Gartan Technologies

Roster Management

Gartan's Roster Management module is a cloud and mobile workforce management solution designed to manage staff availability. It is an absence management tool that caters for multiple rosters and is fully compatible with your HR, payroll, training & communications systems. It designed for users with all levels of IT experience.

Features

• Create staff rosters to manage staff and ensure regulatory compliance.
• Hourly, daily, weekly, monthly & customisable staff availability views.
• Automated staff shortage alerts to help ensure operational efficiency.
• Automated overtime management process using apps and push notifications.
• Manage staff shortages using Shift Swap and Shift Offer boards.
• Realtime staffing map to highlight location statuses and vehicle availability.
• Integration with the Gartan's Payroll and Competency Management modules.
• Self service features to facilitate absence management and performance analysis.
• Create new rosters and set the associated minimum staff requirements.
• Comprehensive workforce analytics tools including filtered reporting and secure APIs.

Benefits

• A customisable solution that delivers greater control and flexibility.
• Colour coded vacancies alerts to facilitate efficient time management.
• Advanced knowledge of staffing issues to inform decision making.
• Comprehensive planning and messaging features that enhance operational preparedness.
• Mobile tools to facilitate the best work life balance.
• An integrated solution to help deliver comprehensive and streamlined operations.
• 24 Hour Phone & Technical Support and Support Portal.
• Built in collaboration with over 50 Fire Services worldwide.
• Access to Client Forum and User & Strategic User Groups.
• Dedicated Key Account Manager, Monthly Support Calls and Service Reviews.

£27,495.00 a licence

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@gartantech.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

475138757245016

Contact

Malachi Eastwood
028 9099 2599
sales@gartantech.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: The Gartan Staff Roster Management solution integrates with our payroll and competency management modules. Combined, the Gartan suite delivers an integrated workforce management solution that manages staff availability, competency compliance and the associated payroll process.
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: System Administrators have full control of the Roster Management module. However, some clients may require some form of system customisation. We do not have restrictions on the type of customisations but we do work with the buyer to identify ways for them to address their needs using the solution in its current form. That is the most time and cost-effective way for the organisation to deploy the Roster Management solution. We offer 24/7 Technical Support and Office Hours customer support.; ; Note: The System Customisation hourly rate is detailed in our Pricing Sheet.
• System requirements:
  • Internet connectivity
  • Cookies enabled
  • Javascript enabled
  • Edge/Chrome/FireFox/Safari/Opera (latest released version)
  • 16GB RAM

