Allocate OneView
Allocate OneView is an organisational and resource management solution. It enables maximum effectiveness of skilled personnel, assets and surety of compliance in complex and diverse environments. Our customers exploit it to ensure that resources are applied with maximum efficiency in the right place and at the right time.
Features
- Manages multi-skilled workforce competencies, training requirements and qualifications
- Enables collaborative Workforce Management, Deployment, Compliance and Business Planning
- SaaS application providing scalability and flexibility with self-service capability
- Provides a single central database for global visibility
- Interfaces with leading HR and ERP solutions
- Accurate forecast of resource demand across key business areas
- Faster informed decision-making - personnel efficiencies and planning activities
- Sophisticated security levels to control user access to data
- Consistent, accurate Management Information at all times
- Effective operational cost management and changes to workforce optimisation
Benefits
- Removes duplicative effort, reducing administrative costs therefore increasing profitability
- Competence management and alerts minimises risk, ensuring regulatory compliance
- Accurately generating information to vary resource demand over time
- Highlights current/future critical issues allowing timely, cost-effective remedial action
- Provides personnel and planning efficiencies through faster informed decision-making
- Sophisticated audit trail provides evidence aiding regulatory requirements compliance
- Cross-organisational collaboration – including personnel, logistics, HR, Health Safety, Security
- Eliminating paper-based manual processes – reducing administration, optimising internal resources
- Early identification of training requirements reducing time lost on projects
- Operational success through comprehensive, strategic personnel planning and optimisation
Pricing
£19,473.05 to £171,141.61 a licence a year
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
9 8 3 9 6 9 4 3 7 9 8 1 8 9 0
Contact
Allocate Software Limited
UK Sales
Telephone: +44 (0)20 7355 5555
Email: bid.manager@rldatix.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- HR and logistic planning via interfaces.
- Cloud deployment model
- Private cloud
- Service constraints
-
Allocate will normally perform Scheduled Maintenance activities during Out of Hours.
Emergency Maintenance may be required as a result of identifying a problem through on-going monitoring and management that could potentially cause an outage or failure of the SaaS Services. Allocate will use reasonable endeavours to provide the Customer advance notification if possible and manage such Emergency Maintenance in such a way as to minimise impact on the Customer's operations.
Emergency Maintenance may be conducted at any time.
Second line support provided during normal working hours and outside public holidays. The support team requires visibility of configuration. - System requirements
- Please see Service Definition for full details.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- There is a minimum response time of 1 working hour and a maximum response time of 4 working hours. Working hours are 9am-5.30pm except UK public holidays and weekends.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Support levels are set out in the attached SLA. The support levels and resolution targets are:
- Severity (1) is Cloud Infrastructure service down – response 1 hour, resolution 4 hours
- Severity (2) is Cloud Infrastructure service seriously degraded – response 1 hour, resolution 8 hours
- Severity (3) is Cloud Infrastructure service impaired - response 1 business day, resolution 4 business days
- Severity (4) is Cloud Infrastructure service not affected- response 1 business day, resolution within 10 business
All Resolution Times shall be measured from the time and date of the logging of the relevant Incident. In the case of an Incident reported Out of Hours, the Incident shall be measured from the start of the next period of Service Desk Support unless the incident is Severity 1, when it shall be measured from the point of first response. - Support available to third parties
- No
Onboarding and offboarding
- Getting started
- We provide onsite training and online training according to customer requirements. Documentation is standard.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- We will provide on request an extract of data in accordance with our standard terms and conditions and certify deletion where required using HMG approved data destruction tools.
- End-of-contract process
- All system data remains the property of the customer and shall be returned (at the request of the customer) on expiry or termination of the agreement in a standard data format (e.g. SQL).
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- There is no difference to end-users between mobile devices and workstations.
- Service interface
- No
- User support accessibility
- None or don’t know
- API
- Yes
- What users can and can't do using the API
- The API is for data loading and data export purposes.
- API documentation
- Yes
- API documentation formats
- API sandbox or test environment
- Yes
- Customisation available
- No
Scaling
- Independence of resources
- At setup user resource requirements are determined and configured accordingly. Usage is managed though load balancing and monitoring. Hosting is on an elastic cloud basis and additional resources can be provisioned for peak loads or as required. Those users having high levels of usage may be provided with discrete servers. Additional switches can be provided at cost.
Analytics
- Service usage metrics
- Yes
- Metrics types
- OneView tracks usage in terms of server metrics (CPU, disk, network) and at an application usage level via Splunk. These are monitored continuously to ensure performance and to guide application development. There is a real time register with RAG indicators showing the number of transactional items queued in the process. These items relate to individual user usage and can be aggregated on demand.
