Sirsi Ltd (trading as SirsiDynix)

EOS.Web Cloud Library Management Software

EOS.Web Cloud library management software cost-effectively serves the stringent knowledge and content management needs of government, corporate, scientific, and other special libraries. Fully web-based and hosted on our secure servers, EOS.Web offers librarians and knowledge services an easy-to-use interface while increasing operational efficiency, enhancing services to end-users, and reducing costs.

Features

• Web-based Library Management System (LMS/ILS)
• Cataloguing, Circulation, Serials, Acquisitions, Reference Tracking, Z39.50
• Design and manage your own OPAC (online public catalogue)
• Powerful reporting and exporting capabilities
• Responsive, high quality customer service
• Easy to learn and use

Benefits

• Quickly/easily make your catalogue data available on the web
• Simplified maintenance (we handle upgrades, security patches, etc.)
• Get around-the-clock access to customer support
• Easily edit record data (MARC or non-MARC/labels)
• Catalogue traditional library materials (books, serials, etc.)
• Catalogue non-traditional materials (objects, images, files, etc.)

£3,800 an instance

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at margaret.mcevaddy@sirsidynix.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

818429871146031

Contact

Margaret McEvaddy
01923 202923
margaret.mcevaddy@sirsidynix.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Hybrid cloud
• Service constraints: EOS.Web software updates are loaded quarterly late on a Sunday evening (or very early Monday morning), outside of UK business hours.
• System requirements:
  • Modern versions of Internet browsers (Edge, Chrome, Firefox, etc.)
  • A PDF reader utility

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Critical support queries can expect a response within one hour; other support queries can expect a response within 4 hours (though often a response will be received in less than an hour).
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: Our web chat facility meets WCAG 21.A and most of WCAG 21.1AA and AAA. We have not tested with assistive technology users.
• Onsite support: Yes, at extra cost
• Support levels: Questions and issues may be reported to the EOS.Web Help Desk team via phone, email, chat, and through the SirsiDynix Support Center. Our Help Desk is staffed 24 hours a day, 365 days a year. The yearly EOS.Web Cloud subscription includes unlimited access to EOS Help Desk services.; ; Support Structure; - Level 1 support is provided by the EOS.Web Help Desk. Help Desk staff are very experienced with the product, and generally able to resolve application questions, training issues, and deal with most any matter regarding features or functionality. They also have an initial level of expertise regarding application errors or possible server-related issues, and connectivity or performance problems.; - Level 2 escalation occurs when an issue requires a higher level of expertise regarding something not working as designed (escalated to Development) or based on networking, connectivity, or performance issues (escalated to IT or the SaaS team).; ; This combined approach allows SirsiDynix to resolve all issues that come in through the Help Desk. The relatively flat support structure means we are generally able to answer questions or resolve issues very quickly.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We provide an online consultation to help setup the system initially. Typically onsite training would occur near the time the system was expected to go Live. The EOS.Web Help system includes not only information about the various features and workflows within the application but also quite a variety of recorded trainings and presentations on aspects of the software.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Authority and bibliographic data may be exported in MARC21 or MARC XML formats. Borrower/patron data may be exported in CSV or XML formats. Additional data can be exported using system reports in PDF, XML, CSV, Word, or Excel formats.
• End-of-contract process: Clients are expected to export their data themselves (MARC records, etc.) before the contract expires. When the contract expires the system becomes inaccessible, with the system's data being retained only as long as stated in our security policies.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The OPAC offers an interface for searching the catalogue that is sized appropriately for mobile device users (i.e., a much smaller screen). Tablets and larger mobile devices can access the full software package (OPAC and library staff modules) using a browser.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The OPAC design includes an “autosizing” functionality to adjust how menus and some other elements display on the page relative to the screen resolution of the browser. As an example, for mobile devices or other smaller interfaces the main horizontal menu will collapse into an icon. The interface retains fully functionality, whatever the size of the browser window.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: OPAC accessibility testing tool: aXe Chrome extension. Screen readers: JAWS, Narrator with Edge. Manual evaluation using supported tools specific to browsers. Mobile testing included manual evaluation based on standard template. Help accessibility testing tool: WAVE. Screen Reader: Narrator with Edge. Manual evaluation using supported tools specific to browsers.
• API: Yes
• What users can and can't do using the API: The catalogue may be searched using Z39.50; Web Services are available to get, delete, add, and update the following types of records: authority records, bibliographic records, category records, patron records. In addition Web Services are available for obtaining item status information searching the bibliographic catalogue, and adding/getting reference tracking records.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Library users with administrative rights can access EOS.Web's General Setup and User Setup areas, allowing them to customise the look and behaviour of the OPAC and library staff modules.

Scaling

• Independence of resources: Multi-source monitoring and alerting. Examples include Nagios, Solarwinds, PRTG, vCenter tools.

