Computer Application Services Limited t/a Workpro

Workpro HR and Employee Relations case management software

Track, resolve and report HR cases, HR investigations and employee relations cases in one secure system. 24 configurable case types including Disciplinary, Grievance, Sickness, Absence and Performance. Clear process steps, templates and targets. Compliant, consistent case handling. Reporting and performance monitoring improves control and analysis. Integrates with main HR systems.

Features

• 20 configurable HR and Employee Relations case types
• Multiple-channel case capture
• Document Management
• Alerts and Reminders
• Auto-populated templates
• Case and Task Ownership
• Reporting and Analysis
• Performance monitoring
• Quick and Advanced search
• Access and audit, user admin tools and data protection

Benefits

• Everything in one place improves case coordination and eliminates duplication
• Matches policies ensuring consistency and fairness in investigations and resolution
• Templates reduce errors, save time and ensure professional correspondence
• Team can see advice given to date and answer quickly
• Reliable data collection and meaningful categorisation feeds accurate reporting
• Clear workflow ensures law and process is followed correctly
• Notifications and alerts ensure vital information and deadlines aren't missed
• Chronological audit trail guarantees full accountability and transparency
• Management reports are easily generated from standard reports library
• Case status and team performance monitored in real time

£975 a user a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@workpro.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

512398088513577

Contact

Ken Naismith
0131 449 7071
gcloud@workpro.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: Much of Workpro’s functionality is accessed from a web browser. Workpro supports the following: current versions of Microsoft Edge and Google Chrome. Workpro also supports the creation of Microsoft Word documents, which can be edited and saved directly back into Workpro using the following: Microsoft Office 2010 (32-bit version) or newer. You may also require a PDF viewer tool. Any application capable of reading PDF documents can be supported (Adobe Acrobat / Microsoft Edge / Google Chrome). We offer an optional Workpro PDF editor module which allows you to save changes to PDF documents directly back to Workpro.
• System requirements:
  • Microsoft Edge; Google Chrome
  • Microsoft Office 2010 (32-bit version) or higher
  • PDF tool such as Adobe Acrobat
  • PDF tool such as Microsoft Edge
  • PDF tool such as Google Chrome
  • Optional Workpro PDF Editor available as module

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We aim to respond as soon as possible, with standard response commitments as follows: Priority 1 within 1 hour (system non-operational and affects more than 50% users). Priority 2 within 4 hours (system non-operational and affects minority of users). Priority 3 within 4 hours (identifiable fault but system still operational, minor faults and advice). Priority 4 within 8 hours (cosmetic issues which do not affect the operation of the system). Priority 5 within 5 working days (system enhancements, new and additional features). Standard working hours are Mon-Fri 9am-5pm GMT but out of hours support is available.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We operate an ITIL compliant support operation including manned help desk with backup technical resource as required. • 24/7/365 online support portal, for logging/monitoring issues, requests and billing Support is available by email/telephone through our helpdesk • Remote support can be carried out via dedicated link. • Workpro is an evolving product with one annual system upgrade • Standard Workpro application support hours are Mon-Fri 9-5, excluding Christmas and New Year. Our response times are based on 6 priorities: Priority 1 system non-operational and affects majority of (>50%) users with a target of resolve < 5 hours Mon-Fri. Priority 2 system non-operational and only affects minority (<50%) of users with a target of resolve in < 12 hours. Priority 3 identifiable fault but system still operational , minor faults and advice with a target to resolve in < 30 days. Priority 4 cosmetic issues which don't affect the operation of the system with a target to resolve in < 60 days. Priority 5 system enhancements, new and additional features with a target to negotiate resolution. Priority 6 requests for advice with a target to resolve in < 10 days.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As standard, the Workpro Implementation Team will set up a client instance of Workpro on the Workpro Private or Public Cloud and will ensure client specific security settings are in place. Additional modules, customisation, support, integration and migration services can be purchased with Workpro. ; While Workpro is designed to be intuitive and easy to use, we recommend training on the system to ensure that your organisation can use it to best advantage. Our Standard Training Package includes training for Users, Train the Trainer, System Administrators and Report Writers. This is delivered online in manageable chunks, with notes and recordings provided. A Workpro User Guide is supplied with the system and is accessible by a help link on screen.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: We would provide client data in the form of a spreadsheet when the contract ends. We would also transfer any stored documents to a client drive.
• End-of-contract process: 1 month's notice is required, during which time service deprovisioning will be done.; Data and document extraction would be included in the price of the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Workpro has a responsive design so it can be accessed from any mobile device.
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: Workpro is a responsive web application, and is therefore accessible from any web-enabled device.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: We perform accessibility testing internally as part of our development process. Workpro contains an accessibility statement which is updated to reflect the latest findings of accessibility reviews and testing.
• API: Yes
• What users can and can't do using the API: The Workpro API interface is designed for access by a client website and provides functionality to support the creation of Workpro cases. Additionally, it allows users to upload one or more supporting pieces of documentation and associate them with a case. Workpro web services are typically hosted in one of two configurations: Within a separate application hosted inside a Workpro application or as a completely separate web site hosted in IIS.; Access to the services is normally limited by a firewall to specific source networks or addresses, to prevent unauthorised use. Other security mechanisms can be added depending on requirements. It is implemented as a set of WCF services configured to communicate using the WS-I Basic Profile1. This specification uses WSDL to define services and a version of SOAP for communication. To access and consume the services you should be able to use any programming language or tool which supports access to web services using SOAP.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Administration tools allow many aspects of the solution to be maintained by authorised users with the required access level and appropriate training. Authorised users can make changes for example to look-up lists, data categories, fields, document templates, targets, thresholds and alerts, user permissions and some file management and data retention activities.; The Workpro team are also available to support customisation should clients require or prefer it . We also provide integration (e.g. with your HR/Payroll system) and data migration services as required.

