OPTIME - Prospect
EventMAP's Optime Prospect application is a comprehensive solution for administrators to manage the student recruitment process. Designed in conjunction with end users Optime Prospect is created for Universities and Colleges. The solution gives oversight of the whole process including initial enquiries, record keeping, application reviews and final offer letters.
Features
- Provides tools needed to manage and track the application progress
- Complete student recruitment management workflow
- Built in workflows to keep track of recruitment process
- Allow internal stakeholders, and external candidates or agents relevant access
- Online Application/Registration of Interest
- Real-Time reporting
- Import tools and APIs enabling integration with other systems (eg.Outlook)
- User authentication integration (SSO)
- Useable on multiple platforms including tablets and mobile devices
- Document Uploads
Benefits
- Student Recruitment Management
- Information capture, application review and internal referral by academic colleagues
- Users have Real-Time access to information
- Solution accessible from any site or location, supporting flexible working,
- Holistic view of resource usage enabling informed management decision making
- Enables KPIs and targets to be monitored and achieved
- Single source of truth for student recruitment information
- Candidate Self-Application
- Notifications to Keep You Informed
Pricing
£6,000 an instance a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
7 5 9 0 2 1 7 5 1 7 5 6 3 0 2
Contact
EVENTMAP LIMITED
Barry McCollum
Telephone: 00442890236558
Email: info@eventmapsolutions.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- No Constraints
- System requirements
- None applicable
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Critical Incidents within 1 hour of being raised (Monday to Friday)
Non- Critical within 24 hours of ticket being raised (Monday to Friday) - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
As part of the contract and licence the following support is included:
A key contact is assigned,and will be the main point of escalation where needed. Regular service meetings will be agreed with the client .
Raising issues should be directed to and processed via the EventMAP Support Centre.
-Where an issue is emailed these will be added to the Support Centre
-Where an issue is raised over the phone these will be added to the Support Centre and not resolved over the phone unless the issue is critical service failure.
Queries or Issues raised are categorised as follows:
1. Bug – breaks standard functionality of software.
2. Bug (External) – due to external circumstances outside of EventMAP control.
3. Incorrect behavior – functionality is not as expected.
4. Change Request – a problem with software which does not break standard functionality, but impacts usability of the software.
5. Feature Request – requests for new developments
Feature Requests may incur additional development related costs where the request is bespoke to the client or not on the immediate Product development Roadmap.
A detailed service level agreement will be provided to the client when on-boarding. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Users are provided with training manuals and relevant documentation during the course of the project.
In built help documentation is already provided within the system
Onsite training services can be provided (at a daily charge, please refer to SFIA). Dependent on the buyers needs training services can be tailored, whether training large groups or when a 'train the trainer' approach is used. - Service documentation
- Yes
- Documentation formats
-
- HTML
- Other
- Other documentation formats
- Word
- End-of-contract data extraction
-
Reports can be downloaded in various formats including csv utilising the reporting suite.
During the off-boarding period, together in partnership with the client the most appropriate format for the data to be provided can be agreed. - End-of-contract process
- Should the client decide not to extend the contract. Prior to the contract end date there will be an off-boarding period (the duration of which will be agreed with the client). The system and all associated data will be deleted after 1 month of contract end or deleted immediately on request.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Menus adapt dependent to screen size.
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- All of our services provided within the framework have web user interfaces specific to the service being procured. These web user interfaces are compatible with all commonly used web browsers including Internet Explorer, Chrome, Safari and Firefox.
- Accessibility standards
- None or don’t know
- Description of accessibility
- OPTIME provide text descriptions for its features and follows WCAG guidelines
- Accessibility testing
-
Testing to support accessibility is undertaken in-house. The following assistive techology is used:
NVDA – Windows – Mozilla Firefox
NVDA – Windows – Internet Explorer & Edge
NVDA – Windows – Chrome
VoiceOver – Mac – Safari & Chrome - API
- Yes
- What users can and can't do using the API
-
Create, Read, Update and Delete records using the API.
Clients cannot change the API themselves but can request for changes to be made. There are no limitations to the use of the API - API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
User Specific Profile Customisation
Existing Functionality & Features can be configured and customised based on users and roles within the buyers organisation
New Features & Functionality requests are possible but undertaken by developers within our company
Scaling
- Independence of resources
- Cloud infrastructure is configured to scale on demand
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Various metrics can be provided based on the customers needs, metrics such as
Uptime %
Response Times m/s
Number of users - Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
- Other
- Other data at rest protection approach
- Data is held within Microsoft Azure and is governed by their security protocols
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Data can be exported in multiple formats including csv or PDF through the standard reporting function within the solutions. Where data is not accessible through the reporting function a bespoke request can be raised following the support process (dependant on the complexity of the bespoke request, an additional charge could be made)
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- JSON
- XML
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- JSON
- XML
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- 99.9% availability as standard.
- Approach to resilience
- Available on request
- Outage reporting
-
Automated Email notification
Phone call to key client contacts
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- Access to management interfaces is based on Roles and permissions. Only users with the appropriate role and/or permissions can access management interfaces and support channels.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BSI
- ISO/IEC 27001 accreditation date
- 16/10/2020
- What the ISO/IEC 27001 doesn’t cover
-
N/A
The following was the scope of the Accreditation:
"Information Security in relation to the Provision of timetabling, scheduling, resource management, space planning, software and services in accordance with Statement of Applicability version 1.0" - ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
-
- Cyber Essentials
- ISO27001
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- EventMAP’s InfoSec team and CTO are responsible for verifying compliance, using various methods including walk-throughs, deployment of automated testing tools, and internal or external audits.
