Peoplewise

Assessment platform + tools - for recruitment + development use cases, for all levels

Assessment platform + tools for selection & recruitment use case i.e. graduates, experienced hires + executives

Assessment platform + tools for talent development programmes i.e. performance, promotion, potential, high potential programmes (HIPO)

180s & 360s assessments (OTS + custom)

Situational Judgement Tests SJTs

Digital assessment centres

Features

• Predict performance, scientific assessments that are valid
• Individual assessments, team assessments and cultural assessments
• Personality and behavioural assessments
• Cognitive ability assessments
• DISC - team assessments
• Culture assessments
• Situational Judgement Tests SJTs
• Assessment centers

Benefits

• Fair, unbiased data insights on people
• Fast, valid and reliable data
• Scaleable SaaS assessment offering
• Team of experienced and qualified behavioural experts
• Self service platform or a Managed service
• Reports aligned to use case recruitment, development, execs etc
• Design assessment experiences to your needs
• Off the shelf of Bespoke assessments
• Speed and cost control
• BPS accredited assessments

£150 to £150 a licence a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at thomas.lucas@peoplewise.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

483563893427496

Contact

Tom Lucas
07710671304
thomas.lucas@peoplewise.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Integration available with ATS or other HRIS systems - based on use case and need - additional costs maybe apply
• Cloud deployment model: Private cloud
• Service constraints: The platform will have regular and scheduled maintenance to ensure we update and enhance our offering. When this happens, you will be updated and informed on when the service will be unavailable. These follow the best practice guidance and will only be down outside core working hours as a time usage is at its lowest e.g. 2 am
• System requirements: Latest web browsers

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: This depends on the priority level of the issue. We have a comprehensive service and support guide to share that details this to set clear expectations. ; ; Peoplewise shall provide email support services during their normal business hours of 0900 – 1700 UK time Monday to Friday, such business hours to exclude public holidays. The support provided by the Service Provider shall relate only to the Products and Enable Platform.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: No
• Support levels: We can provide clients with two options:; ; 1. A self-service platform, one where we have worked in partnership to ensure the set up meets the client need and their use case. Once we have been through UAT, the client can be empowered and trained on the platform to ensure they manage the assessment processes themselves. ; ; 2. Alternatively, we can provide a managed service where we do this for the client at an additional cost.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We will develop a clear and specific on-boarding plan aligned to the clients needs and how they want to deploy the service we offer on the assessments. This typically includes virtual training sessions, that are recorded to be re-visited as needed and unclear user documentation to ensure people using the system are empowered. We do this in partnership with the client, understanding their different stakeholders using the platform and will outline the exact offering in each scope of agreement so it is 100% clear and aligned to their needs.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: An extract will be possible that confirms to the privacy policies in place and compliant with GDPR to ensure the client is able to download their data held within the Enable platform. This will typically be scores on assessments participants have taken.
• End-of-contract process: Once the contract is ended, access to all services and products on Enable cease to be available for the client. ; ; Within 5 Business Days of the termination of this Agreement in accordance with this Clause 19 or the expiry of this Agreement, the Client shall uninstall or otherwise remove any means of access to the Products and Enable Platform including, but not limited to, Client software supplied by the Service Provider for that sole purpose. Immediately following taking such action, the Client shall inform the Service Provider in writing that such action has been taken. [The Service Provider shall have the right to dispatch a representative to the Client's premises for verification purposes.]

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There is no significant different. The assessments have just been designed to be mobile ready for ease of access for participants. Specific advice is given on what device is most suitable based on what assessment is being taken. The participants has choice on what device to use.
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: No
• Customisation available: No

Scaling

• Independence of resources: We work tirelessly to ensure usage is not impacted by volume of use. We have internal policies, procedures and monitoring in place to manage this. We work with vetted and approved hosting suppliers to ensure the load management of the platform is appropriate.

Analytics

• Service usage metrics: Yes
• Metrics types: Usage data on completion rates and in-progress completions for the assessments once participants have started. ; ; There is a whole wealth of data available on the platform and we will provide standard data reports and dashboards.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Never
• Protecting data at rest: Other
• Other data at rest protection approach: We use Amazon RDS to host our databases. Data is encrypted at rest using AES-256, and we use TLS for the connection between our application servers and the database, as well as between clients and the application servers.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: This depends on the who the user is. The client user will have access to their data and assessment scores of their participants through the platform. This can be downloaded into Excel, or can be integrated with another HRIS system (additional fees apply)
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: Other
• Other protection within supplier network: All services and data are managed on cloud services (AWS and Heroku). We do not have an internal network with any services which are used to support data transfer for enable. Our cloud providers manage the underlying operating systems and keep tools such as openssl up to date to use the latest cyphers or TLS versions.

