Skip to main content

Help us improve the Digital Marketplace - send your feedback

Scomis

Management Information System (MIS, Bromcom) Scomis Hosted Service

Our Scomis Hosted Service is UK private cloud based to remotely host Bromcom. Backup, upgrades and hosting support are all included. Unlimited users for access.

Features

  • UK based Datacentres
  • GDPR compliant hosting
  • UK based support from Education experts
  • Backup & Recovery
  • Fully Managed upgrades
  • Unlimited Users

Benefits

  • Access from anywhere supports remote learning/remote working
  • Cross platform and device independent gives great flexibility
  • Reduced costs vs on premise solutions ensures best value
  • Extended uptime due to high-availability systems
  • Reliable 'always on' infrastructure that's geographically replicated protects your data
  • No local management required reduces administration overhead
  • No server hardware to worry about reduces your on-premise risk
  • All-inclusive pricing
  • GDPR compliant storage and systems ensures alignment with dataprotection legislation

Pricing

£945 an instance a year

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at scomisbids-mailbox@devon.gov.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

5 4 5 1 4 7 5 6 4 5 0 9 9 9 6

Contact

Scomis Customer Relationships and Business Development Team
Telephone: +441392385300
Email: scomisbids-mailbox@devon.gov.uk

Service scope

Service constraints
All modern browsers are supported (current and previous version)
Internet connection required
Scomis maintain the right to perform maintenance tasks or upgrade data. Where possible this information will be published in advance.
System requirements
  • Access to our services requires acceptable levels of internet access/connectivity
  • Active Bromcom subscription for the modules you need

User support

Email or online ticketing support
Email or online ticketing
Support response times
Service Desk Hours

Monday to Thursday
7:30am – 5:30pm
Fridays
7:30am – 5:00pm

Excluding July & August (End of Year)
Monday to Friday
9:00am – 5:00pm
Results download day - A Level and GCSE
7:00am – 5:00pm
Results day -A Level and GCSE
7:00am – 5:00pm

* Outside of these hours you may use all Scomis Delivery Channels to log a call
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Scomis provides a service level agreement (SLA):
Priority 1 - Critical
Whole School Affected
Target Response: 20 minutes
Target Resolution: 2 Hours

Priority 2 - High
User unable to Work
Target Response: 2 Hour
Target Resolution: 6 Hours

Priority 3 - Medium
Unable to perform key time critical tasks
Target Response: 7 Hour
Target Resolution: 8 Hours

Priority 4 - Low
Problem, user still able to perform key tasks
Target Response: 8 Hour
Target Resolution: 3 Days

Priority 1 - We endeavour to respond by telephone to high priority cases, such as a system failure, within 20 minutes of the initial enquiry being logged.

Priority 2 - If you are unable to perform key time critical tasks but are otherwise able to work, we aim to respond to you by telephone within 2 hours.

Priority 3 - For intermittent issues where you are still able to perform key tasks, we aim to respond to you by telephone or email within 7 hours of you logging the enquiry.

Priority 4 - We aim to respond to service requests, such as booking a training course, within 8 hours.

In practice we resolve nearly two thirds of all our cases on first contact.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
1.Service evaluation: We check your school’s connectivity for remote access back to our servers.
2. Pre-migration Preparation: Our team help identify all users who need to access Bromcom
3. Migration: On the agreed date of migration, Scomis liaises with Bromcom to securely transfer the school database to our platform. Migration for a primary school typically takes 1 day, a secondary school typically 2 days.
4. Post Migration: Following the data migration, Scomis runs through checks before the school logs in. We also require the school to perform specific tasks to ensure that all staff are prepared ready for first time access.
5. Completion: After post-migration training has been completed the school will have to confirm users are able to access the service, migrated databases are correct, and printing is accessible which will complete the final processes to sign off the migration.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • Video
  • Knowledge base (MyScomis)
End-of-contract data extraction
Upon contract cessation, expiry, or cancellation, the customers data will be made available for secure transfer. The customer will be responsible for validating the integrity of the data once transferred.
End-of-contract process
Services will cease and access will be removed, customer data is made available for secure download for up to 30 days after contract end.

