Semestry Ltd

Semestry TermTime and ExamTime

TermTime and ExamTime are cloud services for the generation and management of teaching timetables and exams for Higher Education. Services include auto-scheduling, staff and student portals, room booking, real time change notification and examination scheduling and management.

Features

• Auto-scheduling of university and college teaching and exam timetables
• Curriculum and staff reference data collection
• Real time change notification
• Self service room bookings
• Real time reporting and dashboards
• Staff and Student portals
• Calendar integration with Outlook365, etc.
• Comprehensive rooms, exams, student and staff capabilities
• Comprehensive rooms, exams,student and staff constraints
• Integration using API and files transfer

Benefits

• Maximise student and staff satisfaction with teaching and exam timetables
• Lower total cost of ownership
• Quick service deployment
• Available at all times, from any device
• All functionality available through standard browser interface
• Speed up integration of business processes from other systems
• Deliver timetable in real time to students and staff
• Improve timetable be modelling different scenarios
• Improve efficiency through Cloud collaboration
• Lower overheads as no need for dedicated IT infrastructure

£25,000 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@semestry.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

759161435185124

Contact

Julia Bailie
07497186578
sales@semestry.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements:
  • Internet access
  • Browser interface

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response is available 09:00 to 17:00 Monday to Friday except public holidays:; Target Response Times; Critical < 15 minutes; High < 1 hour; Medium < 1 business day; Low < 1 business day; Very Low < 1 business day
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: None
• Onsite support: Yes, at extra cost
• Support levels: Customers have access to a project manager and a support consultant to manage their implementations and on-going project needs.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Implementation is managed by our project management and consultancy team. They provide on-site training, plus help with integration consultancy and data importing.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Semestry provides access to all customer data in standard formats - csv files or data tables
• End-of-contract process: A 2 weeks end of contract project is available to extract all customer data in their preferred format.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: TermTime offers full functionality on mobile and desktop services
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: API is accessed through secure https protocols using RESTful and JSON.; The API can be used to import and export all the data from the database. All data objects and their attributes can be imported.; The API includes standard reports.; All data can be exported and viewed in different forms.; The API supports creation, updates and deletion of all data objects. The API can be used to create new timetables as required. ; Creation, updating and deletion of all data objects is possible using the API.; There are no limitations on use of the API.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: Semestry monitors all usage against our cloud infrastructure levels and increase these levels if demand increases.; There are no resource sharing across customers.

Analytics

• Service usage metrics: Yes
• Metrics types: All metrics are built into the TermTime system and are updated in real time
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data is exported via the following:; standard csv files; API; Interfaces to reporting services eg. PowerBI and QlikSense and Crystal Reports
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • XML
  • Excel
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • JSON
  • XML