- Information security policies and processes
-
EventMAP defines three distinct levels of security assessment:
Full – a full assessment of the web application for all known vulnerabilities using both automated tests and manual testing, based on the OWASP Testing Guide.
Quick – a quick assessment typically involves testing for the top ten security risks as defined by the OWASP Top Ten web application security risks.
Targeted – a targeted assessment involves testing for a specific vulnerability.
Web applications meeting the following criteria are subject to security assessment:
New applications – brand new software products undergo a full security assessment before being released into any production environment.
Major application updates – any major changes to the software codebase undergo a full security assessment before being approved for release to production environments.
Patch releases – minor application updates are subject to an appropriate assessment level based on the risk of the changes to the application functionality and/or architecture.
Emergency Releases – emergency releases will be allowed to forgo security assessments, carrying the assumed risk until such time that a proper assessment can be carried out. Emergency releases will be designated as such by the Chief Technical Officer or an appropriate manager.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
1. Change raised by client through Support Centre
2. Assessed (various impacts including security) and Approved/Declined
3. Added to a work package and sprint
4. Assigned to an individual
5. Developed in a non production environment
6. Once development completed promoted to a Test Environment
7. Tested and User Accepted
8. Deployed to Production (Live) environment at an agreed time with the client.
9. Change Record retained - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Technical Teams monitor alerts and notifications which identify potential vulnerabilities that could affect our services.
Potential vulnerabilities are reviewed and assessed to determine the impact, likelihood and risk.
Following the assessment actions are then undertaken. For severe incidents issues are addressed as a priority and resolutions implemented as quickly as possible.For low risk vulnerabilities these are resolved within within 2 days. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Any potential compromises are notified by the platform provider to EventMAP technical teams and these notifications are monitored by the 24.7.
Upon notification of any compromises an internal process and assessment checklist are completed to assess the risk and impact.
Following the assessment, the severity of the compromise is known and actions are then undertaken to resolve the issues. For severe incidents issues are addressed as a priority and resolutions implemented as quickly as possible. - Incident management type
- Supplier-defined controls
- Incident management approach
-
• Issues raised will be added to the EventMAP Support Centre with a status 'Open'
• Customers and EventMAP staff can communicate via comments on the ticket system
• When requiring further discussion before it can be correctly processed, the status is set to Pending
• When an issue fix is proceeding Status set to Work In Progress.
• When an issue fix has been processed, Status set to Closed
• At any stage, an issue can be transitioned from Closed to Reopened. Reopened tickets will enter the same workflow as is outlined in the above process
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
- Equal opportunity
Fighting climate change
The company is committed to measuring and reducing carbon emissions associated with its business This commitment includes:
● We acknowledge the risks that carbon emissions present and as a company work to mitigate and manage any physical impacts that we can affect.
● We ensure compliance with applicable regulatory requirements related to carbon management.
● We make concerted efforts to reduce our carbon emissions and to improve energy efficiency of our operations, by applying wherever possible, the most modern technology, equipment and work practices.
● Encourage staff to consider and reduce their personal energy consumption through increased awareness.
● Manage the efficient use of space by monitoring usage and then develop appropriate space management procedures.
● Actively use suppliers committed to the reduction in their carbon footprint
● Identify and use external funding where applicable for energy saving projects.Tackling economic inequality
It is our policy to pay individuals who work with the company at a considerable percentage higher than the minimum wage. This is the result of market forces relating to our highly skilled workforce and a central ethos to the Company in terms of promoting fairness for employees and customers alike. The later is very much reflected within our pricing model for the education which has been fine tuned to deliver maximum value to clients while sustaining an enthusiastic, coherent and content workforce. We therefore confirm that this is the case and we are more than happy to provide evidence at any stage post contract award.
As part of our approach to fairness within the working and client delivery environment we constantly monitor wages within our local IT community and ensure our staff are on par and above what is expected. This is balanced with the client expectation in terms of receiving a quality sustainable product. We are able to provide a fair pricing model based on the fact that all annual profits are automatically invested back into the Company development to ensure we create the most positive fair and quality working environment for all. As a spin out Company from the University sector, this approach is embraced and promoted as opposed to working for shareholders. We therefore effectively have a head start on our competition in terms of how we define and deliver fairness to staff and clients alike.Equal opportunity
Pivotal to the EventMAP ethos, baked in to our roots as a business growing from within the Northern Ireland employment landscape, and a message we carry as we expand in other socio-economic geographies is criticality of equality, employment, ethics and training. We are bound by law, and company ethics to uphold high standards of fairness, inclusion, respect, equality, diversity, employee development and engagement to help communities and boost the well–being of people who live and work there.
It is vital to us that employees reflect the demographics of the communities we serve. Different communities have different characteristics, needs and opportunities and how effectively we identify and meet the particular needs of the communities in which we operate will increase the impact on their socially orientated activities.
We foster a culture where people from all backgrounds feel they belong, and where their efforts and unique contributions are recognised. It is through this inclusivity that we believe our diverse employees see people like themselves succeed in the organisation, and benefits all as innovation and the improved financial rewards associated with true diversity will follow.
Pricing
- Price
- £6,000 an instance a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- A trial version of the software can be made available by contacting us through the email provided.