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support can be accessed by phone, dedicated email support account, and through an online 24/7 Support Portal. The Support Portal is a web application used to log, respond to, and monitor support tickets. Support tickets are individually assessed and assigned a Priority Category. The category will relate to the impact of the problem. Calls are answered within seconds (no call-waiting or queues). We will diagnose the issue with the caller and log it on the Portal. We are contactable by email and our support inbox is continuously monitored during business hours, with a guaranteed maximum response time of 30 minutes.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: User & Technical Support:; User Support provided by phone during Office Hours (Monday to Friday 0800 to 1800 exl Public Holidays), via a 24hr Support Portal and a dedicated support email account. Out-of-hours Technical Support also provided by phone.; ; Monthly Support Call:; We provide scheduled monthly support calls with a dedicated Support Account Manager. ; ; Gartan Forum: ; The Support Portal forum allows clients to share product ideas and receive feedback/input from peers. Popular ideas will be added to our Product Road Map.; ; Contract Performance Review: ; This annual meeting will take place between the Gartan CEO and a designated member of buyer's FRS Senior Management Team. Used to discuss Gartan’s performance regarding their contractual obligations. ; ; User Group Meeting:; We host a User Group Meeting (UGM) for our UK clients every 12 to 18 months. It includes a series of workshops that provide opportunities for delegates to discuss their future needs with their peers and the Gartan Team.; ; Gartan Strategic User Group: ; The Strategic User Group (SUG) group facilitates collaboration between Gartan, your, and our other FRS' key strategic decision makers. The associated Focus Groups are opportunities to identify and discuss common requirements.; ; Note: There is no additional charge for our Support Services.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: After the contract is signed, we will assign a dedicated Gartan Project Manager. We will meet with the client’s key stakeholders to identify their system configuration requirements, the associated data-gathering process and their preferred system deployment timeline. On the basis of these requirements, we will create a Project Plan for the system deployment based on the Agile Framework. ; ; The on-boarding process is monitored via weekly Project Management Reviews between the relevant Project Managers. In addition, the client is appointed a Key Account Manager who will meet with the relevant client representative on a monthly basis during and after the on-boarding process. We will also facilitate a quarterly Service Review meetings (based on the SLAs) between the Gartan CEO and the relevant client stakeholder.; ; User Training:; During the implementation phase we provide a minimum 8 hours of in-depth "Train the Trainer" options for System Administrators and Firefighters & Managers. We will schedule a series of optional training sessions, each focusing on a specific solution area of interest. The training is cascaded throughout the organisation. We also provide trainees with exercises and tasks they can work on during or following the training session.; ; Note: User Training costs listed in the Pricing Sheet.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • MP4 Video
  • PDF
  • Microsoft Word
• End-of-contract data extraction: If the client opts not to renew a contract, the Off Boarding process will begin. The service will continue to operate as normal until midnight on the final day of the contract. At that point, Gartan will switch off the service and begin the process of exporting the system data that is not accessible via the APIs, into a suite of CSV files. This process will vary depending on the data required by the client, but it typically takes 40 hours. ; ; Note: The Data Extraction hourly rate is detailed in our Pricing Sheet.; ; When the data has been extracted all personal data is disposed of in a way that protects the rights and privacy of data subjects and prioritises the protection of the personal data at all times. (When data is deleted on Azure, Microsoft follows strict standards for overwriting storage resources before their reuse.); ; In addition, within seven days of the contract end date, the client will destroy all Gartan-supplied documentation relating to the software and they will confirm in writing to Gartan that this has been done.