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.9% up time and availability
• Approach to resilience: Semestry provides 2 levels of cloud data backup as stipulated in our SLA; Backup servers available for reallocation; Details available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: All users have access rights and only top level users can access the management interface. All access and access attempts are logged. Support staff have access to view data but not to add, edit or delete data (unless asked to by customers).; Support staff all have dedicated accounts and do not use customer logins. There are no shared accounts.; Top level access can only be granted by Semestry staff.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS
• ISO/IEC 27001 accreditation date: 02/05/2018
• What the ISO/IEC 27001 doesn’t cover: Our certification covers development, operations and support of on-line scheduling systems, products and services.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Semestry runs vulnerability process checks, personnel checks and incident management reporting to ISO27001 standards.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All configuration and changes are tracked through the lifetime of the contract. This includes assessing the impact any change may have on the way existing customers can use the system and the overall impact on security.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Semestry has systems in place to monitor potential threats and utilises the services of our service provider for added security. Any security patches are implemented within 24 hours.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: All attempted access to non standard Semestry URLs are recorded to a dedicated log file and investigated immediately. Each access attempt is assessed. Where there are sustained attempts from specific addresses these addresses will be blocked in the firewalls protecting our servers.; Any attempt to send malformed parameters or inject code into Semestry URLs is logged in a dedicated log file. The full details of the address making the attempt are logged.; The only service available from production servers is HTTPS. All other services are locked.; Server error logs are monitored constantly for potential problems.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have defined processes for each attempt. Each attempt is assessed to determine if more security is required. Where applicable extra blocks are added to firewalls.; Users can contact using direct on-line communications or email or telephone calls.; Where there is a breach of data then all the customers will be informed and action taking according to the suspected data breach.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  We recognise and understand the importance of protecting the environment in all our business activities. We are committed to continually improving our environmental performance and minimising adverse environmental impacts.; We demonstrate our commitment by:; • Understanding and reviewing the range of environmental impacts arising from our activities.; • Ensuring that we comply with and, where possible, exceed all applicable environmental legislation eg: ESOS and SECR.; • Setting & measuring environmental objectives and targets for our most significant impacts with the aim of limiting and reducing our CO2 footprint.; • Reducing energy and resource consumption where possible by using renewable energy, recycling waste and encouraging all employees & contractors to follow best practice in terms of GHG production and CO2 footprint and to be mindful of usage and waste whenever practical.; • Influencing and managing our suppliers and contractors to ensure that goods and services supplied to us comply with our Environmental Statement and with our Sustainable Procurement Statement.; • Ensuring that this statement is understood, implemented and maintained at all levels in the organisation.; We endorse our objectives by:; • Reporting the agreed sustainability measures (which reflect our environmental impact) to our Board; setting targets for reduction, where possible and monitoring and reviewing these measures.; • Communicating our environmental position to employees, placing an emphasis on the significance of these matters and encouraging involvement and ideas.; • Periodically reviewing this policy to take account of changes in our organisation, legislation and environmental best practice.
• Tackling economic inequality:

  Tackling economic inequality

  All employees have the right to be treated fairly and with dignity and respect. We are committed to embedding equality, diversity and inclusion in all employment policies procedures and practices in the context of the objectives of:; • ensuring that all individuals are treated with dignity and respect; • ensuring that opportunities are made available on a non-discriminatory basis; • providing a safe, supportive and welcoming environment for all; ; We encourage a diverse workforce and aim to provide a working environment where employees at all levels are valued and respected, and where discrimination, bullying, promotion of negative stereotyping and harassment are not tolerated (for further information please refer to our Dignity at Work policy). ; ; We train all employees inequality and diversity and ensure that diversity is integrated into mainstream learning provision. We are also committed to providing all employees with opportunities to maximise their skills and achieve their potential, offering flexible working arrangements wherever possible.
• Equal opportunity:

  Equal opportunity

  All employees have the right to be treated fairly and with dignity and respect. We are committed to embedding equality, diversity and inclusion in all employment policies procedures and practices in the context of the objectives of:; • ensuring that all individuals are treated with dignity and respect; • ensuring that opportunities are made available on a non-discriminatory basis; • providing a safe, supportive and welcoming environment for all; ; We encourage a diverse workforce and aim to provide a working environment where employees at all levels are valued and respected, and where discrimination, bullying, promotion of negative stereotyping and harassment are not tolerated (for further information please refer to our Dignity at Work policy). ; ; We train all employees inequality and diversity and ensure that diversity is integrated into mainstream learning provision. We are also committed to providing all employees with opportunities to maximise their skills and achieve their potential, offering flexible working arrangements wherever possible.
• Wellbeing:

  Wellbeing

  Semestry believes that the wellbeing of our employees is key to organisational success and sustainability. Therefore, the objective of this policy is to provide transparency regarding the organisation’s approach to managing and supporting the wellbeing of our employees, and to encourage employees to take responsibility for their own health and wellbeing.

Pricing

• Price: £25,000 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@semestry.com. Tell them what format you need. It will help if you say what assistive technology you use.