SkillsForge

Postgraduate Researcher Supervision Meetings

Our solution provides functionality to automatically prompt, chase, book and digitally record and sign postgraduate researcher supervision meetings in line with the policies of the university in question. We support various types of research supervisory meetings including principal supervisor, supervisor team and general supervisor meetings.

Features

• Software as a service
• Accessed via a modern browser
• Records digitally signed and date stamped
• Comprehensive audit logging and reporting
• Notifications engine
• Roles based access control
• GDPR compliance
• Evidence can be uploaded within the supervisory meeting record
• Business intelligence reporting
• Integration with other organisational systems

Benefits

• High automation levels driving significant productivity savings
• Full audit of supervisory meetings and interactions
• Integration with other systems driving single version of the truth
• Meeting records and evidence all in one place
• Vastly improved oversight reporting producing new insights
• Workflow bottlenecks can be identified and resolved
• Reporting significantly improved in breadth, depth and impact
• Significantly increased user engagement with university systems
• Business continuity improvement through SaaS delivery model
• Improved user experience

£7,500 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gary.fawcett@skillsforge.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

567602367365120

Contact

SkillsForge Ltd
01904 390800
gary.fawcett@skillsforge.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None.
• System requirements: A modern browser on any device that supports that browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within business hours (9am to 5.30pm Monday to Friday but not including Bank Holidays) within 1 hour
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The support levels are included in the overall pricing and not charged out as a separate item. A technical account manager is assigned to each account. We provide 2nd and 3rd line technical support only, with 1st line support being carried out by the customer. Support is split into 3 categories as follows:; ; Priority 1 incidents (defined as major loss of functionality impacting on business operation) ; 1) Service desk response within 30 minutes (as specified in service desk response) ; 2) Detailed response within 1hr of call being logged with details of outage and estimated resolution time, resolution within 4 hours. ; 3) Updates on progress at least every 30 minutes ; ; Priority 2 incidents (service not fully available, major functionality restrictions or performance degradation affecting the buyer’s operations or key users) ; 1) Service desk response within 30 minutes (as specified in service desk response) 2) Detailed response within 4 hours, resolution by end of next working day ; ; Priority 3 incidents (Non-minor functional restriction or performance degradation but with effective workarounds) ; 1) Service desk response within 1 hours (as specified in service desk response) 2) Detailed response within 2 working days, resolution at the next scheduled upgrade
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The SkillsForge team engages with the client with a wraparound implementation service that includes:; - Project management; - Business analysis; - Configuration; - Data Integration; - Data Migration; - Training; - Implementation; - Account Management; Once implemented, SkillsForge offers the following training services to our clients:; - Train the Trainer for the trainer to deliver end user training; - Super User Admin in order that administrators with the appropriate RBAC can interact with the administration interface; - IT Support training; - Business Intelligence Reporting training for Report Creators and Report Consumers.; We offer face to face training either onsite or at our premises, online training and work with our clients to edit the standard user documentation to fit their particular configuration.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: A full copy of client data on request will be provided. The standard format is in SQL statements for importing into a relational database, however, SkillsForge supports many other common machine readable options. Copies of all files uploaded into SkillsForge are also provided.
• End-of-contract process: Offboarding support is provided as standard to our clients as follows: - We will provide all reasonable assistance to our client to facilitate orderly transfer to a successor - We will answer promptly and fully all reasonable questions from the client about the solution we provide for the purpose of adequately understanding how the solution has been provided - A full copy of client data on request will be provided. The standard format is in SQL statements for importing into a relational database, however, SkillsForge supports many other common machine readable options. - If an extension of our service provision is required past the contract termination date we will provide our service for up to three months on the same contract payment terms

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The user interface is responsive for different devices including mobile.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The service interface is Zendesk, an industry standard solution, and each client is provided their own dedicated web access to this.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: N/A.
• API: Yes
• What users can and can't do using the API: The SkillsForge team works with the client to ensure integration between the SkillsForge SaaS solution and the other systems through a number of integration approaches including:; - A purpose-built REST JSON API for securely uploading feeds from client systems into SkillsForge; - SkillsForge REST JSON API to query user account data and data associated with the user; ● Secure Atom feeds for pulling incremental data updates off SkillsForge servers; ● Data push/pull driven by SkillsForge, usually to call external APIs on a customer’s server; ● Calendar feeds - SkillsForge provides iCal feeds for users with instructions on how to use iCal in popular calendars
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The automated form workflows, form templates, notifications, roles based access control, data integration with other systems, navigation, menus, etc, are all configurable. The SkillsForge team will work directly with the client to agree their requirements, the respective priorities of the requirements, and then configure the system to meet those requirements.

Scaling

• Independence of resources: Our solution is hosted at Amazon Web Services and is built to be technically infinitely scalable through strategies such as auto scaling.

