Thomson Reuters

BigRedSky

BigRedSky is an innovative provider of recruitment software, supplying applicant tracking and onboarding solutions to the public sector. BigRedSky supplies the entire Western Australian Government, and has the backing of Thomson Reuters, one of the largest AI and technology companies, empowering professionals with trusted content and workflow automation solutions.

Features

• Interview Scheduler
• Redeployment
• Intuitive Hiring Manager Portal
• Ability to capture hiring manager feedback without system access
• Advanced Reporting Warehouse including automated selection reports and dashboards
• Blind recruitment and full D&I metrics
• Contextual recruitment functionality
• Pool vacancy functionality
• KPI Tracking
• Talent Pool Searching and bespoke flagging

Benefits

• Engage hiring managers and capture feedback more easily
• Reduce administrative workload for recruitment teams
• Improve D&I capture and make metrics easily accessible
• Contextualise applications incorporating social mobility and personal background factors
• Improve the on-boarding, off-boarding, and redeployment experience and management

£4,000 an instance a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at joanne.fowler@thomsonreuters.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

926748700014392

Contact

Joanne Fowler
07990563250
joanne.fowler@thomsonreuters.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: There are no constraints or specific hardware configurations. The price paid includes all support and maintenance upgrades. BigRedSky is highly configurable but Thomson Reuters does not permit any code changes to the system.
• System requirements:
  • Modern web browser
  • Use of the system requires access to the internet
  • A computer or mobile internet enabled device

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Target response time is 2 hours, 8-6pm Mon-Fri.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: 24 x 7 emergency technical support; Helpdesk user support; Named account manager
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: On-boarding is a simple process - there is no desktop software to install. Full training to standard and admin users is provided during implementation which typically takes 2 hours per group. There is also a comprehensive online knowledge base, and contextual help within the system. Additionally, our support team is available to help with any user questions.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: On completion of the contract, data will be returned to the buyer in ZIP files. There is no additional cost associated with this.
• End-of-contract process: After contract end and return of data via ZIP file at a mutually agreed date all data will be deleted from the BigRedSky system.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The applicant side is responsive and is optimised for mobile. In addition some hiring manager aspects are mobile optimised e.g. interview feedback questionairres.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: Custom branding can be applied at system and site level including the URL, visual appearance of the applicant side user interface, vacancy adverts, and system generated emails.; ; The system itself is also highly configurable allowing users to take full control including vacancy templates, interview feedback forms, application forms, applicant questionnaiires, interview panels, user administration, recruitment processes, communication templates, automation etc.

Scaling

• Independence of resources: BigRedSky utilises the Amazon Relational Database Service (RDS). It is a collection of managed services that makes it simple to set up, run, and scale databases in the cloud. Amazon EFS cloud storage service provided by Amazon Web Services (AWS) is designed to provide scalable, elastic, concurrent with restrictions, and encrypted file storage for use with both AWS cloud services and on-premises resources. Amazon EFS is able to grow and shrink automatically as files are added and removed.

Analytics

• Service usage metrics: Yes
• Metrics types: Recruitment and on-boarding metrics e.g. time to hire, cost per hire, source effectiveness, D&I and contextual aggregate reports, vacancy and application metrics, user actions, agency success metrics, process feedback. ; ; Users can create their own reports and dashboards using drag and drop functionality to build tables, then drag these tables into visual dashboards which can be viewed on screen or subscribed to via email.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: AWS provides the tools for you to create an encrypted file system that encrypts all of your data and metadata at rest using an industry standard AES-256 encryption algorithm.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported to Excel and/or PDF individually or in bulk. Users with the necessary access rights are also able to create their own visual dashboards (real time or historical) from drag and drop reporting tables, to be viewed onscreen and/or subscribing to these dashboards.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: There is a guaranteed availability of 99.5%. Customers procuring Extended Service levels can incorporate service guarantees.
• Approach to resilience: BigRedSky is hosted in Amazon Web Services UK. Further information is available on the AWS website.; AWS has made significant investments in building and running the world’s most resilient cloud. We have designed a unique and highly available global infrastructure, built safeguards into our service design and deployment mechanisms, and instilled resilience into our operational culture.
• Outage reporting: Email, SMS, user dashboard notifications, job board notifications