Availability and resilience

• Guaranteed availability: The Service Provider shall provide access to the Products through the Enable Platform and shall use its best and reasonable endeavours to ensure that such access is available, without interruption, 24 hours a day, 7 days a week, 365 days a year.; The Service Provider shall provide email support services during their normal business hours of 0900 – 1700 UK time Monday to Friday, such business hours to exclude public holidays. The support provided by the Service Provider shall relate only to the Products and Enable Platform. Any problems which are related to Client Computer Systems must be resolved by the Clients own support staff.; ; When seeking support the Client shall use its best and reasonable endeavours to provide the fullest information possible to aid the Service Provider in diagnosing any faults in either the Products or the Enable Platform.; The Service Provider shall aim to resolve all support problems within 2 Business Hours or as soon as possible thereafter where resolution in that time is not possible.; Whenever possible, the Service Provider shall provide a workaround solution to the Client to enable the Client's continued use of the Service; ; The Service Provider makes no guarantee of resolving the problem.
• Approach to resilience: This information and data is commercial sensitive, yet available upon request
• Outage reporting: Incident Management; P1: Response within 4-hours, a full-time person immediately assigned to the issue with updates every four hours thereafter. Most P1 issues would be hosting-related and we will liaise with the hosting provider.; P2: Response within 8-hours, updates every 24-hours thereafter.; P3/4: Response same day and estimates for work involved to fix within 10 working days.; ; Priority Definition; P1; • Critical fault, complete loss of service; • Service is inoperative (i.e. continuous website transaction failures); or; • 5% or more of aggregate transactions on a microsite within a six hour period failing; • Number of users impacted is more than 5; P2; • Faults that do not constitute a P1;; • Website is alternately functioning and not functioning; or alternately functioning properly and improperly, leading to website transaction failures; or • Up to 5% of transactions on a site are failing within a six hour period.; • Number of users impacted is less than 5; P3; • Non-urgent or cosmetic problem that is not a P1 or P2 and where a workaround is available.; • Operational / Reporting errors; P4; • A request for information or query. Including:; • Basic questions; • Cosmetic issues; • Automated alerts / errors

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access restrictions are user name and password enabled to access the management interfaces on our assessment platform called Enable. New administrators can be added to the platform via an existing administrator.; There are password restrictions when creating new admin users - Password must be at least 8 characters long & must contain uppercase, lowercase, numbers & symbol character.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Security governance at Peoplewise encompasses the establishment and upkeep of a robust framework, policies, procedures, and practices to ensure that our information security aligns with required standards. We maintain and follow internal policies including the Cyber Security Policy, Data Privacy & Protection Policy, Information Security Policy, and Business Continuity Plan. The copies of these policies can be made available on request.
• Information security policies and processes: The Data Protection Officer and the IT Manager are responsible for ensuring that all other data processing systems and methods are assessed and deemed suitable for compliance with the Company’s security requirements;; ensuring that data security standards within the Company are effectively implemented and regularly reviewed, working in consultation with the Company’s senior management. ; The IT Staff are responsible for providing support and training on IT security and system usage; establishing and implement IT security procedures, promoting user awareness; supporting the IT Manager in monitoring security and implementing Policy changes.; ; Peoplewise Information Security Policy, that outlines information security policies and processes, can be made available upon request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All changes to the codebase require review of the changes by a senior development team & an approval. We ensure entry points to the application are scoped correctly based on the usage of the application and have the appropriate unit tests, which are required to pass before the code can be reviewed/deployed. There will also be a full QA of the changes on separate staging environment, before the changes are deployed to production environment.; Deployments and PaaS environment changes are performed by a dedicated operations team with 2FA enabled administrator credentials. All production access is mandated by 2 team members.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our PaaS providers regularly update their platforms and patch where a security threat has been confirmed. ; We use Django as the framework for building out the web application. We monitor all security releases posted by the Django organization, assess the impact (based on criticality and impact to the application) and patch the versions of Django where required.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Monitoring in place on our PaaS to highlight issues around traffic on the application and elevated levels of failed requests. We also create request and application-level logs which are stored for a period of 1 year; ; We have a clear policy and procedures on this and how we with the prioritisation of issues raised by clients.
• Incident management type: Supplier-defined controls
• Incident management approach: Please refer to the SLA document attached to outline how we manage this

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Covid-19 recovery

  Like all organisations, we learned from the Pandemic and put robust plans in place to help our recovery and ensure we could serve our clients and look after the well-being of our staff and employees.

  Tackling economic inequality

  We are a fair-wage certified employer, so we take this seriously. Furthermore, our business is in the business of talent, so making the playing field more inclusive and equal is what we do, day in and day out so individuals can reach their full potential. So we have the right ethos, policies and processes in place to ensure our people, the key to our business have opportunities to thrive at work.

  Equal opportunity

  As outlined above, our business is in the business of talent, so making the playing field more inclusive, fair and equal is what we do, day in and day out so individuals can reach their full potential. So we have the right ethos, policies and processes in place to ensure our people, the key to our business have opportunities to thrive at work, with the right opportunities without barriers. DE&I is a key focus for our business and we look to understand this the lens of data.

  Wellbeing

  Again, our business is in the business of talent, and the well-being of our people is key to our success as an organisation. We have developed our own model and approach to this that we offer to clients. We also adopt this internally to ensure we help people build a positive resilience mindset with the x7 pillars of the positive resilience model we developed after 10+ years of research. This puts in the right conditions so people can Thrive at work.

Pricing

• Price: £150 to £150 a licence a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at thomas.lucas@peoplewise.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.