Scaling

• Independence of resources: Each application has a separate application pool / database so that resource allocation can be profiled and allocated according to expected usage. Overall performance of the system is monitored by checking response times and resource usage. Where necessary, additional resources can be allocated.

Analytics

• Service usage metrics: Yes
• Metrics types: Support service metrics can be viewed on the Workpro online support portal. • Colour coded Issue List shows priority and status • Billing dashboard shows contracted hours used and how many remain • Reporting dashboard shows e.g. issues raised, closed or currently open. If the Usage Based Licencing model is chosen, monthly user login reports determine how many users have logged in that month. An invoice will be produced based on that number. A user will be defined as a named individual and usage will be defined as the initial login for that named individual in a calendar month.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported from reports to other applications and formats, e.g. Excel, Word, PDF.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel
  • HTML
  • PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • CSV
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We guarantee service availability of 99.9% within a calendar month and offer a refund of licence fees for periods where the service isn't available.
• Approach to resilience: Available on request.
• Outage reporting: Email alerts are sent to our support team if the service isn't available

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Administrator accounts are not granted permissions to access case data within the system. Access to servers is via named accounts and is monitored.
• Access restriction testing frequency: Less than once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LRQA Limited
• ISO/IEC 27001 accreditation date: 25/11/2023
• What the ISO/IEC 27001 doesn’t cover: The CAS ISO27001 certification scope covers the service provided directly by the organisation, i.e. the software processing and storage environment, and development and administrative systems in place to support this. It also covers secure delivery of case management from our two UK data centre locations, which are managed by our cloud hosting partner.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: As an ISO 27001 certified organisation, CAS has a fully documented ISMS (Information Security Management System) which includes the following policies: CAS Information Security Standard, CAS Information Backup Procedure, CAS Logical Access Security Standard, CAS Risk Assessment and Treatment Procedure, CAS Physical Security Guidelines, CAS Site Security Instructions, CAS Data Protection Procedure, CAS HR Security Guidelines. Copies of policies are available on request. The CAS Chief Executive Officer is responsible for overseeing the high level co-ordination of Information Security Management within CAS. CAS has an Information Security Forum who meet regularly and are responsible for ensuring policies are followed, consisting of:; • CAS Chief Technical Officer; • CAS Information Security Manager; • CAS Business Relationship Manager; • CAS Quality Manager.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our change management process is included within the scope of our ISO9001 accreditation.; At the start of a customer project a baseline specification is created. Changes to this are managed via a formal change control process with customers required to approve any changes to this specification.; Core product changes are managed using an agile process. A specification for the core product is checked in to our source control system which describes the version at that revision.; Configuration changes are managed in the same way and deployed using an automated build for removing variability from deployments.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: CAS assign information processing assets to individual owners within the organisation, who are responsible for assessing risks and mitigation steps applicable to these assets. The Workpro application can be patched with very little notice: there is no specific timetable for such updates as the priority depends on the nature of any vulnerability. Regarding information on potential threats, Workpro is subject to constant review during development and installation. Additionally external penetration tests have been arranged and can be repeated if required.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The Workpro environment is subject to constant ongoing monitoring by an industry standard tool which can report failures or other incidents to responsible staff. These monitors are run from a range of systems, including externally hosted servers. Any incident is subject to review, discussion and escalation with an experienced team in place to identify and address issues. Since reporting is real time, the response to any incident can be immediate.
