Tazio Online Media Limited

Tazio

Tazio is a volume hiring platform that combines candidate management, screening and evaluation through an extensive range of assessments, tests, and interviewing tools, including virtual and in-person options. Its modern accessible design supports neurodiverse candidates and ensures fair, unbiased assessment for any role, from entry-level to senior hires.

Features

• Automated candidate and assessor scheduling
• Virtual and in-person assessment centres
• Supports neurodiversity and accessibility
• Employers can customise tests and interviews to match job requirements
• Offers real-time data and analytics on candidate performance
• Integrated live and automated video interviewing
• Tailored candidate feedback and reporting tools
• Fully compatible with mobile devices.
• Provides ongoing engagement with candidates throughout the recruitment process
• Supports multiple languages

Benefits

• Saves time and reduces the administrative burden on TA teams
• Expands the reach to candidates globally and reduces travel costs.
• Promotes inclusivity ensuring candidates can perform to their best ability
• Enhances the relevance of assessments to better predict job performance
• Provides greater insights for quicker and more informed hiring decisions.
• Facilitates remote interviewing, saving time and resources.
• Improves the candidate experience and helps refine future recruitment strategies
• Candidates can complete assessments and interviews from anywhere, enhancing convenience
• Keeps candidates informed and engaged, improving their user experience
• The platform is accessible to a more diverse applicant pool.

£25,000 a licence a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tom.stroud@tazio.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

