Eploy

Eploy Applicant Tracking System & Recruitment for Local Government

Eploy Applicant Tracking System is the complete ATS Talent Acquisition platform for NHS, Central Government, Local Authorities, Education and the Public Sector. Eploy combines Applicant Tracking System, Talent CRM (Candidate Relationship Management), Talent Pools, Onboarding , Analytics and careers site with integrations for IDVT, HRIS, assessments, background checking and multi-posting

Features

• Job requisition & approval management
• Talent pooling & pipelines
• Candidate attraction, recruitment marketing & job posting
• Candidate relationship management & talent nurturing
• Applicant tracking system (ATS)
• Recruitment process workflows & optimisation
• Candidate assessment and video interviewing
• Job offers, onboarding & electronic signatures
• Recruitment analytics & dashboards
• Compliance features for GDPR & name-blind hiring

Benefits

• Accelerate your time to hire
• Reduce your cost of hire
• Enhance your candidate experience
• Improve your quality of hire
• Communicate your employer brand
• Build and nurture talent pools
• Manage your PSL vendors efficienty
• Improve your employee on-boarding
• Measure your recruitment processes in real-time with Eploy ATS
• Reduce unconscious bias with name-blind recruiting

£700 an instance a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bruce.groves@eploy.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

515080416351246

Contact

Bruce Groves
0800 073 4243
bruce.groves@eploy.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Planned maintenance is carried out of core hours and have no downtime. Version Updates (typically 2-3 version updates a year) are also carried out of core hours and are coordinated with the customer.
• System requirements: Standard web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Eploy has a standard SLA with 6 priority levels ranging from P1 (system down) to P6 (future roadmap request). Each has a response time and resolution time, with customer satisfaction also tracked. These KPIs are reported back to the customer. ; P1 response 2 hours, resolution 4 hours; P2 response 2 hours, resolution 1 day; P3 response 8 hours, 2 days; P4 response 8 hours, 5 days; P5 response 2 days, next Eploy version/patch; P5 response 5 days, next Eploy version/patch
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Chat facility is provided by a 3rd party tool which has undergone accessibility testing.
• Onsite support: Yes, at extra cost
• Support levels: Eploy has an Uptime Guarantee of 99.9% with service credits dropping below this level. Both technical and user support is provided as standard, via email, chat and phone during normal business hours, which also includes 24/7 access to the Knowledge Base and 24/7 emergency out of hours call handling service (see SLA for details). Additional support for Hiring Managers and/or Candidates is available at an additional cost.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Eploy provides both onsite and online training. Eploy also has a dedicated training facility at the company's headquarters in Kidderminster. Full user documentation is also provided and training videos are available 24/7 within Eploy's online support centre. Eploy provide a standard implementation service to ensure the successful on-boarding of new customers - this is based on Eploy's proven Implementation Methodology.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: At the end of the contract Eploy can provide the customer with a full data backup as per Eploy's back-up policy and Customer Exit Plan.
• End-of-contract process: Eploy provides a Customer Exit Plan to all public sector customers which is designed for a smooth transition of services. ; (a) all licences and access to the Services granted under this agreement shall immediately terminate; (b) each party shall return and make no further use of any equipment, property, Documentation and other items (and all copies of them) belonging to the other party; (c) Eploy may securely destroy the Customer Data in its possession unless Eploy receives, no later than 10 business days after the effective date of the termination of this agreement, a written request for the delivery to the Customer of the then most recent back-up of the Customer Data. This will be delivered to the Customer in accordance with the Eploy Backup Policy and within 30 days of its receipt of such a written request.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No key differences, Responsive Web Design is used for all Eploy portal interfaces including portals for candidates, hiring managers and recruiters.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Eploy provides browser based user interfaces for all aspects of the clients recruitment journey including core recruiter system and dedicated hiring manager, candidate and agency portals. This includes a Support Portal, where all support tickets can be viewed, and a Knowledge Base, which includes access to help guides and video tutorials.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Eploy candidate portals have been independently verified as meeting WCAG2.1 AA standard by Digital Accessibility Centre. Customers must ensure their own content is WCAG2.1 AA compliant.
• API: Yes
• What users can and can't do using the API: Eploy’s RESTful API is available as a series of components, each designed to help you to create integrations with the Eploy recruitment platform, including:; Applications - including workflows, questions and answers, assessments & feedback and source of application.; Candidates - Integrate with your candidate profile data to create candidate-centric solutions.; Vacancies - Access vacancies, job descriptions, locations and addresses.; Placements - Including offers, placed candidates, costs, salaries, locations, integrates with HR, Payroll and other back-office systems.; Contacts - Work with Contact records, including contact details, locations and addresses.; Companies - Keep internal & external company, department and structure up to date.; Files - Such as CVs, also includes integrating with Eploy documents and e-signatures.; Actions - Exposes actions, outcomes and statuses from your recruitment workflows.; Users - Work with users and permissions to update system user records and create solutions requiring access control.; Access to the Eploy API requires API keys and uses OAuth2 for authentication. Customers can generate API keys within their Eploy System. Each API Key is tied to a specific user record to ensure that keys only inherit and allow access to the data that the tied user record has been granted permissions.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Eploy has many configuration options as standard including drop-down lists, email & document templates, fields, custom workflows and forms (for example screening, application, feedback, surveys etc. Access to configuration options is controlled by granular permissions/privileges.

