Elsevier

Digital Commons Institutional Repository

Digital Commons provides repository software for collecting, publishing, and openly showcasing institutional content, including articles, books, images, journals, events, video, and other content types.

Features

• Robust data model that supports multiple content types
• Interoperable solution designed to integrate with other systems
• Modular, customizable design, covering the full spectrum of institutional content
• Configurable workflows support multiple use cases, including journal peer-review process
• Role-based access control to manage user permissions
• Search across a single instance or all Digital Commons instances
• Reports and dashboards for all content
• Content eligible for inclusion in Digital Commons Network, other resources
• Fully hosted and supported, with unlimited cloud storage

Benefits

• Openly publish and showcase the full spectrum of institution’s research
• Increase visibility of institution through excellent SEO and discoverability
• Track and share impact with stakeholders on and off campus
• Manage entire peer-review process from submission to publication
• Natively stream multi-media files
• Promote faculty and their expertise with profiles and expert galleries
• Showcase content in flexible, attractive modules
• Unlimited support from designated Consultant
• See real-time traffic with live download map
• Preserve and access content anytime in Amazon S3

£16,849 to £77,588 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at v.mahi@elsevier.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

979784953403422

Contact

Vinod Mahi
+44 7881 002595
v.mahi@elsevier.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Hybrid cloud
• Service constraints: Any maintenance is done during low usage times. There are no constraints on the amount of support, storage space, number of items or structures.
• System requirements:
  • Internet connectivity
  • Up to date supported browser: Microsoft Edge, Firefox, Chrome, Safari