Analytics

• Service usage metrics: Yes
• Metrics types: Information about library staff logins, OPAC user logins; counts of new records, edited records; total linked media storage in use; counts of circulation activities. An admin can see how many library staff are currently accessing the system.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: ISO 27001 Certified. All systems run on Pure Storage arrays encrypted at AES 256. Secure containers, racks or cages are used.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Authority and bibliographic records may be exported in MARC21 or MARC XML formats. Patron records may be exported in CSV or XML format. A wide variety of reports are available to obtain data from the system in PDF, XML, CSV, Word, or Excel formats.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • MARC21
  • MARC XML
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • MARC21
  • MARC XML

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Covered Services will be available 24/7 with the exception of Scheduled Maintenance periods or any events or occurrences due to the products, services, and/or actions of 3rd parties beyond EOS’ reasonable control, including but not limited to any Force Majeure events, which result in Reduced Functionality or an Unscheduled Outage. Scheduled Maintenance will only be performed after 24 hours notice. ; ; In the event the Covered Services are not available the Customer is entitled to credit(s) as outlined below if the Customer: (1) provides written notice to EOS of the circumstances giving rise to this credit request, (2) provides such written notice no later than the last business day of the next calendar month, and (3) identifies the relevant Client Care incident(s) relating to the event(s) during which the Service Availability was not met and for which the Customer seeks credit(s). ; ; Service Availability Interruption Service Credit (*); Less than 1% of hours in a calendar month No Credit; ; 1% to 4% of hours in a calendar month 5%; ; 4% to 6% of hours in a calendar month 10%; ; 6% to 12% of hours in a calendar month 25%; ; 12% of hours or more hours in a calendar month 50%.
• Approach to resilience: Available upon request.
• Outage reporting: Combination of email alerts and a customer-accessible dashboard (scope of coverage soon to include all customers).

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Username or password
  • Other
• Other user authentication: SAML and IP Authentication are available.
• Access restrictions in management interfaces and support channels: Individual library staff members will access the library staff side of the application using their own library staff user account. Individual user accounts can be configured to limit access, capabilities, and defaults within the different modules of the software. Library staff access may be limited by IP. EOS/SirsiDynix support access is only via a password obfuscation tool such as Remote Desktop Manager (RDM) via two-factor authentication.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Insight Assurance
• ISO/IEC 27001 accreditation date: 18 September 2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: EOS.web is FedRAMP authorised.
• Information security policies and processes: SirsiDynix has a documented framework for security governance, with policies governing key aspects of information security relevant to the service. High-level security requirements are found in the Corporate Security Policies (CSP) document. The CSP has several subordinate policy and procedure documents, listed below, which describe how SirsiDynix meets each of these requirements. • SirsiDynix Controlled Access Plan; • SirsiDynix Audit Management Plan; • SirsiDynix Change Management Plan; • SirsiDynix Disaster Recovery Plan; • SirsiDynix Incident Response Plan; • SirsiDynix Personnel Security Plan; • SirsiDynix Risk Assessment Plan. The framework ensures that security processes and procedures are defined, and implemented by all staff across the company. All staff are aware of the documentation and receive security training annually.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: EOS/SirsiDynix manages configurations and changes according to industry best practices, requiring reviews and security lead authorisations for changes throughout software or system lifetimes.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: EOS/SirsiDynix uses sources such as the US-CERT ratings and industry and vendor threat reports to assess potential threats, deploying patches as needed based on the severity of the ratings. Policy related to patch deployment is found in the SirsiDynix Risk Assessment Plan (RAP) section 3, with a target of 24 hours for critical patches, 36 hours for high-risk patches, and 2 weeks for moderate-risk patches.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Potential compromises are identified using detection of unauthorised and out-of-policy configuration changes, network behaviour, and other activities; EOS/SirsiDynix also uses logic built into security tools to perform identification. Response to potential compromise includes isolation, investigation, remediation, and reconstitution (from the Incident Response Plan section 6). Goals for speed of response (from IRP section 6.1) are Critical - within 30 days; High - within 60 days; Moderate - within 90 days, the objective is for mitigation to occur more quickly for critical issues while awaiting full remediation.; EOS/SirsiDynix networks are also protected by managed network security monitoring, with 24x7x365 threat detection.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: End users of EOS/SirsiDynix products typically report potential incidents to EOS/SirsiDynix customer employees who open tickets with EOS/SirsiDynix support. Internal users similarly report potential incidents to the Information Technology (IT) helpdesk via tickets. Incident reporting includes notification as soon as possible after identification of an incident, regular updates, and a final report upon incident conclusion.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  SirsiDynix regularly monitors and reviews our internal work practices to ensure that, as a company, we are meeting our goals towards minimising our carbon footprint. For example, in 2021 we took the decision to allow all our staff to work from home indefinitely and to minimise business travel, reducing the amount of unnecessary carbon emissions. As a consequence, we have been able to relocate our physical office in Watford, Hertfordshire, UK and in doing so reduced office space from accommodating 33 members of staff down to three. This represents significant savings in terms of energy use and fossil fuel expenditure, through heating, lighting, other utilities and travel, and demonstrates our commitment to the organisation’s approach to environmental sustainability. Our Carbon Reduction Plan benchmarks our progress in our commitment to Net Zero emissions by 2050 and can be accessed via our website at www.sirsidynix.com.; As a responsible supplier, SirsiDynix imposes stringent criteria when selecting a colocation partner to host our software in the UK. Iomart are regularly inspected by independent auditors and hold both 14001 Environmental Management System and IOS 50001 Energy Management certification, which demonstrates continuous work to improve their environmental position and performance, as well as constantly working to upgrade energy use and output in their facilities.