• End-of-contract process: As described above, if the client opts not to renew a contract, the Off Boarding process will begin. The service will continue to operate as normal until midnight on the final day of the contract. At that point, Gartan will switch off the service and begin the process of exporting the system data that is not accessible via the APIs, into a suite of CSV files. This process will vary depending on the data required by the client, but it typically takes 40 hours. ; ; Note: The Offboarding hourly rate is detailed in our Pricing Sheet.; ; When the data has been extracted all personal data is disposed of in a way that protects the rights and privacy of data subjects and prioritises the protection of the personal data at all times. (When data is deleted on Azure, Microsoft follows strict standards for overwriting storage resources before their reuse.); ; In addition, within seven days of the contract end date, the client will destroy all Gartan-supplied documentation relating to the software and they will confirm in writing to Gartan that this has been done.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Web Application is the comprehensive application and is typically used by System Administrators and Managers to administer all aspects of the rostering process including creating new rosters, managing user access and setting leave allowances.; ; The App offers a subset of the system functionality and is typically used by Operational Staff (e.g. firefighters) to view their rosters & leave balances and submit annual leave and other associated worktime-related requests. It is alco used to view worktime logs, view and process Overtime Offers, create and manage Shift Swaps and to view and process Additional Shift Offers & "Recall to Duty" requests.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: If the user is already logged into any of the integrated Gartan modules, they are not required to log into the Roster Management module (Single-Sign-On). Alternatively, users log into the Roster Management web application via the login page. They can choose their 'landing page' option including 24hr, 1-week and 1-month roster views. Administrators have full control of the application. They can manage booking types, shift types and minimum staffing requirements. These features are accessed via the "Admin" menu which, along with the "Activities", "Real Time Crewing", "Map", "Timesheets" and "Reports" sections are accessible from the page header bar.
• Accessibility standards: None or don’t know
• Description of accessibility: Our principle development and design guidelines focus on making content accessible to the widest range of users including people with disabilities, incorporating vision, hearing, literacy & cognitive limitations. For example: text colour options, background colour options, resizable font up to 200% without any loss of functionality, the use of symbols and numbers (e.g. to reference Day/Night), consistency in UX design for continuity purposes, consistency in language/terms/labels, optimising legibility (re low-vision & dyslexia), minimal-text design strategy, video and text training & tutorials, apps with dyslexia-friendly fonts automated App text accessibility options and apps compatible with on-device screen readers.
• Accessibility testing: None.
• API: Yes
• What users can and can't do using the API: The Gartan REST API is a suite of services that can be used to programmatically retrieve and analyse data from the Gartan applications. Before you start using the Gartan API you must first create an API key which will authenticate all requests. For added security, we recommend you add the IP addresses or address ranges that will be used to access the API.; ; Responses will be a RequestResult object, with the Data field containing the requested information. This may be a string or an array of objects.; ; Standard Response:; The RequestResult will be returned in either JSON or XML format depending on the data type specified. It contains an integer status code indicating the success or failure of the request, along with a data field if there is information to be returned, and a message field. ; ; Authentication:; These methods are used to sign in to the API, retrieve the API key, and to log out of the API. The API key provided here will be passed to all other calls to the API.; ; GetAuthToken:; This method has the same function as GetAuthenticationToken, but does not require the authentication details to be passed in the query string, instead using basic authentication.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: System Administrators have full control of the Payroll Management application and users can typically manage most, or all, of their payroll requirements using our solution and its comprehensive suite of administrative tools. However, some clients may require some form of system customisation. We do not have a limit on the amount of customisation but we do work with the buyer to identify ways for them to address their needs using the solution in its current form. That is the most time and cost-effective way for the organisation to deploy the Payroll Management solution. ; ; Note: Our System Customisation hourly rate detailed in our Pricing Sheet.