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Turnaround time for customer inquiries is 24-48 business hours. In some cases, this can be longer when you take into account different geographies’ time zones and work weeks. Depending on the issue, the actual resolution to your request can take longer. Our support team will keep you up to date on the status of your request.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: We provide unlimited support for all customers. Each customer has an assigned consultant that works with them. Our support team is based in the US but has extended hours.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Upon agreement execution, a designated consulting services representative is assigned who will guide you through every step of the implementation and launch process. Initial training during implementation starts with a 1.5-hour session to orient your team on the design process for your Digital Commons site. The next training session focuses on the administrative side of Digital Commons and provides a “sand box” for staff to experiment with the system, the submission process, reviewing submissions and publishing content.; ; After implementation, your Consulting Services representative is available to schedule trainings with any number of users, administrators, and groups, as often as needed. We have documentation available online, including video tutorials. Note that this is not meant to replace frequent and direct contact with your support representative. ; ; Since training via web, email, and phone is unlimited, your Consultant will work with your team to establish what is needed for you, and the length and amount of training that makes sure that your team is confident with using Digital Commons.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: Streaming video
• End-of-contract data extraction: Once their contract ends, a customer can either have their metadata and files delivered to them or they can download them from their bepress Archive in Amazon S3.
• End-of-contract process: Once your contract with Elsevier comes to an end, we will a define a project schedule for the export of your data. The project will include the following tasks and milestones:; • Repository frozen: To begin the data export process, the repository must be frozen and no further changes to datasets applied. Elsevier and your institution will agree on a suitable grace period of up to six months to allow data depositors to complete their work. You are responsible for informing your users in time that the repository will be decommissioned.; • Complete moderation: Once the repository is frozen, the only changes that can be applied are the moderation or rejection of any datasets in the moderation queue. ; • Export of published and draft dataset metadata: Once moderation is complete, a customer can either have their metadata and files delivered to them or they can download them from their bepress Archive in S3. ; • De-commissioning: Once datasets are exported, the repository can be decommissioned. Elsevier will execute the export and the Customer will verify that all datasets have been successfully exported. Elsevier will provide documentation about the metadata schema and so the Customer can import datasets into their new repository.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Digital Commons platform is optimized for all devices: desktop computers, tablets and smartphones, including streaming content.; ; Digital Commons does not use Responsive design or a mobile app at this time, but we are always developing new features using new technology.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Customers access Digital Commons in a web browser. They require credentials from their institution to log in. Institutions can control what content is displayed internally and externally on their Digital Commons.
• Accessibility standards: None or don’t know
• Description of accessibility: Digital Commons aims to meet or exceed WCAG 2.1 Level AA. Conformance ratings for – and points of exception – are documented in the VPAT.; ; Relevant details:; - UI is simple and consistent.; ; - Users can locate pages and content in multiple ways.; ; - Most controls and features are keyboard operable; focus order is largely logical. Keyboard operability of complex interfaces could be improved. ; ; - Most components feature accessible names, roles, values. Complex fields in submission forms could be improved for AT use.; ; - Input errors are generally identified and well described.; ; - Color contrast meets WCAG Level AA minimums.
• Accessibility testing: The Digital Accessibility Team has coordinated user testing with people with disabilities for Elsevier products, including a session for Digital Commons with a screen reader user who is blind. The Digital Commons team has also met directly with customers and users on (recorded) feedback sessions and discussions – including a recent demonstration of the use of JAWS with the submission form.; ; The Digital Accessibility Team conducts periodic assessments of Digital Commons against WCAG 2.1 AA using manual and automated testing tools – manual methods include hands-on keyboard testing and the use of assistive technology such as screen readers, navigating pages with styles disabled or at different zoom levels, and utilizing accessibility bookmarklets and scripts. The team has formal expertise in conformance testing procedures, including specialists with DHS Trusted Tester and IAAP WAS certifications. For Digital Commons and other products, specific considerations for users of assistive technology are noted under several criteria in the VPAT produced from these assessments.; ; Digital Commons aims to meet or exceed WCAG 2.1 Level AA and maintains its own Accessibility Statement. Conformance ratings for each Success Criterion – and points of exception – are documented in the current VPAT.
• API: Yes
• What users can and can't do using the API: Web services are used to access Digital Commons programmatically in read mode. All Digital Commons metadata is available via the API, as well as via the user interface. Digital Commons contains two open interfaces: REST (read) and OAI-PMH (read). The REST API uses JSON, while OAI-PMH uses XML. Access is controlled using access tokens. To set up the APIs, users contact their Consultant for API key, security token, and instructions. Using this information, a client application can authenticate and obtain an access token on behalf of a user. The OAI-PMH API is publicly available and is used to harvest metadata.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Digital Commons is a modular platform that helps institutions manage and showcase their institutional content. A full Digital Commons subscription provides access to all modules (journals, books, events, image galleries, etc.); a publishing subscription provides access to the journal module. Each module has its own customisation options. For example: in the journals structure, you can customize metadata templates, peer-review workflows, branding and URLs for the journal's public page. Customisations are done on an ongoing basis as new needs arise.

Scaling

• Independence of resources: Digital Commons customers using our standard hosting infrastructure have their own unique credentials. Our standard hosting offers customers reliable, scalable, and inexpensive cloud computing services via Amazon Web Services.

Analytics

• Service usage metrics: Yes
• Metrics types: The system captures data around usage of Digital Commons content, including downloads, pageviews, which geographic locations and organizations are downloading which content, referrals, as well as uploads via a dashboard. The data can be filtered by collection, item, date range, discipline, and other parameters. Data can be exported from the dashboard in Excel format. Additionally, metrics are available on the front end of Digital Commons via live download maps, downloads for each article, and Plum prints.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Customers can export their data in their original formats using bepress Archive, or ask for their data to be delivered to them in its original format. Some data (e.g. usage reports) can be exported in Excel. Metadata can also be exported by OAI-PMH or the bepress Outbound API.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • Excel
  • XML
  • JSON
  • Uploaded files are exported in their original format
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • Any file format is accepted.
  • This includes .docx, .pdf, .xlsx, .mp4, .mp3, .gif, .jpg
  • And any other file format.