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Other user authentication: Azure Active Directory Single Sign On
• Access restrictions in management interfaces and support channels: Strong password and username authentication. Two factor authentication using phone number.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: MSECB
• ISO/IEC 27001 accreditation date: 28/09/2023
• What the ISO/IEC 27001 doesn’t cover: All ISO27001 controls are declared in scope of the Statement of Applicability (SOA).
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 22/11/2023
• CSA STAR certification level: Level 3: CSA STAR Certification
• What the CSA STAR doesn’t cover: All controls are declared in scope.
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We are committed to our information security Risk Management Program and our charter is approved by the Executive Committee. We have an extended team of certified security and privacy subject matter experts located globally and dedicated to the security of our products and services. Our information security policies and standards are aligned to an international standard to provide assurance globally of practices that ensure confidentiality, integrity and availability of our products and services. At a high level the following teams report into the Chief Information Security Officer (CISO): Strategy & Governance, Security Operations Centre, Business Continuity & Compliance, Enterprise Security Services, Architecture & Engineering. The CISO reports into Chief Technology Officer who in turn reports directly to the Chief Executive.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All customers are on a continuous upgrade path and always have access to the latest system version. Release notes are available on the system and product feature announcements are issued via dedicated account managers and newsletters. The product team follow the Microsoft Security Development Lifecycle and perform impact assessments when considering changes to the software. Possible impact to security of the system is assessed with each change. All changes go through extensive quality assurance cycles before release. Following modern IT principles for service management customers are not responsible for undertaking testing, approving system changes, change management or release management.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Managed under ISMS IT Security Policy and independently certified under ISO27001. BigRedSky uses the Amazon Web Services, which includes vulnerability management capability.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Managed under ISMS IT Security Policy and independently certified under ISO27001. BigRedSky uses Amazon Web Services, which includes protective monitoring.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Pre-defined incident processes have been agreed with customers, which are governed by the ISMS framework under ISO27001

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  In 2020, Thomson Reuters joined the Science Based Targets initiative, committing to reduce Scope 1 & 2 greenhouse gas (GHG) emissions by 50% by 2030 from 2018 baseline levels, as well ; as reducing absolute Scope 3 GHG emissions from fuel and energy-related activities, business travel, and employee commuting by 25% by 2025 from 2019 baseline levels. Additionally, Thomson ; Reuters aims to require 65% of suppliers by spend to have Science Based Targets by 2025. Since 2021, we have sourced renewable energy for 100% of our operations. We have achieved this largely through the purchase of renewable power by matching our electricity usage with renewable energy credits acquired around the world.; Largely through investment in renewable power for our facilities, we’ve been able to drive more than a 93% reduction in Scope 1 &2 GHG emissions from our 2018 baseline. To date, business travel ; emissions are 66% lower than our 2019 baseline and we have made progress on our engagement target with our supply chain, with 32.5% of suppliers by spend committed to Science Based ; Targets. In addition to the switch to renewable energy, Thomson Reuters remains carbon neutral through offsetting the remaining portion of its GHG footprint through carbon offsets. We spent ; an average of 8% of our total US-based spend with diverse suppliers and our commitment is to maintain this for 2023 despite macroeconomic pressures and inflation impact. We continue to ; refine our procurement process to incentivise working with suppliers who share our commitment to sustainability.

  Covid-19 recovery

  In 2020, the global COVID-19 pandemic created unprecedented health risks to our employees, customers and suppliers, and containment measures intended to mitigate the impact of the pandemic resulted in global economic crisis and uncertainty. In response to the pandemic, we immediately transitioned most of our staff to a virtual work environment. At the same time, we worked with; our approximately 500,000 customers to ensure continued access to our products and services. Thomson Reuters developed a Small Business COVID-19 Resource Center to support our legal, tax, compliance, and government professionals as they navigated this difficult period. We still continue to provide this support and we provide authoritative guidance on everything from best practices on proper treatment of stimulus payments in tax filings to important legal resources, the Resource Center was and continues to be a critical information hub for those who need it most.

