Simitive Ltd

Teaching Allocation Management Service (TAMS)

TAMS reduces the effort required for the capture of time bound activities including teaching and assessment and its associated academic workload. Module leaders plan timebound activities ensuring that students from different disciplines can attend all required courses without conflicts, and academic allocations meet contractual commitments by week, month and year.

Features

• Real time scheduling of time bound activities
• Compliance with working time limits (weekly, monthly, annual)
• Planning and management of teaching and assessment activities
• Staff working time, availability management
• Matching of specialist skills and certifications to teaching activities
• Team delivery management and reporting
• Multi Year planning and reporting
• Real time analytics and dashboards
• Overview and reporting of academics delivering teaching activities
• Identification of times of overload for staff and students

Benefits

• Evidence and manage compliance of teaching time by week/month/year
• Provides a single collection point for workload and timetabling data
• Intuitive planning tool for teaching and assessment activities
• Support for block teaching or different hours of delivery
• Identification of conflicts reducing timetable clashes for students and staff
• Provides real time information to inform data driven decisions
• Management teams plan and allocate resources to accommodate peak times
• Ensuring days end at an appropriate point for students commuting
• Identify points of high and low rates of resource utilisation
• Identification of conflicts from joint/shared delivery of modules or courses

£6,000 a user a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at devinder.whelan@simitive.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

572567020165652

Contact

Devinder Whelan
0117 9117950
devinder.whelan@simitive.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Academic Workload Allocation Management System (WAMS); Activity Based Costing (ABC); Living Review
• Cloud deployment model: Private cloud
• Service constraints: Simitive systems are ‘locked’ during defined maintenance windows. There are no requirements for other downtime as the system is architected to provide 24 x 7 availability.
• System requirements:
  • A vendor supported internet browser
  • Access to the internet

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support calls are handled in line with the below standard SLAs. ; ; Severity 1: Critical system problem or issue. 15 minutes from receipt of notifcation.; ; Severity 2: Time critical problem or issue. 60 minutes from receipt of notification.; ; Severity 3 & 4: Non critical system problem or issue. Acknowledgement within 24 business hours from receipt of notification. A process will be agreed with the customer.; ; The above are for standard UK business hours (Monday to Friday 0900 to 1700 excluding bank and public holidays). Additional support hours including weekend support is available on request.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard support is available Monday to Friday (0900 to 1700) excluding Bank and Public Holidays. Support calls are handled in line with standard SLA. Standard support is provided as part of the annual license fee, and no additional costs are payable by client. Extended support service, up to and including 24x7 support and managed services are available on request. Costs for extended services are based on the number of client licenses and the scope of the service. Simitive have a Support manager who is responsible for ensuring SLAs are met and to conduct regular service reviews.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: All projects follow Prince2 methodology, which defines the scope of the project and the required work-streams are established, for example SSO, data imports and framework alignment. During the design and implementation, Simitive project managers work closely with the client. Simitive provide the following types of training: On-site for system administrator on a train the trainer approach. On-line training for system administrator using remote technology. User guides and training guides.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Word
  • Excel
• End-of-contract data extraction: Users can extract their data at any time via the application. In addition at the end of the contract client data is returned to the client in a format agreed with the client and deleted from Simitive systems. Any systems used in the provision of the services are cleansed to industry best practice standards.
• End-of-contract process: At the end of the contract client data is returned to the client in a format agreed with the client and deleted from Simitive systems. Any systems used in the provision of the services are cleansed to industry best practice standards. There are no additional costs at the end of the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: By necessity the responsive design of the system alters the look of screens to facilitate clarity on smaller devices.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: The system is capable of integrating with any system via its APIs. Simitive runs version 1.0 live REST API web service; secured with HTTPS and oAuth using a JSON format (other formats can be supported). This API allows a client to programmatically create/read/update user records and associated information. Commonly connected systems are HR, Student Records, Timetabling, Research, Finance.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The system can be customised to allow individual organisation branding, terminology and import of any data including job description, grade and any other relevant information to support policies such as equality and diversity. Individual displays can be customised to different types of users and roles to ensure the content is relevant and engaging for all staff types. Within the system, there is customisation the client can configure. For system changes, Simitive support staff or consultants will be required to perform an impact analysis and make the required changes. Most Simitive modules allow extensive configuration by the client without recourse to Simitive

Scaling

• Independence of resources: Simitive systems are delivered via a massively scale-able architecture based on Amazon EC2. Each client's instance is isolated from all others to ensure that there can be no effects across clients.

Analytics

• Service usage metrics: Yes
• Metrics types: Service metrics are provided both within the system, through standard reports and Simitive Account Managers carry out service reviews with Clients on a regular basis.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The system has a standard export function that allows users with appropriate permissions to support all data from the system. Individual workloads can be saved as pdf. The reporting tools, for individuals with the right security permissions, allow users to export data into excel spreadsheets. The data held within the system can also be exported to a data warehouse. The API is a bi-directional and will allow data to be written back to key systems as required.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Simitive systems are guaranteed to deliver 99.5% availability with service credits should this level not be achieved. Over the last 4 years Simitive has delivered 100% availability.
• Approach to resilience: Available on request
• Outage reporting: Simitive monitor all systems continuously for any potential outages. The systems architecture automatically replaces failing items before an actual outage occurs.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Users do not have access to management interfaces.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 03/12/2023
• What the ISO/IEC 27001 doesn’t cover: All areas of Simitive business and operations are covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: AWS FTR Certification

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Simitive have formal information security policies (certified to ISO27001) which are owned by the Managing Director and form an integral part of the company's standard operations. The policies and processes cover internal as well as service delivery security.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All changes to the Simitive cloud require approval by two Directors. Any changes are subject to impact assessment prior to any action. As a user of Amazon EC2 Simitive are subject to and controlled by the certified standards and regulations that form part of Amazon service.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Simitive carry out continuous threat analysis and all patches are applied inline with industry best practice and providers recommendations.; Simitive environments are assessed and certified by AWS and meet the requirements of the Company's ISO27001 Certification
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Simitive systems are monitored constantly for any potential compromises through a suite of monitoring tools. As soon as a potential compromise is identified the instance or instances potentially affected are locked whilst detailed examination is carried out. Depending on the outcome of the investigation remedial actions are carried out and any changes made before the instance is reactivated. All actual or suspected incidents are managed and recorded in conformance with Simitive ISO27001 policies and standards
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Simitive have standard tested processes for incident management. In the unlikely event that an end user is aware of an incident before Simitive it can be reported by email, phone or client portal 24x7. For any incident a report is produced following appropriate investigation and resolution which will be shared with any affected clients.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Simitive are a Certified B Corporation and it actions and commitments are publicly available via B-Corp; Simitive is registered in NetPositive and its commitments and actions are available via NetPositive

  Tackling economic inequality

  Simitive are a Certified B Corporation and it actions and commitments are publicly available via B-Corp; Simitive is registered in NetPositive and its commitments and actions are available via NetPositive

  Equal opportunity

  Simitive are a Certified B Corporation and it actions and commitments are publicly available via B-Corp; Simitive is registered in NetPositive and its commitments and actions are available via NetPositive

  Wellbeing

  Simitive are a Certified B Corporation and it actions and commitments are publicly available via B-Corp; Simitive is registered in NetPositive and its commitments and actions are available via NetPositive

Pricing

• Price: £6,000 a user a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at devinder.whelan@simitive.com. Tell them what format you need. It will help if you say what assistive technology you use.