure we are working to the required standard. Staff awareness is maintained through an easy-to-read manual issued annually, with regular updates in company briefings and training in specialised areas such as cyber security.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes are recorded in our product development system (Jira) and tracked through their lifecycle. Regular external penetration testing is commissioned to test the software for vulnerabilities.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: On discovery of a vulnerability, the vulnerability is recorded and a triage process is followed to assess the severity and impact of the vulnerability. ; ; Patching speed will be determined depending on the assessment of the vulnerability.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Elsevier’s Information Security and Data Protection (ISDP) team continuously monitor and respond 24/7 to security events. The ISDP team will assess any identified risks for their potential impact and determine the appropriate response and remediation actions. To ensure monitoring is as thorough as possible, Elsevier uses a combination of automated and manual solutions to inspect applications and identify any vulnerabilities that require remediation.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Elsevier manages incidents using a well-established Security Incident Response process. This process covers all security incidents, including hacker, denial of service, lost asset and virus/worm incidents. When an incident occurs, it is promptly handled by our dedicated Information Security & Data Protection team. They will restore service as soon as possible, determine the cause of the incident, and take appropriate steps to prevent future incidents. Elsevier’s incident response and notification policy sets out how users are notified in the event of information being compromised. We conduct security incident disclosures in compliance with all appropriate regulatory policies and applicable statutory guidelines.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Covid-19 recovery

  Researchfish is customisable, to allow a customer to collect data on any topic of interest to them. Via this mechanism, some of our customers have been collecting information during the pandemic on the impact of COVID-19 on researchers; this insight then allows them to tailor their policies and processes as appropriate.; The same approach can be taken for any area, allow the customer to make better data-informed decision to affect their policies and processes.

  Equal opportunity

  RELX is committed to providing an inclusive, fair and equitable workplace; where all employees are respected and valued, and have equal opportunities. ; ; Inclusion is important to our future. We need the contributions of people from a wide range of backgrounds, experiences and ideas to achieve real innovation for our customers. ; This means: ; • Creating a positive and supportive working environment for all employees ; • Recognising and valuing individual differences and supporting the participation of all team members ; • Promoting the diversity of our workforce ; • Responding to changing work patterns, by providing flexible working where appropriate ; ; We are an equal opportunity employer, committed to treating all employees and applicants for employment with respect and dignity, and we prohibit discrimination. We recruit, train, develop, promote, and provide conditions of employment without regard to race, colour, creed, religion, national origin, gender, gender identity or expression, sexual orientation, marital status, age, disability, or any other characteristic protected by law. We regularly review our policies and practices in the areas of recruitment, development, promotion and reward to ensure we provide fair and equitable opportunities. ; ; We will meet our inclusion goals through: ; • Selecting candidates for employment, promotion, training, or any other benefit based on ability ; • Monitoring inclusion and diversity data (including diversity and pay data) ; • Training (e.g. inclusive leadership development programme for managers; unconscious bias training) ; • Sponsorship and mentoring (e.g. Women in Tech mentoring programme) ; • Encouraging inclusion networks (e.g. Employee Resource Groups focused on gender, ethnicity, etc.) ; • Regularly reviewing our employment practices and procedures ; • Maintaining good governance for, and communication on, inclusion ; ; The inclusion and diversity practices of our suppliers are important to us. Our Supplier Code of Conduct includes a non-discrimination clause. Our Supplier Inclusion and Diversity Program is designed to encourage the development of Diverse Suppliers.

  Wellbeing

  Staff health and well-being is important to us. We offer opportunities for our employees to create an inclusive, engaged and agile global workforce focused on innovation. Together, we create possibilities.; Networking and engagement; Within Elsevier, we have a variety of groups and opportunities for employees to connect and form strong relationships.; • Employee resource groups: ERGs offer a platform for employees to share their experiences, connect with colleagues who share similar backgrounds or interests, strengthen allyship and provide opportunities for professional development and growth.; • Finding purposeful work: All Elsevier employees contribute to the fulfilling mission of helping researchers and healthcare professionals make breakthrough discoveries that change the world.; • Career growth: We encourage employees to choose their own path and shape their own unique career. We encourage a coaching environment and provide best in class training programs.; • Strong working relationships: Elsevier employees work in an inclusive hybrid environment, and we embrace diverse teams. With a mission of advancing science and improving lives, our employees are an integral part of something that truly matters.; Benefits; Elsevier offers flexible working conditions and compensation that reflect your excellence and our high standards. We value our employees’ time and encourage our colleagues to pursue a full and interesting life outside of work.

Pricing

• Price: £50,000 to £1,000,000 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at v.mahi@elsevier.com. Tell them what format you need. It will help if you say what assistive technology you use.