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Digital Commons does not offer a product SLA, but we are happy to provide documentation that affirms our top-tier level of service and protocols.; ; Implementation Plan: We can provide you with a sample implementation, if desired. Unlike an SLA which is very broad, we provide Premier-level clients with a plan that is tailored to the you and incorporates your customer success criteria, specified prior to sale.; ; Services Agreement: Our 95% customer satisfaction rate means a client should never have to worry about this, but as an added safeguard, the Services Agreement includes a breach clause. Sections 5d and 5e affirm that in the event that a material breach is not resolved in 30 days, the client may terminate and receive a pro-rated refund.
• Approach to resilience: Elsevier implements appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including: • Encryption of personal data; • Ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; • Ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; • Processes for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
• Outage reporting: The current operational status, status details, and maintenance is available at https://digitalcommons.elsevier.com/en_US/status.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Username or password
  • Other
• Other user authentication: Digital Commons also supports federated identity solutions, including LDAP and CAS.; ; Anyone administering the system has to be authenticated, but openly available content published to the front end does not require a login or any authentication to access.
• Access restrictions in management interfaces and support channels: Only authorised Elsevier employees can access the server infrastructure. All access control is reviewed regularly, and system access is audited. No employee has permanent access to application level data; temporary access is allocated on an individual’s “need to know,” as determined by job functions and requirements. Authorised Elsevier employees access customer environments via two-factor authentication. We maintain a full audit trail of Elsevier staff logins to customer environments and review this log regularly.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: SGS United Kingdom Ltd
• ISO/IEC 27001 accreditation date: 9/8/2023
• What the ISO/IEC 27001 doesn’t cover: We hold 27001:2013 Certification. The Information Security Management System (ISMS) provides the management of information security arrangements and activities that support the delivery of information services for Institutional Products and Clinical Solutions globally.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Elsevier has implemented policies, standards, and guidelines aligned with ISO 27001 domains that govern data access, protection, transport, restriction, retention, deletion, and classification. Policies, standards, and guidelines are reviewed and updated regularly.; ; Elsevier maintains a dedicated Information Security and Data Protection (ISDP) organization, headed by our Chief Information Security Officer (CISO). Elsevier security staff members have multiple years of experience in the industry and possess industry best practice certifications such as the Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Privacy Professional (CIPP), Certified Ethical Hacker (CEH) and multiple Global Information Assurance Certifications.; ; Elsevier employees receive regular data privacy and security awareness training. We equip employees with the knowledge to understand, identify and mitigate security risks by providing role-based secure application development training, phishing simulation tests and privacy and security campaigns.; ; A robust and detailed audit program is in operation to review and test policies, standards, guidelines and controls to assess their effectiveness. This audit program is based on the SSAE 16 and includes in-house and third-party audits as well as independent assessments.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our change management process follows best industry practices.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Services, processes, and technology are implemented to execute internal and external vulnerability scans to identify new application and system vulnerabilities. Identified risks are assessed for their potential impact along with determining appropriate response and remediation actions. We use a combination of network security testing, application security testing, application code review, and penetration testing to assess our information security program, and enhance it appropriately.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Elsevier’s Information Security and Data Protection (ISDP) team continuously monitor and respond 24/7 to security events. The ISDP team will assess any identified risks for their potential impact and determine the appropriate response and remediation actions. To ensure monitoring is as thorough as possible, Elsevier uses a combination of automated and manual solutions to inspect applications and identify any vulnerabilities that require remediation.
• Incident management type: Supplier-defined controls
• Incident management approach: Elsevier manages incidents using a well-established Security Incident Response process. This process covers all security incidents, including hacker, denial of service, lost asset and virus/worm incidents. When an incident occurs, it is promptly handled by our dedicated Information Security & Data Protection team. They will restore service as soon as possible, determine the cause of the incident, and take appropriate steps to prevent future incidents. Elsevier’s incident response and notification policy sets out how users are notified in the event of information being compromised. We conduct security incident disclosures in compliance with all appropriate regulatory policies and applicable statutory guidelines.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Implementation of Digital Commons, as an AWS-hosted product, can influence environmental protection and improvement. We use Amazon Web Services (AWS) for web hosting. For details on their commitment to sustainability in the cloud, see https://sustainability.aboutamazon.com/environment/the-cloud?energyType=true.; With different initiatives – such as renewable energy projects, energy efficiency in scale, and water stewardship – AWS enables effective stewardship of the environment in a variety of ways. Using an AWS-hosted, cloud-based product can be an energy-efficient and more environmentally friendly choice than a standard self-hosted product.; We also are mindful of emissions during implementation from travel. When possible, we connect remotely rather than traveling to your location for meetings and training during implementation. In our own operations (including business travel), our emissions were net zero in 2021 through a combination of reduced emissions and the purchase of renewable energy and renewable energy certificates, with the balance offset through Verified Carbon Standard (VCS) credits in a REDD+ carbon sequestration project. Our parent company, RELX, supports global efforts to mitigate climate change through the rapid reduction of greenhouse gas emissions, aiming to achieve net zero emissions by 2040. Also see https://sdgresources.relx.com.