• Incident management type: Supplier-defined controls
• Incident management approach: CAS has a documented incident reporting process that includes action steps to handle critical incidents, up to and including large scale business continuity issues. CAS maintains a robust reporting system, accepting inputs from internal and external sources. Incidents are recorded in a formal database and are treated according to priority and impact. Failures that impact on user access or data can result in a formal report including details of actions taken, and any steps proposed to prevent or mitigate further incidents.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  • Our hosting platform uses 100% renewable energy to power their data centres and supports an initiative to convert waste heat into energy.; • Workpro includes a file management tool that promotes the timely removal of data and files. A robust document management regime reduces unnecessary e-storage and associated cloud infrastructure emissions, while promoting best practice data protection. ; • Workpro enables organisations to move to more ‘paperless’ ways of working with the ability to send and receive correspondence electronically. ; • We have ISO 14001 certification which helps us promote team awareness and action in reducing our environmental impact.

  Covid-19 recovery

  • Covid-19 saw an increase in enquiries from dispersed teams struggling to maintain visibility of caseload activity, with data security concerns about the use of multiple devices in remote locations. Workpro is online software that enables new ways of working as it ensures teams can collaborate efficiently on cases wherever they are, with data stored centrally in a system with robust security measures.

  Tackling economic inequality

  • We have invested heavily in cyber security monitoring for all Workpro systems. All Workpro hosted systems benefit from a fully Managed Security Service (iMMS). iMMS uses artificial intelligence (AI) and next generation cyber security tools, combined with 24/7 monitoring by cyber security experts, to identify and ensure protection from threats. ; • Workpro tools help caseworker teams deliver better service to their customers with reduced case turnaround times and consistent responses. Workpro reporting gives management teams the ability to analyse and learn from case data so they can identify product and service improvements, and address any systemic issues.; • Scotland is experiencing a skills shortage in software development. Our team continues to grow and our new hybrid way of working has enabled us to recruit software developers and project managers from other areas of the UK. ; • We regularly invest in staff training, including funding courses for recognised qualifications. Recent examples including funding the achievement of Professional Diploma in UX Design for our UX Designer, and an Open University Project Management course for one of our senior developers.

  Equal opportunity

  • We have a long-standing Equality Policy and taking its natural course recruitment has seen a broad base of nationalities, backgrounds and interests represented in CAS. ; • We are Employee Owned, meaning every employee has a stake in the business either directly or via our Employee Benefit Trust.

  Wellbeing

  • Our staff are supported by a comprehensive Employee Assistance Programme with access to medical, legal, and counselling support. ; • All managers have undergone Menopause training and we have an appointed Menopause Wellbeing Champion. ; • The team has undergone DiSC Profiling and training to promote understanding of different communication and work styles and needs. ; • Regular VIP Awards (Values In Practice) recognise commitment to our company values. These are peer group awards, recognition of team members by the team. ; • We support local schools, providing IT equipment and work experience as needed.; • Charitable donations are made throughout the year to employee nominated causes. ; • We operate an employee volunteering scheme, making 2 hours per week/1 day per month available during work time to help their choice of charity.

Pricing

• Price: £975 a user a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Clients are given a login to a trial version. Report Builder is not included with this version. Access is usually for one month, but is negotiable.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@workpro.com. Tell them what format you need. It will help if you say what assistive technology you use.