Amberjack

Digital Assessment Centre Module (DAC)

A Digital Assessment Centre platform, enabling virtual and face-to-face events that supports registration of users, allocation of timetabled tasks, immersive experiences and digital collation and processing of results.

Features

• Immersive digital assessment platform
• Delivers range of automated off-the-shelf or bespoke assessment tests
• Traditional assessments - aptitude, cognition, judgement and personality
• Behavioural assessments
• Blended assessments include video and/or written response questions
• Self-selection tools such as Situational Judgement Tests or Match-Me tools
• Single assessments or video-immersive assessment stage
• Mobile enabled, seamlessly integrates with existing recruitment process
• In-built personalised automated feedback and Net Promoter Scores (NPS)
• Real-time reporting

Benefits

• Publish content from multiple devices
• Quickly manage content on the move
• Measure abilities to accurately predict success
• Identify potential candidates to succeed in role
• Flexibly measure multiple candidate qualities in a single-stage assessment
• Efficiently identify best-fit candidates
• Flexibly select text, images, video immersive or blended tests
• Make better hiring decisions faster
• Instant and meaningful candidate feedback you can measure
• Complete reporting visibility to individual candidate scores

£5,250 a licence a year

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contracts@weareamberjack.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

776928067497641

Contact

Jonathan Hall
+441635584130
contracts@weareamberjack.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: As with all software services, Amberjack will, with due notice, periodically provision service upgrades and platform maintenance that may require a period of planned downtime. Typically this downtime will be planned outside of key operating hours.
• System requirements:
  • Modern browser (Google Chrome, Safari, Firefox, Microsoft Edge)
  • Internet Access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Depending on the severity of fault, between 2 hours and 1 day.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Reactive support is included in the price. This provides working day telephone and email support with 4 levels of ticket categorisation.; Technical account management is offered (at a cost) to provide proactive management of the service including service reviews, reporting and strategic support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A full implementation service can be provided to design and implement the technical and assessment processes in partnership with the client, only being signed off for live deployment after full user acceptance testing.; ; Full user training and documentation is also provided and can be delivered onsite or remotely.
• Service documentation: Yes
• Documentation formats:
  • ODF
  • PDF
• End-of-contract data extraction: Amberjack will provide a data extract in the format required by the client at the end of the contract. Data retention/archive/deletion policies will match the requirements of the client.
• End-of-contract process: Typically at the end of the contract, an exit plan will be put in place to define the timeline for closure of system for new registration, removing access for candidates and client users, data extraction and decommissioning.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The UI has been designed to be mobile responsive and so positioning of text/buttons/tabs will change depending on screen size.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The Online Assessment Module provides clients with the ability to design immersive assessments for candidates. The Module supports many different kinds of questions and answer type tests. The question interface and scoring mechanisms are pluggable to allow customised experiences to be created for clients. These can range from simple multiple choice to games and immersive video enabled experiences. On registration, candidates can then take the assessment tests, the results of which are collated for review by the client assessors. Metrics and analytics are available to enable continual improvement in areas such as diversity and candidate engagement.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: SortSite has been used to assess our solutions for accessibility. Supporting accessibility standards is an ongoing element of the Amberjack technical development roadmap.; In addition NVDA has been used in a Proof of Concept capacity to understand compatibility with screen readers.
• API: Yes
• What users can and can't do using the API: API integration can be discussed as part of initial partnership dialogue, however typically this service is set up in partnership with our internal technical team who can provide all relevant documentation. ; ; Once the integration is in place, any changes must be made via our change request process and cannot be made by users without involvement of our internal technical team.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Our Online Assessment Module is fully customisable to create unique assessment experiences for candidates, including, but not limited to branding through to bespoke design of situational judgement testing and text based match-me tools. Expert assessment specialists can help to develop the most appropriate assessment model that our Online Assessment Module can then be used to deliver.

Scaling

• Independence of resources: Whilst our Online Assessment Module uses shared resources, these are load balanced across multiple servers, with frequent capacity management reviews held to review existing client consumption growth, based on information in our monitoring tools, and new business expectations for the next period. Infrastructure capacity can then be adjusted as necessary to ensure high levels of performance and availability.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics are specific to each organisation depending on their implementation design and will typically be a combination of built in and custom reports alongside analysis provided by technical account managers.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The client user interface supports the export of candidate data including scores, and associated custom meta data.
• Data export formats:
  • CSV
  • Other
• Other data export formats: .xlsx
• Data import formats:
  • CSV
  • Other
• Other data import formats: .xlsx

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Up to 99.9% availability (excluding planned maintenance, but deployment of the platform takes typically less than 2 minutes). Service credits are agreed as part of contract negotiations.
• Approach to resilience: Redundancy is built in by design, for example, load balanced web servers, firewalls, and the data centre is replicated across 2 different sites.
• Outage reporting: Reactive RfO (Reason for Outage) reporting as well as a public dashboard.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Separation by site. e.g. the admin site is independent from the client site and with independent authentication. Within the client site there are 2 levels of user, standard and super to restrict access appropriately.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 26/09/2022
• What the ISO/IEC 27001 doesn’t cover: A10.1.2 Key Management; A11.1.6 Delivery and Loading Areas; A14.2.7 Outsourced Development
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We employ a fully ISO27001:2013 Information Security Management System with a statement of applicability for all but 2 non-applicable controls (relating to delivery/loading bay controls). This means we have a full suite of information security policies and procedures that are independently audited on at least an annual basis.; ; Security is governed by our Board of Directors with daily management deferred to our head of security (who sits independently of any department).; ; All changes are governed by a weekly change board, and we have an independent SOC monitoring our systems 24x7. We undertake daily vulnerability scans of all our systems and perform automated patching twice weekly or as required.; ; Our head of security monitors compliance with our policies and standards and reports to the board on a quarterly basis.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All changes are managed through a weekly Change Board attended by service and system owners. Requests are reviewed and if approved are tracked to completion with mop up sessions.; ; Each change has to consider the impact to security risk (reduce, maintain, worsen), the likely impact to service and whether comms are required to users of the system.; ; Only correctly formed requests are considered for approval.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We undertake daily Internal and External Infrastructure assessments to the PCI standards as a benchmark. Our SLA for patch deployment is within 10 working days for High/Critical and 30 days for Medium rated vulnerabilities.; ; We use several sources for threat intel including BitSight, Risk Ledger, MyNCSC, Tenable.IO and the Microsoft Threat Intelligence reports.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We have the latest threat analysis tools deployed to all systems which in turn feed into our fully managed 24x7 SOC.; ; We have defined runbooks to respond to various scenarios and our response time varies depending on the severity of the alert. We enable our SOC to block access if they deem necessary while we investigate the incident.
• Incident management type: Supplier-defined controls
• Incident management approach: Our incident process is published to all users desktops and is well understood by staff. Reports always require an email but initial contact/reporting can be via any communication method.; ; Incidents are then assessed for severity and runbooks for standard scenarios are followed. Incidents are logged in a dedicated system which feeds into our security management system. This enables incident reports to be generated if required.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery

  Fighting climate change

  Our digital assessment centres proved very effective during Covid to maintain a virtual assessment world. Further, they offer significant time and cost savings, as well as reduced travel and almost zero paper-based administration to fully set up and facilitate each assessment centre.

  Covid-19 recovery

  Our digital assessment centres have allowed business as usual to continue as normal, by assessing candidates at scale virtually.

Pricing

• Price: £5,250 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at contracts@weareamberjack.com. Tell them what format you need. It will help if you say what assistive technology you use.