- Reporting types
- Real-time dashboards
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
- Physical access control, complying with SSAE-16 / ISAE 3402
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Using Microsoft Office tools.
- Data export formats
- Other
- Other data export formats
-
- Microsoft Excel
- Microsoft Word
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- Private network or public sector network
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
99.8%
Actual Service Availability is calculated as follows:
Service Availability = Operational Time – service Downtime x 100 % /
Operational Time - Approach to resilience
- Datacentre resilience is available on request.
- Outage reporting
- In the event of an outage or failure of the service, we will endeavour to provide the Customer advance notification if possible and be managed in such a way as to have minimum impact on the Customer's operations via email.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
-
Access to the Cloud is controlled by means of individual user log-ins and Passwords through Infrastructure Manager/ Operations Administrators.
Access to client and Operations software is controlled by log-in and Password, given only to users needing to work on respective packages; their level of access is controlled by permissions in log-in identities.
Managers limit user rights to those necessary for efficient working. All systems are monitored, recording log-in attempts, failures, successful log-ins and changes.
Remote access to the Cloud is addressed in the Remote Access and Mobile Computing Policy. No third party has any access rights to the Organisation's networks. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- DNV GL
- ISO/IEC 27001 accreditation date
- 04/12/19
- What the ISO/IEC 27001 doesn’t cover
- N/A
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- CSA CCM version 3.0
- ISO/IEC 27001
- Other
- Other security governance standards
- Cyber Essentials
- Information security policies and processes
-
The Information Security Policy of the Company is designed in accordance with ISO27001 and GDPR to ensure that:
*The confidentiality, integrity and availability of information will be maintained at all times.
*All regulatory and legislative requirements are met and reviewed regularly
*Business continuity plans are in place and regularly maintained
*All breaches of security must be reported by employees and investigated by a Senior Member of the Management team and any necessary action taken.
This policy has been approved by the Senior Management Team and all managers are responsible for implementing the policy in their business area and ensuring adherence to the policy by their staff.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- New items are subject to penetration testing.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
Allocate monitor for known vulnerabilities and act to mitigate:
*‘Critical’ patches deployed within 14 calendar days of a patch becoming available
*‘Important’ patches deployed within 30 calendar days of a patch becoming available
*‘Other’ patches deployed within 90 calendar days of a patch becoming available
*'Critical’, ‘Important’ and ‘Other’ are aligned to the following common vulnerability scoring systems:
National Vulnerability Database Vulnerability Severity ratings: ‘High’, ‘Medium’ and ‘Low’ respectively (these in turn are aligned to CVSS scores as set out by NIST)
Microsoft’s Security Bulletin Severity Rating System ratings: ‘Critical’, ‘Important’ and the two remaining levels (‘Moderate’ and ‘Low’) respectively. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Allocate collect multiple types of audit information and it is regularly analysed. Basic intrusion detection technologies are in place at the perimeter devices. Applications and services are monitored and reported in real time to the Allocate Operations monitoring centre.
- Incident management type
- Supplier-defined controls
- Incident management approach
-
*Security Incident processes are in place for the Allocate Cloud service and are enacted in response to security incidents.
*Pre-defined processes are in place for responding to common types of incident and attack.
*A defined process and contact route exists for reporting of security incidents by consumers and external entities.
*Security incidents of relevance to them will be reported to customers in acceptable timescales.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
Fighting climate changeFighting climate change
Fighting climate change and supporting Net Zero RLDatix recognises that it has a responsibility to the environment beyond legal and regulatory requirements. We are committed to reducing our environmental impact and continually improving our environmental performance as an integral part of our business strategy and operating methods. To achieve this, RLDatix has completed the following: • RLDatix has an Environmental Policy that is reviewed on an annual basis to ensure it is relevant to the business • RLDatix has engaged our travel partners to ensure travel is as carbon efficient as possible, i.e., recommends trains rather than flights • Throughout all RLDatix offices we provide waste receptacles for recycling and general waste, supporting the reduction of waste to landfill • We encourage the reduced use of water and electricity and actively encourage the staff to consider the environment whilst printing • Many of our solutions assist our customers in reducing their own carbon footprint, i.e., assisting with route planning for community-based staff • RLDatix is working to be carbon neutral in the next few years and achieve ISO 14001 accreditation Many of these environmental proposals help us and will help you in your path to Net Zero. We are firmly committed to carbon reduction, as demonstrated by our Carbon Reduction Plan, published here: https://rldatix.com/en-uke/corporate-responsibility/
Pricing
- Price
- £19,473.05 to £171,141.61 a licence a year
- Discount for educational organisations
- No
- Free trial available
- No