Scaling

• Independence of resources: We constantly monitor individual customer instance system usage levels, speed, performance (including response times and memory use) this enables us to increase resources proactively for customers with growing usage profile. Webservers are load balanced using a failover methodology to ensure high availability. All load balancers and firewalls also have redundancy built in.

Analytics

• Service usage metrics: Yes
• Metrics types: User metrics (users, logins, activities etc.); Candidate / application metrics (Candidates created, applications, vacancies created etc.); Database size & bandwidth; Emails sent; SMS sent; E-signatures
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Eploy has a data export utility which enables the export of data as CSV and/or XLS. Alternatively a full SQL backup can be provided on request as per Eploy's backup policy.
• Data export formats:
  • CSV
  • Other
• Other data export formats: SQL
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Eploy guarantee a 99.9% uptime service availability level. This availability refers to the Customer's ability to access the Eploy System. Uptime includes the functioning of all network infrastructure operated by Eploy including routers, switches and cabling. Each Customer is responsible for its own Internet access. ; ; Availability does not include Maintenance Events, Customer-caused or third party-caused outages or disruptions, or outages or disruptions attributable in whole or in part to events not within Eploy's control.; In the unlikely event the Customer are unable to access the Eploy System (other than in the event of Maintenance Events, Customer-caused or third party-caused outages or disruptions, or outages or disruptions attributable in whole or in part to events not wholly within Eploy's control) Eploy will refund 5% of the Monthly Fee detailed in the Customer Service Order Form for each 60 minutes of downtime (up to 100% of Monthly Fees payable in any month). ; Eploy System downtime begins when a Customer is unable to access the Eploy System and Eploy has been notified of and has acknowledged such failure to the time the Customer is once again able to access the Eploy System.
• Approach to resilience: Eploy uses UK datacentres to host it's infrastructure. Live data runs across 3 physically separate load balanced datacentres. In the event 1 goes down the others continue to operate as normal. Each database is backed up a further 3 times to 3 other physically separate UK datacentres. Eploy is protected against malicious attacks including DDoS.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: Single Sign On (SSO)
• Access restrictions in management interfaces and support channels: Eploy includes its own user management and privileges system which enables users who have access to the service to be configured. Granular privileges ensure that each user only has access to the features and data they are responsible for. Eploy supports RBAC and user provisioning. ; Access to Eploy's helpdesk and ticketing system is also managed directly through the Eploy interface, ensuring that only customer nominated support users are able to access Eploy support services.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: Single Sign On (SSO)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 10/04/2024
• What the ISO/IEC 27001 doesn’t cover: The above certification covers everything we do at Eploy, in addition our platform is hosted on Microsoft Azure which is also fully ISO 27001 certified
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Eploy is certified ISO27001:2022. Eploy's hosting provider, Microsoft Azure is also ISO/IEC 27001 accredited. In addition Eploy's Information Security Management processes have been certified to the IASME standard and Cyber Essentials Plus
• Information security policies and processes: Eploy’s Information Security Management System has been certified ISO27001:2022 by BSi.; Eploy has developed this Information Security Policy to: ; Provide direction and support for information security in accordance with business requirements, regulations and legal requirements;; State the responsibilities of staff, partners, contractors and any other individual or organisation having access to Eploy’s information assets. ; State management intent to support the goals and principles of security in line with business strategy and objectives. ; Provide a framework by which the confidentiality, integrity and availability of Eploy’s information assets can be maintained.; Optimise the management of risks, by preventing and minimising the impact of Information Security incidents;; Ensure that all breaches of information security are reported, investigated and appropriate action taken where required;; Ensure that supporting policies and procedures are regularly reviewed and continual improvement is maintained to ensure progressive good working practices and procedures ; Ensure information security requirements are regularly communicated to all relevant parties.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes to information resources are managed and executed according to a formal change control process documented within Eploy's ISO certified Change Management and Control Policy (available upon request). The policy includes the change management documentation and risk assessment procedures. In addition, all information assets are controlled in accordance with Eploy's ISO certified IT Asset Management policy.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Eploy runs a monthly vulnerability scan, testing our internet infrastructure and supplies us with the information we need to maintain security and eliminate vulnerabilities. The tests include a full TCP and UDP port scan to identify available services on each responding host. Each service is tested for information leaks, configuration errors and potential vulnerabilities. In addition, Cloudflare is used to protect against Zero Day vulnerabilities.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: As per Eploy's ISO certified Information Logging Standard- Eploy supports the formatting and storage of audit logs in such a way as to ensure the integrity of the logs and to support enterprise-level analysis and reporting. Including Microsoft Windows Event Logs collected by a centralised log management system. In addition Eploy proactively monitors infrastructure and systems for anomalies.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents are managed in accordance with Eploy's ISO certified Security Incident and Event Management Procedure. In the event of an actual or suspected incident the incident response team informs the effected customer without undue delay (target of within 24 hours) whilst preventing the incident from escalating and retaining information for post-incident reporting.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity

