MULTITIME SYSTEMS LIMITED

VisionTime - Time and Attendance System

VisionTime enables organisations to manage time and attendance, flexitime and all flexible and hybrid working at the office, home or remotely. Create schedules, apply rules, manage holidays, absence and reports. Integrates with payroll, access control or HR. Manage flexible working policies, track and monitor hours worked daily/weekly/monthly with flexi leave.

Features

• Clock-In via Terminals, Mobile, or PC
• Time and Attendance, Flexitime, Flexible Working and Shift Management
• Hybrid Working Management, Office Attendance Monitoring, Optional GPS
• Project Resource Assignment, Productivity Tracking
• Real Time Reporting and Dashboards
• HR Systems, Payroll Systems, HRM, HRIS and Access Control Integration
• Employee Self Service, Configurable Approval Workflow
• Time Bank Manager, Flexitime, Time Off In Lieu, TOIL
• Annual Leave/Sick Leave Management
• Timesheets / E-Rostering / Annualised Hours

Benefits

• Improves Recruitment, Employee Loyalty, Satisfaction and Retention
• Reduced Overtime Costs
• Faster and More Accurate Payroll Processing
• Auditable Compliance with Flexible Working Regulations
• Improves Employee Motivation and Discretionary Effort
• Accurate Workforce Time, Resource Management and Productivity
• Systemised Compliance with Current and Future HR Policy
• Save Time with Employee Self Service with Approval Workflows
• HR Integration to improve efficiency
• Manages Time and Attendance for Home, Office and Remote Work

£2.54 to £4.93 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@flextime.ie. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

447542144493396

Contact

Aidan Murphy
353 1 260 9680
gcloud@flextime.ie

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: HRIS System HR system Access Control Systems Payroll Systems Rostering System
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
• Service constraints: No
• System requirements:
  • MS SQL Server Enterprise/Express
  • MS IIS

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard SLA is 24 Hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: 1 - Critical 1 Hour Critical business impact – for example: · Entire System is unavailable e.g. client unable to access the online T&A system Within 1 Working Day (with a workaround within 4 hours) 2 - High 2 hours Major business impact – for example: · An important component of the System is unavailable Within 2 Working Days 3 - Medium - 4 hours Medium business impact – for example: · A component of the System is subject to fault but a workaround exists *Fixed for Release within 10 working Days 4 - Low 4 hours Minor business impact – for example: · Functionality problems of a cosmetic nature; or · Request for advice or guidance. As Agreed
• Support available to third parties: No

Onboarding and offboarding

• Getting started: New clients are supported with initial on-boarding, this includes: Staff Profile Uploads, Departmental Configuration, Onsite or Offsite training and the necessary documentation and E-Learning
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Option 1: SQL.CSV export Option 2: Flat File data migration
• End-of-contract process: 6 Months notification of the end of contract No additional cost to end of contract

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The mobile application is a slimmed down version of Visiontime Version 7.2 designed to fit within the iOS standards and Android Standards
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: Standard validation banner pop up messaging
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: During the implementation process for every client, we place a strong emphasis on rigorous interface testing. This meticulous approach ensures the service interface functions flawlessly, exceeding "standard" expectations and delivering an exceptional user experience. We leverage a robust testing framework to identify and rectify any potential issues, guaranteeing a seamless interaction for all users.
• API: Yes
• What users can and can't do using the API: Our API is developed using a close API
• API documentation: No
• API sandbox or test environment: No
• Customisation available: No

Scaling

• Independence of resources: We insure that the OS Environment adheres to Microsoft protocols best practice standards