Scaling

• Independence of resources: We guarantee 99.95% uptime and the appropriate system performance because our solution is duplicated on two Virtual Machines (VMs) with traffic directed via an Application Gateway, Web Application Firewall (WAF) and load balancers. Scheduled maintenance updates, for example, are conducted per machine, with traffic being directed to the second VM for the duration of the maintenance. Traffic is then directed to the first VM for maintenance on the second VM. ; ; We monitor our client base and Support Team to help ensure that our Support Service is suitably scaled to continually deliver the most efficient support processes.

Analytics

• Service usage metrics: Yes
• Metrics types: We use Azure Monitor to monitor our application performance and provide monthly metrics reports to the buyer. Including:; ; CPU Percentage: The average CPU used.; ; Memory Percentage: The average memory used.; ; Disk Queue Length: The average number of read/write requests that were queued in storage. (FYI, a high disk queue length is an indication that the application might be slowing down.); ; Application Response Time: The time taken for the application to serve requests in seconds.; ; We also offer a comprehensive suite of performance metrics including, for example, progress KPIs for each ongoing Support Ticket.; ; Note: No additional cost for these metrics.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: At the end of the contract, Gartan will switch off the service and begin the process of exporting system data that is not accessible via the APIs, into a suite of CSV files. This process will vary depending on the data required by the client, but it typically takes 40 hours. ; ; Note: The Data Extraction hourly rate is detailed in our Pricing Sheet.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Gartan solution availability is 24/365 with the exception of planned downtime for new releases. We host our solutions on Microsoft Azure (UK Data Centres) and a Service Credit is applicable if the Gartan application is not available on the hosting environment for a minimum 99.95% of the time in a given month. Gartan has an SLA in place with Microsoft that entitles Gartan to a Service Credit if the uptime metric is not met. The credit is based on the associated monthly Azure hosting fees. Any applicable Service Credit will be passed on to the client. The Monthly Uptime Percentage is calculated using the following formula:; ; Monthly Uptime % = (Maximum Available Minutes-Downtime)/(Maximum Available Minutes) x 100; ; A major outage directly caused by the Gartan module will also entitle client to a Service Credit. A major outage relates to either a “Critical” issue or a “High” issue as described in this SLA that lasts minimum 24 hours and has been created solely by the Gartan software. (Note: Gartan will agree with client the shortest timeframe to resolve all 'Critical' & 'High' issues.) ; ; This Service Credit calculation would be: ((Module Annual Licence Fee / 365) * Number of 24hr outage periods).
• Approach to resilience: Information is available upon request.
• Outage reporting: Our Technical Support Team monitors and processes all updates in conjunction with the client. We work in an Agile development environment and so updates are processed depending on the type of issue and urgency. Planned downtime would be influenced by the buyer's requested changes and/or the urgency of the reported bug in the system. However, we always strive to process batches of updates to ensure minimal downtime for your end users. ; ; The client will always be notified prior to Gartan updating their environments, via the Support Portal, and we would endeavour to conform to whatever documentation and approval procedures are required by your Operational and ICT stakeholders. These include, for example, scheduling updates with a minimum 14 days’ notice. ; ; The documentation would include, planned update start and finish times, details of files and services updated, name and contacts of person performing the update, reasons for the change, expected outcomes and back-out plan. ; ; Exceptions that may occur are short-notice emergency bug fixes. In the unlikely event of unscheduled downtime, we will immediately contact the client, via the Support Portal, with an update and maintain communication with status updates and resolution timescales until the issue is resolved.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Identity & Authentication: Governance is overseen by our Chief Technical Officer who owns the Azure subscription account. No processes are subcontracted by Gartan or data sent to third parties. Access is restricted to Gartan Support Staff and Developers by using Azure role-based access control (RBAC) to manage who can access the Azure platform. Each role defines the resources and restrictions that each person can access. This is assigned by the subscription owner (i.e. the Chief Technical Officer) and co-administrators.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 25/3/2022
• CSA STAR certification level: Level 2: CSA STAR Attestation
• What the CSA STAR doesn’t cover: None. The scope of the CSA STAR Certification is aligned to the scope of the ISO/IEC 27001 information security management system (ISMS) supporting Azure, Dynamics 365, Power Platform, and select Microsoft 365 cloud services.
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our Security Governance process revolves around two key elements: Data Protection and Staff Vetting. When our staff are accessing a client's live site (i.e. the client's data) they must get an access code from the Technical Support Team. They first submit a ticket describing in detail why they need access to the site and how long their access session will last. If they require a copy of the database (for issue investigation), the Technical Support Team who will download and scrub the database before releasing it to the staff member. Note: All Gartan staff are vetted during the recruitment process.