460130549493937

Contact

Tom Stroud
02922 331 888
tom.stroud@tazio.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Mainly applicant tracking software (ATS), and human resources information systems (HRIS) but has been integrated with other assessment and test platforms as well as Microsoft Teams and Zoom.
• Cloud deployment model: Public cloud
• Service constraints: No material service constraints. We occasionally need to perform planned maintenance, but in the majority of cases this done without impacting customer access to the platform.
• System requirements: Internet access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We aim to respond to support tickets and emails within 15 minutes during business hours 8am to 6pm, Monday to Friday excluding UK bank holidays. We will respond to emails and tickets outside of these hours, however response times maybe longer.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We use Intercom which have asserted they support assistive technology users.
• Onsite support: Yes, at extra cost
• Support levels: We have in app support with FAQs, interactive AI enabled chatbots, how to guides including videos available 24/7 for candidates and system users. ; ; We have dedicated Customer Success Managers who provide ongoing support to customers and candidates from 8am to 6pm Monday to Friday. ; ; We provide access to second and third level technical support as required through the Customer Success Management team.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Our customer onboarding process is designed to ensure a smooth and effective integration of our platform into your recruitment workflow. An Implementation Manager works with key stakeholders to understand and document your challenges and objectives in detail. ; ; Step-by-step, we help you configure the platform according to your specific needs, including setting up user roles, customising assessments, and aligning the interface with your employer branding. We also assist in integrating with any existing HR software to ensure seamless data flow and functionality.; ; Before going live, a Customer Success Manager will conduct training sessions for all relevant team members to ensure they are comfortable using the platform. These sessions include live demonstrations and can be tailored to your team's specific use cases. Additionally, we provide comprehensive resource materials such as user manuals, FAQs, and tutorial videos.; ; Ongoing support is a cornerstone of our onboarding process. Customers are assigned a dedicated Customer Success Manager who supports any day-to-day issues and provides regular check-ins to address any concerns, gather feedback, and optimise the platform's use.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: When a contract ends, users can extract their data efficiently and securely. We provide a straightforward process to ensure that all data, including candidate information, assessment results, and interview records, is retrieved without loss.; ; Users with the appropriate privileges can extract data via the admin portal. From here, users can select the types of data they wish to download, such as data reports, or aggregated analytics. The platform supports exporting data in several formats, including CSV, PDF, and Excel, accommodating your needs and allowing for easy integration with other systems or for archival purposes.; ; Throughout the data extraction process, our support team is available to assist with any specific requests or provide guidance on handling complex data sets. Additionally, we ensure that all data is exported in compliance with applicable data protection regulations, ensuring that user and candidate information remains secure and private throughout the process.; ; Once the extraction is complete and the user confirms that all necessary data has been received, the data will be securely deleted from our servers in accordance with the data retention policies and privacy regulations. This ensures that the user's information remains confidential and is appropriately handled even after the end of the contract.
• End-of-contract process: Several steps are taken to ensure a smooth and transparent transition with our service at the end of the contract. Firstly, users are notified before the upcoming contract expiration to provide ample time for decision-making regarding renewal or termination. If a decision is made not to renew, we assist users in exporting all their data securely, as previously described. ; ; After data extraction, the account is deactivated, and all stored data is securely deleted from our servers in compliance with data protection laws. ; ; The costs associated with closing the account described are included within the contract cost. Additional fees may be incurred for services such as development work required to export data in a non-standard format.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The candidate experience has been optimised to work on the smaller screen sizes on mobile and tablets. The functionality is the same, it is only the page layout that changes.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Tazio has multiple service interfaces. A Service interface in this case being defined as a means of interacting with the application. This includes an application programmable interface for interactions between systems – this is not user facing. There are however a number of user facing Service Interfaces. These are Web applications utilised in the provision of the service and include a Candidate portal, Assessor Portal, administrator management application, etc. The Candidate Portal has been recently rebuilt to fully comply with WCAG 2.2 and best practice Accessibility we are in the process of updating the other relevant service interfaces.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Tazio directly allows for the embedding of assistive technology (in the form of ReciteMe) providing users assistance without the need for any third party tools. However, as part of our Accessibility programme we carry out regular non-functional testing of the Tazio platform internally through our Testing team under our Software Development Life Cycle. This includes monitoring WCAG compliance and assessing the platform against the following three core accessibility toolset areas:; Screen Readers – here we test using Windows Narrator and NVDA; Screen Magnifiers – here we test using Windows Magnifier; Voice Controllers – here we test using Dragon Dictate; We do this to ensure that the application has been tested against a range of common technologies. We have also carried external testing with a third party accessibility test partner covering JAWS, ZoomText, Dragon, NVDA, Voiceover, and Talkback
• API: Yes
• What users can and can't do using the API: Our standard API allows appropriately authenticated users access to a comprehensive range of services provided within the platform. For example, the ability to create, modify & delete candidates, users or assessments, retrieve scores and reset candidates. Each customer's API access is defined and enabled by our development team to meet their needs. We can also create bespoke API calls to handle non standard requests.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Each recruitment or assessment process can be meticulously tailored to align perfectly with the employer's specific requirements and the unique demands of the job role. This begins with selecting the best-of-breed tests and assessments or developing job-specific assessments that accurately reflect the skills and competencies essential for success in the role. Users can choose from an extensive range of assessment types, such as aptitude tests, skill-based tasks, or personality evaluations, and adjust the complexity and content to match the role's level and nature. ; ; Interviews can also be customised by crafting question sets that probe relevant experiences and skills, ensuring that each candidate is evaluated against the same criteria. ; ; Additionally, users can customise the layout and branding of the user interface to reinforce the employer's brand identity, creating a modern and engaging candidate experience. This level of customisation not only enhances the efficiency and effectiveness of the recruitment process but also ensures a fair and equitable assessment of all candidates, tailored to extract and evaluate the most pertinent attributes required for the role.

Scaling

• Independence of resources: We employ scalable cloud infrastructure and load-balancing technologies to ensure the user's experience is consistent and that service is reliable regardless of demand. This setup dynamically allocates resources to handle increases in user activity without any degradation in performance. Additionally, we regularly update and maintain our systems to manage and anticipate load, preventing any potential slowdowns or disruptions. Continuous monitoring and advanced analytics allow us to proactively address any issues, ensuring all users receive uninterrupted access to our platform.