Analytics

• Service usage metrics: Yes
• Metrics types: As part of each installation each client is provided with world class business intelligence reporting solution licenses. A library of over 100 standard report templates which cover all aspects of usage, e.g. log ons, pages visits, take up per faculty, etc, is provided as well as the client being able to produce their own bespoke reports with the business intelligence tool.; ; SkillsForge also provides a range of metrics including system uptime %, response times against the service level agreement and system latency measures. Our standard service level agreement is detailed in our enclosed service definition document.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The data can be provided in multiple formats and mediums as agreed with the client and is not limited to the selections below.
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We will guarantee a 99.9% system availability.
• Approach to resilience: The solution is hosted at Amazon Web Services London in highly available fully redundant ISO27001 accredited data centres.
• Outage reporting: SkillsForge uses email alerts to report any outages although clients are welcome to install their own monitoring software if required.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: SkillsForge enforces the principal of least privilege with users only being given access based on their roles based access control setting or through Identify and Access Management in Amazon Web Services. All users begin with no privileges and are granted privileges at the lowest feasible level. Once the user doesn't require access to certain system resources the access is immediately revoked.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 30/09/2020
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: ISO/IEC 27001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: We are working towards ISO9001 certification to be achieved during 2023. Information security policies and processes ISO/IEC 27001 certified,
• Information security policies and processes: We are certified to ISO/IEC 27001. All of our associated policies hang off our ISMS. Our Chief Technology Officer has ultimate responsibility to the Board for information security and our Senior Security Specialist is responsible for actioning against our information security requirements and policies.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: SkillsForge releases are versioned. Each upgrade is normally a full production release but change logs and preview installations are made available to clients prior to rollout and beta testing of new features is offered to all clients. Server patching is normally completed on a pre-agreed monthly schedule. However, important or security-sensitive patches are assessed daily and expedited if necessary, with discussion with our clients. The SkillsForge team is responsible for the execution of all upgrades in line with the plans agreed with our clients. We use a major.minor.patch version numbering scheme.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: SkillsForge practices an Information Security Management System which is certified to ISO27001. As part of this system, potential threats are identified (through a variety of strategies) and risk assessed. Threats are prioritised for treatment from the most to least critical. Mitigation actions are identified, based on these priorities, and implemented. Patches can be expedited as required based on urgency and potential severity. Clients are informed at all stages. We assess every day any new publicly known vulnerabilities which represents only one, of many, threat identification strategies that we employ, e.g. near misses, incidents, regular vulnerability assessments, audit, risk review, etc
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: SkillsForge practices an Information Security Management System which is certified to ISO27001. As part of this system, potential threats are identified (through a variety of strategies) and risk assessed. Threats are prioritised for treatment from the most to least critical. Mitigation actions are identified, based on these priorities, and implemented. Our systems are monitored 24*7 with the client informed within 15 minutes of any incident occurring that affects functionality or resilience of service. All incidents are given a priority level and our response SLAs are contained within our Service Definition document.
• Incident management type: Supplier-defined controls
• Incident management approach: As part of our ISO27001 Information Security Management System all our processes are pre-defined including incident management processes and our systems are monitored 24x7. Users report can report incidents to the SkillsForge support desk by phone, email and through their dedicated Zendesk web interface. Alternatively, they can contact their dedicated Account Manager. If the incident happens outside of business hours then users can contact a duty phone if necessary. Following an incident a report detailing the root cause analysis, resolution and strategy employed to reduce any future similar failures is produced and shared with clients as appropriate.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  All members of our team work from home, minimising any carbon footprint in relation to commuting and powering and heating offices. We provide awareness to staff regarding renewal energy options as well as ensuring they have the most up to date work equipment to manage their carbon footprint. ; ; All of our infrastructure is hosted in the cloud at Amazon Web Services data centres. Amazon Web Services is committed to powering their operations with 100% renewable energy by 2025.
• Covid-19 recovery:

  Covid-19 recovery

  All of our team members work from home to manage Covid-19 issues and we foresee this continuing indefinitely.; ; Our solution is focused on moving PGR Management processes completely online and avoiding the issues a lot of universities faced during 2020/21 lock downs where their processes weren't online, so management of PGRs became a major issue. Our solution provides for efficient and effective online management of PGRs and significantly increases business continuity for these processes.
• Equal opportunity:

  Equal opportunity

  SkillsForge’s activities are conducted in-line with relevant EU Directives and Regulations and are bound by the core principles of transparency, equal treatment and non-discrimination.; ; In accordance with its commitment to equality and diversity and its responsibilities under the Equality Act 2010 of Great Britain, as amended from time to time (the ‘Act’), SkillsForge complies with the terms in this document to ensure that we do not unlawfully discriminate in its employment practices or provision of goods, facilities or services.; ; SkillsForge complies with the Act in its employment practices and service delivery. This includes not discriminating unlawfully on the grounds of the following protected characteristics recognised within the Act:; ● age; ● disability; ● gender reassignment; ● marriage and civil partnership; ● pregnancy and maternity; ● race and ethnicity; ● religion or belief; ● sex; ● sexual orientation; ; We will maintain an appropriate written equality and diversity policy in respect of the protected characteristics that covers unlawful discrimination and prohibited conduct in recruitment, selection, ; training, promotion and discipline and dismissal. SkillsForge will communicate this policy to its staff and workers and take all reasonable steps to ensure their observance of it.

Pricing

• Price: £7,500 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gary.fawcett@skillsforge.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.