  Equal opportunity

  RELX is committed to providing an inclusive, fair and equitable workplace; where all employees are respected and valued, and have equal opportunities. ; ; Inclusion is important to our future. We need the contributions of people from a wide range of backgrounds, experiences and ideas to achieve real innovation for our customers. ; This means: ; • Creating a positive and supportive working environment for all employees ; • Recognising and valuing individual differences and supporting the participation of all team members ; • Promoting the diversity of our workforce ; • Responding to changing work patterns, by providing flexible working where appropriate ; ; We are an equal opportunity employer, committed to treating all employees and applicants for employment with respect and dignity, and we prohibit discrimination. We recruit, train, develop, promote, and provide conditions of employment without regard to race, colour, creed, religion, national origin, gender, gender identity or expression, sexual orientation, marital status, age, disability, or any other characteristic protected by law. We regularly review our policies and practices in the areas of recruitment, development, promotion and reward to ensure we provide fair and equitable opportunities. ; ; We will meet our inclusion goals through: ; • Selecting candidates for employment, promotion, training, or any other benefit based on ability ; • Monitoring inclusion and diversity data (including diversity and pay data) ; • Training (e.g. inclusive leadership development programme for managers; unconscious bias training) ; • Sponsorship and mentoring (e.g. Women in Tech mentoring programme) ; • Encouraging inclusion networks (e.g. Employee Resource Groups focused on gender, ethnicity, etc.) ; • Regularly reviewing our employment practices and procedures ; • Maintaining good governance for, and communication on, inclusion ; ; The inclusion and diversity practices of our suppliers are important to us. Our Supplier Code of Conduct includes a non-discrimination clause. Our Supplier Inclusion and Diversity Program is designed to encourage the development of Diverse Suppliers.

  Wellbeing

  Staff health and well-being is important to us. We offer opportunities for our employees to create an inclusive, engaged and agile global workforce focused on innovation. Together, we create possibilities.; Networking and engagement; Within Elsevier, we have a variety of groups and opportunities for employees to connect and form strong relationships.; • Employee resource groups: ERGs offer a platform for employees to share their experiences, connect with colleagues who share similar backgrounds or interests, strengthen allyship and provide opportunities for professional development and growth.; • Finding purposeful work: All Elsevier employees contribute to the fulfilling mission of helping researchers and healthcare professionals make breakthrough discoveries that change the world.; • Career growth: We encourage employees to choose their own path and shape their own unique career. We encourage a coaching environment and provide best in class training programs.; • Strong working relationships: Elsevier employees work in an inclusive hybrid environment, and we embrace diverse teams. With a mission of advancing science and improving lives, our employees are an integral part of something that truly matters.; Benefits; Elsevier offers flexible working conditions and compensation that reflect your excellence and our high standards. We value our employees’ time and encourage our colleagues to pursue a full and interesting life outside of work.

Pricing

• Price: £16,849 to £77,588 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at v.mahi@elsevier.com. Tell them what format you need. It will help if you say what assistive technology you use.