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Reporting data extraction in 3 formats: MS Excel PDF MS Word
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Actual SLA achievement for the Service Level shall be calculated each month in accordance with the following formula: Service Availability = (Service Hours in Month – Service Downtime in Month) x 100 Service Hours in Month Service downtime is defined as the time where not one user is able to access the system. Total Service Downtime excludes:  Planned maintenance  Scheduled Interruptions  Downtime caused by the Clients ICT environment  Downtime caused by failure of a utility service or stoppage e.g. broadband internet stoppage  Time outside of service hours Total Service downtime includes  Extended service hours
• Approach to resilience: FlexTime is the sole developer and distributor of VisionTime (VT) Web software. VT Web interface is designed using the latest .NET (Visual Studio) framework applications and tools. The database back end is also designed solely by FlexTime using Microsoft SQL Server database schema technologies (MSSQL 2012 Standard). FlexTime is a fully Microsoft certified organisation therefore all web/database applications are designed solely using Microsoft technologies. VT software version(s) are released quarterly via the clients change management process ensuring all new features, bug fixes and client functionality requests are implemented within any new version release. Client notification of any new release is deployed via FlexTime website www.flextime.ie and/where necessary individual support notification to client/Operator refereeing same.
• Outage reporting: - Email Alerts - Client Helpdesk Notification

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Flextime restricts staff level access based upon active/inactive mode or licence limitations based on staff roles within the organisation.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: MultiTime adhere to a comprehensive information security framework designed to safeguard user privacy and data integrity. This framework incorporates industry best practices such as access control, data anonymization, vulnerability management, logging and monitoring, and a robust incident response plan.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Baseline Establishment: This involves defining a secure and approved golden configuration for all critical systems. ; ; Change Request and Approval: A formal process is implemented for requesting, reviewing, and approving any proposed changes to the system configuration. This ensures proper evaluation of potential security risks before changes are implemented.; ; Implementation and Documentation: Approved changes are implemented in a controlled and documented manner.; Verification and Testing: Following implementation, thorough testing is conducted to verify the change functions as intended and hasn't introduced any security vulnerabilities.; ; Version Control and Rollback: A version control system tracks configuration changes over time.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Identification: Regularly scan systems and applications to identify potential weaknesses (vulnerabilities).; Prioritization: Analyse vulnerabilities based on severity, exploitability, and potential impact to prioritize remediation efforts.; Remediation: Implement patches, updates, or other controls to address the vulnerabilities.; Verification: Validate that the remediation efforts were successful and the vulnerabilities are no longer exploitable.; Reporting: Track and report on identified vulnerabilities, remediation progress, and overall security posture.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Constant vigilance: Security tools and processes are used to continuously collect and analyse data from various sources like logs, network traffic, and user activity.; Identifying threats: The collected data is compared against known indicators of compromise and threat intelligence to identify potential security incidents before they happen.; Proactive defence: By detecting threats early, organizations can take preventive actions to mitigate damage, such as blocking malicious traffic or isolating compromised systems.
• Incident management type: Supplier-defined controls
• Incident management approach: Preparation: This involves establishing clear policies and procedures for handling security incidents; ; Detection and Identification: The goal here is to promptly identify and report any potential security breaches. ; ; Containment and Mitigation: Once an incident is detected, swift action is crucial to minimize damage. This might involve isolating infected systems, restricting user access, or shutting down specific services.; ; Eradication and Remediation: After containing the incident, the focus shifts to eliminating the root cause and fixing any vulnerabilities that allowed the breach to occur.; ; Recovery and Post-Incident Review: The final stage involves restoring affected systems and data to a functional state

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Public Services Network (PSN)

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  Our core social values focus on:; ; Employee Wellbeing: We believe flexible work fosters a healthy work-life balance, leading to happier and more productive employees.; Diversity and Inclusion: Flexible work schedules cater to diverse needs and working styles, promoting a more inclusive work environment.; Sustainability: By reducing reliance on traditional office commutes, flexible work can contribute to a more sustainable future.; Business Growth: We see flexible work arrangements as a win-win, fostering employee satisfaction and ultimately contributing to business success.

Pricing

• Price: £2.54 to £4.93 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Our free versions are customised depending on the client's current challenges when managing their Flexible working policy. The time limit is dependant on the type of organisation and scale of the project.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@flextime.ie. Tell them what format you need. It will help if you say what assistive technology you use.