  Fighting climate change

  Eploy is independently certified as a Carbon Neutral plus orgranisation.; What does Carbon Neutral+ mean?; Being a carbon neutral+ company means we acheieve more than carbon neutrality. In addition to neutralising our emissions, as a carbon neutral+ company we are helping finance new renewable energy projects in vulnerable communities and plant new native trees with local organisations. ; ; Eploy’s carbon emissions have been independently verified by Carbon Footprint Ltd, that gave us a total annual carbon emissions value which we have subsequently offset. ; The calculations included: ; · Offsetting twice as much CO2 as generated by our office/fuel and homeworking; · Offsetting twice as much CO2 as generated by our business mileage & travel; · Offsetting twice as much CO2 as generated by our products emissions; · Offsetting all of our staff commuting CO2; The figures for these have been independently verified and Eploy have chosen the following Verified Carbon Standard Offsetting programmes:; African Biomass Energy Conservation PoA Malawi Biomass Conservation (Gold Standard); ; Reduced Emissions from Deforestation and Degradation In Keo Seima Wildlife Sanctuary (Verified Carbon Standard); Arca Hydro Electric Power Plant (Verified Carbon Standard); Tree Planting in the UK; At a local, UK level, we are additionally planting trees, and although tree planting cannot be counted towards carbon offsetting, it was important to do something closer to home. So, we are planting trees in the UK for every one of our customers.

  Covid-19 recovery

  CSRN was founded in the wake of lockdown to bring together talented students from all over the UK with social impact organisations impacted by COVID-19. CSRN works with established student consultancies to secure and scope high impact management consulting projects with organisations driving social impact in regions impacted by crises.; ; The goal of CSRN is to support as many charities and social enterprises as possible in navigating the challenges brought about by 2020 by bridging the gap between talented students passionate about consulting and social impact organisations in need of support. CSRN has managed to bring about the support of over 120 organisations and looks to continue acting as a platform which connects talented students with social impact organisations in need of support.; In addition to their COVID-19 response, CSRN are also responsible for running one of the world’s largest student-led responses to the Beirut explosion in Lebanon and have recently begun their expansion into Africa targeting their resources first at Rwanda, Zambia, Nigeria & Uganda.; ; To achieve their ambitions, CSRN recognised the need for a cloud-based talent acquisition platform that would enable them to recruit the very best talent from the student population to work on the expansion of their social impact globally. Alongside their global network of leading student consultancies, CSRN has a core team of 60 talented student volunteers whose responsibilities span across business development, with client services working hard to secure and scope high impact projects which cover everything from business strategy to data science and graphic design.; ; Eploy provides free-of-charge access to Eploy’s Applicant Tracking System and Recruitment CRM platform to CSRN, including a web-based careers portal where students can search and apply for current roles as well as join the CSRN Talent Pool.

  Equal opportunity

  Eploy is committed to encouraging equality, diversity and inclusion among our workforce, and ensuring there is no unjustified or unconscious discrimination in the recruitment, retention, training and development of our staff.; ; The aim is for our workforce to be truly representative of all parts of society and our customers, and for each employee to feel respected, included and able to give their best.; ; The organisation - in providing services - is also committed against unlawful discrimination of customers or the public.; ; Support for helping our customers achieve their E,D & I objectives.; Eploy’s recruitment software permits the use of “name blind” applications. Individual names and identifying information are removed from application forms in order to overcome any potential discrimination- conscious or otherwise- in the recruitment process.; ; We feel that there is still a long way to go to ensure equal opportunities in the work place. By offering name blind applications to customers at no additional cost, we are doing our little bit to ensuring work places reflect our diverse society.; Innovative tech: Eploy's Recruitment Content Assistant; Eploy also includes a feature called AdTuner, a Recruitment Content Assistant, designed to help you craft job descriptions and email communications that are inclusive and engaging. ; Based on academic studies, research and Eploy's proprietary algorithm, AdTuner scores your content using a series of tests, including:; Reading Ease; By analysing the structure and language of your content, AdTuner automatically provides you with a Readability score using the Flesch Reading Ease test. Higher scores indicate content that is easier to read.; Gender Bias; Academic studies have shown that masculine coded language may not appeal to female candidates. AdTuner analyses your content for unconscious gender bias, highlighting words and making suggestions that could help your content appeal to a broader range of candidates.

Pricing

• Price: £700 an instance a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Eploy can provide a 30-day trial system (extendable upon request) for prospective clients to test the service before purchase. This includes access to all core system functions and features.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bruce.groves@eploy.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.