  Covid-19 recovery

  No member of SirsiDynix staff (currently 32 staff in the UK) has lost their job or been furloughed due to the COVID-19 pandemic. Our experience in supporting remote working places us in a strong position in the post COVID-19 environment, allowing us to recruit and on-board new employees remotely, including hiring and training in a fully remote environment.; Recruitment is carried out in a remote only environment, with training and support given remotely, enabled by technology platforms such as MS Teams and Zoom. All employees have access to both local and global training, backed up by our comprehensive self-service Support Portal and our eLearning platform, Mentor, the staff intranet, and Global and UK-specific Employee Handbooks.; In addition, we have been able to keep library staff in jobs by providing remote working technologies through web-based systems, supporting staff working from home. We have also created an extensive catalogue of webinars and self-paced training to support key library staff in delivering their services to end users.; Addressing the wider context of post COVID-19 recovery, we provide a digital interface to customers, enabling their users to access content to support wellbeing, literacy, employment skills, and schools, helping local communities to up-skill in the challenging post COVID-19 environment.

  Tackling economic inequality

  SirsiDynix is an international company with EMEA headquarters based in Watford, UK. We have long advocated remote working which has resulted our ability to employ staff in many regions across the UK including the East of England, East Midlands, London, North West, South East, South West, Scotland and Wales. As a technology company, SirsiDynix is well placed to promote and support flexible working for our employees, including creating flexible and remote work opportunities without restriction to a specific geographic area.; We offer programmes to young adults as internships, helping them to gain valuable work experience. The most recent example is a young man from the local area who has autism, and who, after an internship, has now joined our Engineering Team on a permanent contract.

  Equal opportunity

  SirsiDynix is an Equal Opportunities Employer, continuing to comply with the spirit and letter of UK equality laws. We promote a fair and harmonious working environment in which all employees are treated with dignity and respect. All workers and job applicants receive the same opportunities regardless of their age, disability, ethnicity, sexual orientation or gender identity. These conditions are written into our employment contracts. ; In the UK, our average employee tenure is 10 years. 18% of staff in the UK are from a minority background, covering BAME, LGBTQ+ and disability. Women make up 50% of our UK work force and hold the most senior positions in the UK office. SirsiDynix provides appropriate support and adaptations to enable disabled staff to access their work, for example providing specialist equipment for visually impaired staff. We provide mandatory training in equality and discrimination to all our staff on an annual basis.

  Wellbeing

  SirsiDynix complies with current health and safety legislation, and has comprehensive health and safety policies. It is an important duty of SirsiDynix, in the conduct of its business operations, to ensure a safe and healthy working environment for all its employees. SirsiDynix accepts the fact that this implies a corresponding duty to ensure that the necessary organisation, equipment and training is provided to fulfill this obligation.; In 2021 we took the decision to allow all our staff to work from home indefinitely had have drawn up a Remote Working Policy which includes advice on maintaining a safe working environment and making the best use of the virtual meetings and communication tools. To ensure our employees do not feel isolated, all departmental teams have daily standup meetings scheduled to allow employees to meet regularly to provide updates on current projects and raise any concerns they may have.; SirsiDynix’s CEO gives regular monthly all-staff updates to ensure staff are aware of any changes to company policy post COVID-19 pandemic, and to pre-emptively address worries staff might have about visiting the office, travelling for work, work-life balance and other related issues that could potentially affect staff mental health. ; The active Global HR Department works hard to promote a healthy work-life balance for SirsiDynix staff, and to make staff feel appreciated and included, covering aspects of health, mental health and interests outside of work. Regular team meetings and catch ups, and a monthly slideshow help management and HR communicate motivational thoughts, work anniversaries, birthdays and milestones.; All UK staff can opt in to benefit from private medical insurance provided by BUPA, which includes provision of mental health support.

Pricing

• Price: £3,800 an instance
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at margaret.mcevaddy@sirsidynix.com. Tell them what format you need. It will help if you say what assistive technology you use.