Beyond Systems Limited

Cloud Midland HR and Payroll Delphi/iTrent Archive Application

The “Cloud Midland HR & Payroll Delphi/iTrent Archive Application” is for organisations moving off MHR iTrent or Delphi to another HR/Payroll platform but still need to retain and query their old data for several years. It enables them to remove costs whilst giving access to important HR and Payroll information.

Features

• Screens to query iTrent or Delphi HR/Payroll information
• Data retention rules engine
• Archive iTrent or Delphi data for reference
• Ability to build ad-hoc HR/Payroll reports
• Customer branding available

Benefits

• Fast access to your HR/Payroll data
• Reduce costs by retiring an expensive legacy application
• Data automatically GDPR Compliant
• Easily respond to Freedom of Information requests
• Simplifies your IT infrastructure
• Secure store for archive data

£40,000 a licence a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@wegobeyond.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

988048781531337

Contact

Mark Daynes
08450940998
gcloud@wegobeyond.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No
• System requirements: Web Browser Access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: During working hours Mon-Fri 9.00 -17.00 - questions are acknowledged same day. Response times are rolled forward to the next working day if raised at weekends.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: For all applications Beyond will provide a basic level of software support during business hours (excluding public holidays and the period between Christmas Day and New Years’ Day), Monday to Friday, 9.00am – 5.00pm. The customer will be expected to provide 1st line support and a documented scenario will need to be produced and reported to Beyond for investigation. Should the customer spawn a fault investigation that is subsequently proven not be a software error, then Beyond reserve the right to charge for that time consumed to aid the customer investigation.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We help the customer setup their initial security requirements and provide online training on how to use the application from both a user and administrators perspective for no extra cost.
• Service documentation: No
• End-of-contract data extraction: Once the contract ends, the service will be deleted along with the data. For applications that hold users data, an extraction process will be agreed with the user prior to the contract end date where a charge will be agreed.
• End-of-contract process: At the end of the contract the cloud service will be terminated which is included in the cost. Additional charges will be agreed for any data extraction required at the termination.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: Service interface is provided through Oracle Apex.
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: Oracle regularly conducts testing to ensure that the user interfaces are perceivable, operable and understandable by people with range of abilities. Continually testing coding, visual operation, manual operations, too-assisted operations across people with and without disabilities.
• API: No
• Customisation available: Yes
• Description of customisation: New reports and datasets can be requested and charged for using the SFIA rate card.; However the user can build their own reports within the application from the available data items. They can save new reports and even share them with other users.

Scaling

• Independence of resources: The product is usually hosted on the customers own Oracle Cloud Infrastructure account which is specific to that customer.

Analytics

• Service usage metrics: Yes
• Metrics types: Upon request we can provide a usage report.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can export their own data through the screens using the export to excel feature however if the user wants a more comprehensive extraction Beyond can export the data in a specified file based format, e.g through a flat file or comma separated format.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: In line with Oracle; https://www.oracle.com/a/ocom/docs/ocloud-hosting-delivery-policies-3089853.pdf
• Approach to resilience: In line with Oracle; https://www.oracle.com/a/ocom/docs/ocloud-hosting-delivery-policies-3089853.pdf
• Outage reporting: In line with Oracle; https://www.oracle.com/a/ocom/docs/ocloud-hosting-delivery-policies-3089853.pdf; ; Email alerts are issued

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Other
• Other user authentication: Specified as per customers requirements
• Access restrictions in management interfaces and support channels: Access is restricted in management interfaces and support channels by roles within the application to ensure only those authorised can access the system.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: Specified as per customer requirements

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our security governance aims to be compliant with ISO:27001:2013
• Information security policies and processes: Beyond have a written security policy available on request. Security roles are assigned to specific individuals with their defined responsibilities, including access security as well as the network. Beyond are Cyber Essentials Certified

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Beyond use the Oracle Cloud Infrastructure products for this application - the components are tracked in line with Oracle best practice and T&C. Any changes are assessed for potential security impact in line with both industry and Oracle best practice.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Monitoring and assessment is a continual process and we deploy counter measures before potential threats arise. We work closely with Oracle who advise of potential threats and patches as they are identified.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Monitoring and assessment is a continual process. We work closely with Oracle who advise on any potential threats when they arise. All potential compromises are dealt with as urgent and requiring immediate assessment and resolution.
• Incident management type: Supplier-defined controls
• Incident management approach: At the start of the engagement the incident management process is agreed with the customer along with how they wish to report incident as well as how they wish reports to be issued to them.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Wellbeing

  Fighting climate change

  We provide effectve stewardship of the environment by only travelling to physical meetings where absolutely necessary. Our preference is for remote, whether that be analysis and delivery of solutions through to training and customer feedback sessions. Not only do we reduce our carbon footprint, we also encourage the customers to do the same via this method.

  Covid-19 recovery

  This solution helps to improve workplace conditions that support COVID-19 recovery effort through enhanced social distancing brought through the provision of a predominently remote service that requires only limited on-site access.

  Tackling economic inequality

  This service aids with the increase in supply chain resilience an capacity as our solution is on the Oracle OCI platform which is regularly enhanced with innovative technology which we use in a disruptive manner. In addition the scalability and scheduling capability of our solutions mean that we can deliver enhanced value to the customer by pausing services when they are not required - for example evenings, holidays and weekends - so that they do not consume resources and incurr costs when not required. The ability scale also saves money and resources as additional storage and processing capacity is only added as and when it is needed. We also enhance our applications using Agile methodologies to add incremental customer value based on customer need, so the new features are added quickly into the cloud platform without any disruption of service meeting immediate customer needs.

  Wellbeing

  We strive to improve the health and wellbeing of the contract workforce by ensuring they only need to travel to remote locations when absolutely no other form of delivery is possible. Whilst we have a central office, we encourage consultants to work in a hybrid manner in an environment that best suits their particular circumstances.

Pricing

• Price: £40,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@wegobeyond.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.