Using the service

Web browser interface
Yes
Using the web interface
Access to hosted systems are available via a web interface
Web interface accessibility standard
None or don’t know
How the web interface is accessible
The applications provide customisation for accessibility needs at an operating systems or browser level (which include changes to the font size, font and background colour). Accessibility includes font size alteration by standard configuration or browser controls (CTRL and +/-), robustness to use with assistive technologies, such as screen reader, screen magnifier and colour inverting systems that would be essential to anybody needing these methods of access.
Web interface accessibility testing
Testing to ensuring compatibility with screen readers for the service has been completed by the vendor of the software who periodically test their products using web compliance tools
API
No
Command line interface
No

Scaling

Scaling available
No
Independence of resources
The service is actively monitored and any issues with shared services are investigated as a priority with remediation carried out as necessary.
Usage notifications
No

Analytics

Infrastructure or application metrics
Yes
Metrics types
Other
Other metrics
Full service availability at our status portal.
Reporting types
Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • ESS SIMS
  • ESS FMS
  • ESS Discover
  • All hosted customer data
Backup controls
Customers can initiate on demand backups of their SIMS database in addition to our scheduled routines
Datacentre setup
Multiple datacentres
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
Other
Other protection within supplier network
Access to the service is by means of industry standard Microsoft Remote Desktop protocols secures by TLS and further secured through Remote Desktop Gateway Services. Resilient enterprise grade firewalls inspect traffic and the users are required to pre-authenticate before being able to access the data.

Availability and resilience

Guaranteed availability
99.9% during core SLA hours
Approach to resilience
Enterprise grade hardware with resilient design through all possible systems
Outage reporting
Yes through our status portal

Identity and authentication

User authentication
Username or password
Access restrictions in management interfaces and support channels
Management networks are segregated with access through secure gateways or bastion hosts
Access restriction testing frequency
At least once a year
Management access authentication
Username or password
Devices users manage the service through
Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
  • PSN
  • Cyber essentials Plus (In Progress)

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Aligned to NCSC/PSN principles, Scomis align to ISO27001 and Devon County Council principles
Information security policies and processes
Devon County Council information security policies are aligned to NCSC/best practice and in addition, Scomis align to our own additional policies

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Scomis configuration and change management processes are aligned to ITIL best practice, Service Desk Institute (SDI) and Devon County Council policies
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Devon County Council vulnerabiliity management processes are aligned to NCSC/PSN principle and Scomis build on this to align to 27001 principles
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Devon County Council (Scomis) protective monitoring processes are aligned to NCSC/PSN principles
Incident management type
Supplier-defined controls
Incident management approach
Devon Councty Council incident management processes are aligned to NCSC/PSN principle and Scomis build Service Desk Institute (SDI) aligned to 27001 principles

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
VMware
How shared infrastructure is kept separate
We operate a fully multi-tenant Remote Desktop Services solution which is assured by authenticated penetration test and our 15+ years of continual service improvement

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Scomis datacentres, are under Devon county council policy for Zero carbon footprint

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Devon County Council takes climate change very seriously and is committed to helping reduce emissions across Devon through its coordination of the Devon Climate Emergency, the authority’s Climate Change Strategy and its key projects.

Covid-19 recovery

Dealing with COVID-19 will be an ongoing part of our work. With the initial response behind us, we can turn our attention to recovery and rebuilding. In doing so we will work towards a more sustainable future that meets the critical challenge of climate change. We will also respond to the inequalities that exist between different areas and different communities and understand the ways in which COVID has deepened disadvantage for some.

Tackling economic inequality

For the next four years we will…
Develop local support networks to reduce food and fuel poverty and support people that are experiencing hardship
Promote services that increase resilience, self-reliance and independence
Prioritise the delivery of our domestic violence and abuse strategy
Promote community cohesion
including reduction of hate crime by improving awareness and response
Develop a coordinated approach to address child poverty
Consider the findings of the Race Equality Audit and implement its recommendations

Equal opportunity

Since March 2020 we have changed the way we work in so many ways, working at different times in varied locations, using new technology and finding alternative ways to manage, communicate and interact.

As we define new ways of working, we want to build on what we have learnt through the pandemic, maintain the positive changes we have made and address some of the things that are not working for us.

We are committed to ensuring that everyone is offered equal opportunities and equity to work in a way that delivers the best outcomes for everyone.

Wellbeing

Devon County Council is part of the Mindful Employer Network and we are signed up to the Mindful Employer Charter. The Charter is one element of the Mindful Employer initiative which is aimed at increasing awareness of mental health in the workplace and supporting businesses in recruiting and retaining staff. The Mindful Employer website contains useful links to information and resources.

Pricing

Price
£945 an instance a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Scomis recommends that schools trial a free demo account which will allow customers to check connectivity and test the performance of the service to confirm that it meets the school’s requirements. Available for 30 Days (can be extended upon request)
Scomis does not copy your SIMS data for any trial

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at scomisbids-mailbox@devon.gov.uk. Tell them what format you need. It will help if you say what assistive technology you use.