Evolutionary Systems (Evosys)

Evo Workforce Scheduler

Evo Workforce Scheduler provides deep functionality for time and workforce tracking, advanced scheduling, analytics and complex absence management. It provides effective ways of managing shifts based on staff requirements and business needs for Local Government, Central Government, Higher Education, Health and Police & Emergency Services

Features

  • Create shift schedules in just one click
  • Time & attendance integration
  • Effective work schedules
  • Empowerment of employees with self-service
  • Integration with Oracle Cloud HCM
  • Payroll integration

Benefits

  • Automated roster creation
  • Quick roster to enable to support unforeseen circumstances
  • Full integration with Oracle HCM
  • Oracle HCM look and feel giving a single user experience
  • Graphical representation of staffing and exceptions

Pricing

£1.50 per person per month

Service documents

Framework

G-Cloud 11

Service ID

1 3 8 3 4 5 2 0 8 5 2 1 4 7 9

Contact

Evolutionary Systems (Evosys)

Kelvin Worley

07714521628

kelvinw@evosysglobal.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Evo Workforce Scheduler is equipped with the in-built integrations for Oracle HCM, Oracle Payroll and Oracle Projects facilitating easy data transfer to Evo Workforce Scheduler without any human intervention. Approved overtime and regular hours can be transferred to Oracle Payroll once timesheets are approved.
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
Evo Workforce Scheduler is built on Oracle PaaS and any applicable upgrades etc will be scheduled in accordance with the Oracle Software as a Service updates
System requirements
Oracle Platform as a Service (PaaS)

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Severity 1 - Showstopper, not able to continue business. No work-around or manual process available.
Response Time: 1 Business Hour.

Severity 2 – Technical defect/bug. Error impacting business, but business can continue with minimal work around
Response Time: 4 Business Hours

Severity3 – Medium - Technical defect/bug. Error not impacting business, as work around is available for the same
Response Time: 16 Business Hours

Severity 4 - Cosmetic/Component Failure Malfunction causing virtually no impact on Client’s ability to operate significant business processes or production.
Response Time: 24 Business Hours
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Software support levels are in accordance with support times outlined above with the solution upgrades being governed by the Oracle PaaS updates.
On-site support in respect of consultancy and training can be provided based on the standard daily rates on a time & material basis or on a fixed price/fixed scope basis
Support available to third parties
No

Onboarding and offboarding

Getting started
We start training users from Day 1 of the implementation so by the end of the implementation users will become self sufficient should any issues arise. All training documentation is made available for the users. As per the users requirements we will be happy to provide the training onsite or offshore
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
The data will be stored on Oracle servers and the data extraction and removal criteria will be the standard policy followed by Oracle globally. Oracle provides numerous tools and techniques to retrieve data.
End-of-contract process
The data will be stored on Oracle servers and the data extraction and removal criteria will be the standard policy followed by Oracle globally. Oracle provides numerous tools and techniques to retrieve data.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
There are no differences between the mobile and desktop services.
Service interface
No
API
Yes
What users can and can't do using the API
Our services publish a set of pre-defined standard business events and java based services for integration with third party systems.
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
We provide customisations to EWS where they are needed in order to support business requirements. This could be in the form of enhancements to the existing process or the addition of a sub-process to an existing process.

Scaling

Independence of resources
As data is stored on the Oracle Cloud, Oracle policies ensure users are not affected by the demand other users are placing on your service.

Analytics

Service usage metrics
Yes
Metrics types
The data will be stored on Oracle servers and the data extraction and removal criteria will be the standard policy followed by Oracle globally. Oracle provides numerous tools and techniques to retrieve data.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
The data will be stored on Oracle servers and the data extraction and removal criteria will be the standard policy followed by Oracle globally. Oracle provides numerous tools and techniques to retrieve data.
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
See Oracle standard hosting procedures document
Approach to resilience
See Oracle standard hosting procedures document
Outage reporting
See Oracle standard hosting procedures document

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Access to Oracle Cloud systems is controlled by restricting access to only authorized personnel. Oracle enforces strong password policies on infrastructure components and cloud management systems used to operate the Oracle Cloud environment. This includes requiring a minimum password length, password complexity, and regular password changes. Strong passwords or multi-factor authentication are used throughout the infrastructure to reduce the risk of intruders gaining access through exploitation of user accounts.
System access controls include system authentication, authorization, access approval, provisioning, and revocation for employees and any other Oracle-defined 'users'. Customer is responsible for all End User administration within the program.
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
WRG Certification Organization India
ISO/IEC 27001 accreditation date
13/01/2017
What the ISO/IEC 27001 doesn’t cover
Design, Developement and Implementation of software, Consulting services and solution of IT is covered under ISO/IEC 27001 certification
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Evosys is certified with ISO 9001-2008 and ISO 27001-2013 As Evosys is platinum partner of Oracle. Oracle is certified with following external Quality Assurance & Accreditation Oracle Corporation UK Ltd is certified with ISO/IEC 27001-2005 Oracle Corporation UK Ltd is certified with ES BN ISO 9001-2008

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Evosys has considerable experience in supporting clients during the change journey. We are confident that we can deliver a successful technical implementation, but without a correctly executed business change strategy the project outcome could be below expectations. In the absence of a structured business change strategy, supported by an appropriate communication strategy, it is possible that an excellent technical implementation will be judge a failure by the client’s staff who use the new system on a daily basis.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Implementing a vulnerability management process is all about managing risk. Vulnerability management is the process in which vulnerabilities in IT are identified and the risks of these vulnerabilities are evaluated. This evaluation lead correcting the vulnerabilities and removing the risk or a formal risk acceptance by the management of an organization (e.g. in case the impact of an attack would be low or the cost of correction does not outweigh possible damages to the organization)
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Evosys may monitor equipment, systems and network traffic at any time, as per Evosys’ Audit Policy. Evosys may monitor messages without prior notice. Evosys is not obliged to monitor email messages
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
This Incident management policy mandates that any individual who suspects that a theft, breach or exposure of protected data or sensitive data has occurred must immediately provide a description of what occurred via e-mail to support@evosysglobal.com, by calling or through the use of the help desk reporting page at “http://evosyserp.evosysglobal.com:8009/faces/login.xhtml” This address and web application are monitored by the Evosys’ Information Security Administrator. This team will investigate all reported thefts, data breaches and exposures to confirm if a theft has occurred. If a theft, breach or exposure has occurred, the Information Security Administrator will follow the appropriate procedure in place.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£1.50 per person per month
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