Resource Guru

Resource Guru - Project Scheduling and Leave Management

Resource Guru is a team calendar for project scheduling, resource management, capacity and leave management and time tracking. Powerful reports show utilisation rates, billable vs. non-billable time, overtime, holiday and other time off. Custom filters allow you to focus on resources by "Skill", "Location", "Department" etc.

Features

• Drag and drop scheduling means booking changes are quick
• Powerful reports showing utilisation, billable vs. non-billable projects and leave
• Leave management system including personal time off, sick leave etc.
• Calendar integration with Outlook, Google, Apple and many more
• Custom fields allow you to filter your resources and bookings
• Timesheets show you planned vs actuals
• Custom availability and overtime
• Tentative and repeat bookings for added flexibility
• Clash management for bookings where there isn't sufficient availability
• Booking approvals protect your most in-demand people

Benefits

• See the big picture—who's free, who's busy and who's off
• Reports give insight into the health of your business
• Become more profitable due to increased efficiency
• Allocate time off in the context of other work
• Collaborate with the whole team with granular access permissions
• View change history with the activity log
• See your bookings on the move with mobile friendly schedule
• Clash management means nobody gets overbooked
• Boost team morale when everyone knows what they're working on
• View bookings alongside other events with calendar integrations

£1.67 to £9.61 a unit a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at percy@resourceguruapp.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

844062403730508

Contact

Percy Stilwell
+44 203 608 3047
percy@resourceguruapp.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: The software requires an internet connection to use. There is no offline installation option or capability.
• System requirements: Up to date Google Chrome, Microsoft Edge, Firefox or Safari

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We always try to respond within 24 hours. Response times are normally quicker than that. Priority support is available
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Our support is email based and can be accessed via happytohelp@resourceguruapp.com; We also have an extensive help centre at https://help.resourceguruapp.com/en/; ; Phone support is included in our Master plan
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: After signing up or accepting an invitation, users will see a series of onboarding popups, and receive a series of emails.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Data can be exported in JSON form at any time by using the documented API endpoints. Event and availability data can be exported to CSV and XLSX through the reports section for accounts on the Blackbelt and Master plans.
• End-of-contract process: Once an account is suspended, either for cancellation or non-payment, access is completely suspended.; ; Data is held in our live database for 60 days after cancellation, and 180 days after non-payment during which time an account could be reinstated and data recovered.; ; Data recovery after cancellation or suspension may incur a fee depending on the engineering effort involved. After our backup retention period lapses, data is permanently deleted and cannot be recovered.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The mobile service is accessed through the web browser, and the mobile web interface has been designed to be accessible on mobile phone and tablet devices. The schedule and reports are better accessed on desktop as the larger display and mouse allows for a richer user experience.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Resource Guru's application is built using the same API as is published and accessible through OAuth2. All user facing functions are available through the API once authenticated.; ; The API has a 200 request per minute rate limit.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Custom fields can be applied to People / Resources and Bookings. This can be controlled through the Settings page by an account administrator.; ; Availability can be customised per account, or per person/resource.

Scaling

• Independence of resources: The application is hosted in a scalable environment on Google Cloud Platform that allows us to rapidly scale up and down to meet demand.; ; We impose per-user rate limits to prevent any one user from putting unreasonable demand on the system. We have continuous monitoring and alerting on application performance and page appropriate team members if thresholds are exceeded.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported using the API in JSON form. Blackbelt and Master customers can export booking, time off, and availability data through the reports into a CSV or XLSX format.
• Data export formats:
  • CSV
  • Other
• Other data export formats: JSON
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We don't provide an SLA for uptime, but our uptime is monitored independently by pingdom and is typically over 99.99% per year. http://stats.pingdom.com/06usbq9nsjgl/1186322
• Approach to resilience: Services are hosted in Google Cloud Platform to provide a scalable, resilient service. Where possible, services are deployed in a highly available configuration and data is stored redundantly across multiple availability zones.
• Outage reporting: Uptime and outages are monitored by Pingdom at http://stats.pingdom.com/06usbq9nsjgl/1186322; ; If an unplanned outage occurs, it is posted on X at https://twitter.com/resourceguruapp

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Multifactor authentication is required where available (e.g. Front). Where not possible, a strong password is required (long, automatically generated, including symbols, numbers, upper and lower case letters).; ; SSH public/private keys are used for server connections.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We are working towards a SOC 2 Type II certification. Many controls are already met and are managed through an automated platform.
• Information security policies and processes: All personnel are required to accept and follow our Information Security Policy. Specific personnel such as engineers or customer support staff are required to accept and follow supplemental policies such as our Data Protection Policy, and Data Deletion Policy. Each policy has a responsible owner (typically the CEO, and CTO) who are responsible for ensuring the policies are followed.; ; The Information Security Policy is a set of rules, policies and procedures designed to ensure all users and networks within the company meet minimum IT security and data protection security requirements.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Configuration is primarily managed as code as Kubernetes configuration objects. These are version controlled using Git, and changes to these objects are applied through GitHub Actions.; ; Changes to configuration, or to application code are required to go through a review and testing process before being deployed to production. Automated tests run on each build to assess for bugs, poor coding practices, security vulnerabilities, and vulnerable dependencies. These tests are required to pass, and an approval must be given by a second engineer before a change can be deployed.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We have automated and manual vulnerability management processes. Each codebase is scanned for vulnerable dependencies on each build using tools such as npm-audit and bundle-audit.; ; Weekly automated penetration tests are run on the application using Detectify.; ; Annual penetration tests are run by an accredited external provider.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: In our multi-tenant architecture, all data is associated to a specific account_id. Any attempt at compromising that is logged and we have monitoring for access attempts.; ; The response to a potential compromise depends on the nature of the compromise, but would typically involve immediately cutting access off to the vulnerable service until the service can be patched, and following our internal procedures regarding a data breach.; ; Our response time to a compromise incident would be immediate, and all appropriate people would be paged and involved immediately.
• Incident management type: Supplier-defined controls
• Incident management approach: Common events such consecutive failed login attempts are handled through automated processes.; ; We have a defined process for managing a security incident.; ; An incident can be reported to Resource Guru at happytohelp@resourceguruapp.com. Should a user want to encrypt their message, a PGP key is available on request.; ; A data breach security incident will be reported to customers as part of our incident response policy.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  Our central philosophy is to promote work life balance by respecting employees working hours and managing everyones time more efficiently. So much so that our blog is called Work/Life.

Pricing

• Price: £1.67 to £9.61 a unit a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: A fully functional 30 day free trial
• Link to free trial: https://app.resourceguruapp.com/signup

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at percy@resourceguruapp.com. Tell them what format you need. It will help if you say what assistive technology you use.