  Tackling economic inequality

  In support of diverse and minority-owned small businesses, Thomson Reuters partners with CVM, a supplier.io company, which has a proprietary database of nearly 1 million diverse and small businesses. CVM’s database is used by many Fortune 500 companies when they are looking for qualified diverse and small suppliers to consider for purchasing opportunities.; Together with the launch of our Supplier Diversity & Sustainability Program, we have equipped our team of Sourcing Managers and Buyers with the necessary tools for them to incorporate Diverse Suppliers into most of our competitive bid processes (RFI/RFP/RFQs) so that we greatly increase their opportunities to win our business.; We have also changed our tendering process to ensure that suppliers which comply with specific sustainability and diversity measures will have additional weight in our evaluation methodology, increasing their likelihood of being successful in the tender.; Thomson Reuters is committed to providing opportunities for diverse and sustainable businesses to prosper, by actively engaging suppliers that help us address the diverse needs of the global marketplace, and by promoting financial inclusion practices for the benefit of minority groups.; We expect companies seeking to do business with Thomson Reuters to demonstrate that the goods and services they provide to us come from sources that share and are committed to our values, such that their business practices are consistent with the needs and expectations of our customers, investors, and the global community we serve.

  Equal opportunity

  In 2022/23, we continued to increase the representation of racially/ethnically diverse talent in senior leadership. Racially/ethnically diverse representation in senior leadership increased by 2% year-over-year and the number of Black employees in senior leadership increased by one year-over year. We have successfully increased Black senior executive hiring as a result of focused efforts to establish relationships with senior Black talent and achieving diverse candidate slates for executive recruitment. we continue to focused actions to support growth and improve retention include highlighting Black high potential talent in CEO talent reviews, stay interviews, career coaching and opportunity matching, and mentorship by executive team members. Recruiting diverse talent, of course, is just part of the equation. We also need to make sure we’re doing everything we can to accelerate the ; careers of people from diverse backgrounds once they’re here, by exposing them to differentiated development opportunities and sponsorship. ; This year, we did that by expanding our Diverse Talent Academy program, in partnership with McKinsey, to equip our future leaders ; with the skills, peer networks, and sponsorship to achieve their aspirations and grow within Thomson Reuters. ; With specific Academies focused on Hispanic/Latino, Black, and Asian talent, the program reached over 200 racial and ethnically diverse colleagues across the company, more than doubling its reach and impact from the previous year.

  Wellbeing

  At Thomson Reuters, the impact of the pandemic has motivated us to expand our efforts in employee wellbeing. Since 2022 we have rolled out new initiatives and commitments. On May 2 and October 25, we’re encouraging all our employees to take a break These mental health days are now a permanent feature of our commitment to supporting employee wellbeing. Technology is helping us deliver mental health supports and we’re investing in the tools our people need to assess their mental health and to support their team members, and families. We have launched new psychological and resilience self-assessment tools to help employees identify their strengths and risks and develop individualised strategies. Using the Headspace app, we introduced a 14-day mindfulness challenge which can include activities ranging from mini meditation in the morning to breathing exercises before bed.; When dealing with mental health and wellbeing at work, it’s critical to create safe spaces for important conversations, learning and sharing without judgement. To support our people leaders in creating safe spaces to talk about mental health, we have launched a mental health playbook – a resource guide for addressing mental health concerns with their colleagues. Other tools we’ve introduced include an extensive series of live and on-demand webinars for people managers and employees on topics such as on meditation, suicide prevention, change and anxiety and resilience.; While a company can create programs and provide tools for their employees, modelling behaviour is essential. We encourage all our executives and people leaders to speak out on issues of mental health and wellbeing to help break the stigma. It’s important as leaders that we let our people know that it’s okay to say you’re not okay.; We’re on a journey to being a global leader in wellbeing, and our work has only just begun.

Pricing

• Price: £4,000 an instance a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at joanne.fowler@thomsonreuters.com. Tell them what format you need. It will help if you say what assistive technology you use.