• Information security policies and processes: The Gartan Information Security Policy covers all aspects of how we identify, secure, manage, use and dispose of information and physical assets and acceptable use protocols, remote access, passwords and encryptions. The policy is available upon request and it relates to all staff within the organisation.; ; Information security is the protection of the information and data that Gartan creates, handles and processes in terms of its confidentiality, integrity and availability from an ever-growing number and wider variety of threats, internally and externally. We are committed to preserving Information Security of all physical, electronic and intangible information assets across the business, including, but not limited to all operations and activities.; ; We aim to provide information and physical security to protect customer, employee, third-party and client data, preserve the integrity of the company and our reputation, comply with legal, statutory, regulatory and contractual compliance, ensure business continuity and minimum disruption, and minimise and mitigate against business risk.; ; The Data Protection Officer (DPO) has the overall responsibility for the governance and maintenance of our information security procedures and they review our policy annually to ensure this it is still fit for purpose and compliant with all legal, statutory and regulatory requirements and rules.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Gartan uses the .NET development stack for our applications. Using these coding libraries provides us with existing, proven features to facilitate development in security related areas including encryption, input sanitation, connection string management and authentication. Our applications are deployed to Windows Servers. When a new version of Windows Server is released, our applications are fully tested with the new version to ensure compatibility. Our internal process is to ensure that all VMs are upgraded to the latest version within 6 months of release. Azure SQL is fully managed by Microsoft so is always running on the latest version.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Microsoft Defender is used to provide weekly assessments of SQL, Network and VM vulnerabilities against a baseline of regulatory standard compliances. It means our Technical Support Team can monitor and report on threat protection capabilities, providing a real time overview of any security vulnerabilities and updates that may be required on our host servers. Windows updates to VMs can be applied without a restart. (If a restart is necessary then the load balanced servers will be updated separately so that there is no downtime required.) If critical vulnerabilities are found, then we aim to patch the software within 24 hours.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Gartan utilises Microsoft Defender for Cloud to monitor the security state of all our resources across our Azure network. This provides a real time overview of any security vulnerabilities and updates that may be required on our host servers. Microsoft Windows updates to VMs can be applied without a restart, but should a restart be necessary then the load balanced servers will be updated separately so that there is no downtime required. If any critical vulnerabilities are found in our software, then we aim to patch the software within 24 hours.
• Incident management type: Supplier-defined controls
• Incident management approach: Users can report an incident (e.g. outage, potential data breach) by phone or via the Support Portal, 24/7. When a security breach is identified, it is reported to the CTO and our breach procedures are immediately initiated. If it is regarded as a data breach involving personal/sensitive data, it is reported to the DPO/Compliance Officer. In all cases, measures are immediately taken to contain the breach. ; ; A Security Incident Form is completed after security incident, regardless of severity or outcome. Completed forms are logged in the Security Incident Folder and reviewed against existing records to ascertain any patterns or recurrences.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  Gartan considers ahead of any commissioning, bidding or tendering process, how the economic, social, environmental and cultural well-being of the region may be improved through the procurement of goods, works and services as part of the Public Services (Social Value) Act 2012 and the Well-being of Future Generations Act (Wales) 2015 and the Procurement Policy Note (PPN) 06/20 .; ; We recognise that this is not the first such policy, and it will not be the last, and that it will be revised and refined as we continue along our Social Value journey. We hope that embedding Social Value into our working processes will bring significant benefit to the communities across the United Kingdom by delivering a social return, wherever possible, on every pound we spend, or customers spend with us.; ; At Gartan we like to support local people, local communities and local business but due to the nature of the environment we work in are also used to communicating with our clients and employees remotely and at the same time reducing our carbon footprint by minimising unnecessary travel. ; ; We offer online placement opportunities for students from local colleges or schools in the area of and for the duration of the contract. ; ; To support safer community we deliver online presentations to community groups highlighting the dangers of, and the actions that can be taken to prevent, Cyber Crime. Our key social drivers are, "Putting people first", "Supporting local communities" and "Reducing our C02 emissions".

  Equal opportunity

  We have a comprehensive and ongoing in-house training programme which all staff are required to undertake. It covers all aspects of our operation and company policies including, for example, Cyber Security, GDPR/Data Protection and Health & Safety. A key element of the training programme, however, is our Equality, Diversity & Inclusion programme. It focuses on our responsibilities in this regard and promotes the Company’s vision and strategy to ensure that all staff members are aware of the need to treat our customers, suppliers and staff in line with our Equality, Diversity & Inclusion policy.; ; Each staff member trains for five days per quarter covering the company’s key policies and operational needs. However, our Equality, Diversity & Inclusion programme is an annual event attended by all staff. For example, in November 2021 we ran an online seminar for our 24 staff discussing the benefits that our programme can bring to the workplace and society. It focused on the different qualities and characteristics that make up diversity such as personality traits, culture, neurodiversity, LGBTQ+ and mental health

Pricing

• Price: £27,495.00 a licence
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@gartantech.com. Tell them what format you need. It will help if you say what assistive technology you use.