Analytics

• Service usage metrics: Yes
• Metrics types: Our platform provides a comprehensive suite of service metrics to enhance recruitment strategies. These include candidate engagement rates, time-to-hire, assessment completion rates, and candidate authenticity. ; ; Additionally, we offer advanced analytics on candidate performance and interview outcomes. These metrics help employers understand recruitment efficiencies, pinpoint areas for improvement, and make data-driven decisions to optimise their hiring processes. All metrics are accessible through an intuitive dashboard, allowing real-time tracking and analysis.; ; Through our customer success team we provide quarterly service reviews to ensure customers are getting the maximum benefit from the service.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users with the necessary privileges can export data through the admin portal. Here they can choose from various data types—like data reports, or aggregated analytics—and export formats, including CSV, PDF, and Excel. ; ; Our Customer Success Team is ready to help with any special requests or complex data exports. All data is exported in compliance with data protection laws to maintain security and privacy. Access to this data is restricted using Tazio's comprehensive roles based access controls (RBAC), providing assurance that only authorised users can carry out this bulk data function.
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Tazio shall use all commercially reasonable efforts to make the SaaS Services available twenty-four (24) hours a day, seven (7) days a week such that the monthly availability of the SaaS Service shall be at least 99.5%, except for:; ; Planned maintenance: Tazio shall use all commercially reasonable efforts to limit the number of Planned Maintenance outages to six per Contract Year, without prejudice to Tazio's other obligations under the Agreement.; ; Unscheduled emergency maintenance: Tazio shall use all commercially reasonable efforts to give the Client at least 6 Business Hours' notice in advance of unscheduled emergency maintenance performed outside Business Hours. Tazio shall use reasonable efforts to supply an estimate for the period of any unscheduled maintenance, keep the Client updated on the progress of such unscheduled maintenance and implement workarounds where practical.; ; If Tazio fails to meet the guaranteed system uptime (only applicable for a P1 issue), the customer may request SLA credits. The SLA credits can be used against Tazio professional services. The SLA credit levels are as follows:; ; System Availability (Monthly) /Service Level Credit (% of monthly Subscription Services Fees); 99.5% - 95% /5%; 95%-90% /10%; 90% or below /15%
• Approach to resilience: Our service is designed for high resilience and availability, leveraging best practices and robust architecture in cloud infrastructure. Here’s how we ensure resilience:; Multi-Zone Data Processing: We utilize AWS, spreading processing and data storage across three availability zones within a chosen region (e.g., UK). This design enhances our service's fault tolerance and minimises downtime, ensuring continuous operation even if one zone experiences issues.; Data Recovery: For additional security, we maintain offsite backups in an encrypted Azure data vault. This allows for full data recovery in the rare event of a significant incident affecting an entire AWS region.; Regular BCDR Testing: Our Business Continuity and Disaster Recovery (BCDR) plans are regularly exercised to confirm that we can recover from various scenarios effectively measuring against our Recovery Point Objectives (RPOs) and Recovery Time Objectives (RTOs).; Security Measures: We have implemented comprehensive security measures including DDoS protection and Web Application Firewalls. These are part of our wider technical controls to safeguard our services against a range of threats impacting operations.; This combination of strategic infrastructure deployment, robust backup solutions, regular testing of recovery procedures, and strong security defenses ensures that our service remains resilient, secure, and highly available.
• Outage reporting: We report service outages to customers via a public dashboard on our website and email alerts sent to nominated customer contacts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: We restrict access to management interfaces and support channels through role-based access control (RBAC) systems. This ensures that only authorised personnel with specific roles and responsibilities can access sensitive areas of our platform. Authentication measures, including multi-factor authentication (MFA), further secure access, providing an additional layer of security against unauthorised entry. Regular audits and updates to access permissions help maintain optimal security levels, ensuring that access rights are always aligned with individual job functions and current organisational policies.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Citation ISO Certification Limited
• ISO/IEC 27001 accreditation date: 20/09/2023
• What the ISO/IEC 27001 doesn’t cover: It covers the scope of the platform and services provided to customers and end users.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our information security framework adheres to internationally recognised standards and best practices to ensure robust protection of data and systems. Here’s a summary of our policies and processes:; ; ISO 27001 Compliance: We strictly follow the ISO 27001 standard for information security management. This involves systematic management of sensitive company information, ensuring it remains secure. We undergo annual audits to verify our compliance and continually improve our security measures.; ; Cyber Essentials Plus: We are certified under Cyber Essentials Plus, which demonstrates our commitment to cybersecurity against common cyber threats and our capability in managing system and software security effectively.; ; CSA CCM Implementation: We are actively working towards implementing the Cloud Security Alliance’s Cloud Controls Matrix (CCM) version 3.0. This framework provides detailed guidance on security controls specifically for cloud computing, enhancing our cloud security posture.; ; OWASP ASVS: We are in the process of adopting the OWASP Application Security Verification Standard version 4, which sets forth a basis for testing web application technical security controls, helping to secure all our applications in a thorough and consistent manner.; ; These policies and processes reflect our dedication to maintaining high security standards, reducing risks, and protecting client and organisational data against evolving cyber threats.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We maintain a robust change control process integrated within our SDLC, adhering to ISO 27001:2022 standards and subject to annual independent audits. All changes are meticulously logged in our Source Control Management system (AzureDevOps) and reviewed by our Change Approval Board to assess security impacts and compliance. Each change undergoes rigorous testing against functional and non-functional requirements, including security testing. For changes impacting data privacy, a Data Protection Impact Assessment is conducted to identify and mitigate risks. This comprehensive approach ensures each modification upholds our high security and reliability standards.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our vulnerability management process followings the stringent requirements of ISO 27001 and incorporating best practices recommended by NIST and NCSC with regards to the remediation of vulnerabilities.; We continuously monitor for potential threats using a comprehensive SIEM toolkit, which includes vulnerability scanning capabilities to verify system compliance and detect vulnerabilities.; We patch weekly. Ensuring that we address vulnerabilities swiftly, reducing the window of exposure to potential threats.; Our threat information is derived from multiple reliable sources including the SIEM toolset, Penetration Testers, and industry sources. This is supplemented by regular annual penetration testing to identify and mitigate vulnerabilities.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our protective monitoring is carried out under incident management in our ISO 27001 framework and follows the NIST CSF 1.1 Five Functions framework. We continuously gather logs from our applications and environment, feeding them into a SIEM solution monitored 24/7. In the event of a potential compromise, our system promptly alerts key staff members via telephone so immediate action can be taken for critical issues. This triggers our well-defined incident response process, ensuring rapid and effective action. Our approach guarantees swift responses to incidents, minimising impact and maintaining operational integrity, thereby safeguarding our systems and data consistently.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our incident management process runs within our ISO 27001 framework and utilises a SIEM system for real-time monitoring and detection, coupled with a formal reporting procedure for users and staff. We utilise predefined incident types, each with specific response steps, to ensure efficient and consistent handling of security events. In the event of a data breach, our rapid notification protocols enable affected customers to meet their obligations as data controllers, including timely communication with the Information Commissioner’s Office (ICO). We carry out lessons learnt with customers and provide incident reports to impacted customers following P1 or data security incidents.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity

  Fighting climate change

  Our service contributes to the fight against climate change by promoting remote recruitment processes, significantly reducing the carbon footprint associated with traditional hiring practices. By enabling virtual assessments and interviews, our platform decreases the need for travel, thus reducing CO2 emissions from transportation. Additionally, our digital-first approach minimises paper use, helping to save trees and reduce waste. Our service supports environmentally sustainable recruitment practices that contribute to broader climate change mitigation efforts.

  Tackling economic inequality

  Our service plays a role in tackling economic inequality by democratising the recruitment process. By offering a platform that supports neurodiverse and differently-abled candidates, we ensure that everyone has a fair chance to demonstrate their abilities, regardless of their background. This inclusivity extends to providing tools for virtual interviews and assessments, which can be accessed from anywhere, reducing geographical and economic barriers to employment opportunities. Furthermore, our data-driven insights help employers recognise and mitigate unconscious bias, promoting equal-opportunity hiring. This approach helps level the playing field, allowing talent from underserved and economically disadvantaged communities better access to employment opportunities.

  Equal opportunity

  Our service strongly supports equal opportunity in recruitment by implementing features that promote fairness and inclusivity. By offering customisable assessment strategies that accommodate neurodiverse and differently-abled candidates, we ensure that all applicants can perform to their best ability in a setting that suits their needs. Our platform also facilitates anonymous screening processes, which help eliminate unconscious biases by focusing on skills and competencies rather than demographic information. Additionally, the accessibility of our virtual tools ensures that candidates from various geographic and socioeconomic backgrounds can participate in the hiring process, further levelling the playing field and fostering a diverse workplace. These features help employers uphold equal opportunity standards, enabling a fairer and more inclusive recruitment process.

Pricing

• Price: £25,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tom.stroud@tazio.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.