Insala, Ltd.

Hi-Impact® Mentoring Software

Our world-class Hi-Impact® Mentoring Software creates the framework for your mentoring programme. This includes a unique matching algorithm to effectively pair users, engaging content and workflow communications to support each stage of the relationship; administrators have all the control and information they need to automate the success of the programme.

Features

  • Real time reporting
  • Unique matching algorithm
  • Matches based on development needs
  • Scalable
  • Customised branding
  • Career assessments
  • Custom reporting tool

Benefits

  • Career development
  • Extract useful data quickly from reporting dashboard
  • Administrators equipped with information to ensure programme success
  • Mentors matched with most suitable mentees via unique algorithm
  • Mentees given support which would have been otherwise inaccessible
  • We consolidate requirements gathering into collaborative workshops

Pricing

£30 per licence

  • Education pricing available

Service documents

G-Cloud 10

139960503269503

Insala, Ltd.

Phillip C. Roark

0207 297 5940

proark@insala.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints If there are ever any planned maintenance works on the system we shall endeavor to always contact our customers well in advance.
System requirements Anti-virus technology

User support

User support
Email or online ticketing support Email or online ticketing
Support response times We rank each ticket depending on severity and each level has differing timescales;
Level 1 - Production environment is not available to authorised users - 1 day resolution
Level 2 - A critical function in the tool is not available to authorised users - 7 days resolution
Level 3 - A function in the tool is not available to authorised users or functioning as designed - No later than the next available Insala schedule build
Level 4 - A problem that does not materially affect licensee end users’ ability to use the services or the system -
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), 7 days a week
Web chat support No
Onsite support No
Support levels Email support - Insala shall also provide Licensee’s end users with support via e-mail response. On the Effective Date, Insala shall provide to Licensee an e-mail address to which Licensee’s end users may submit support requests and descriptions of problems. Insala shall promptly reply to all e-mails submitted to Insala.

Access to knowledgebase/support via system - Insala shall provide support for the system and the services through web pages on the system. Such support shall include, without limitation, (a) a list of frequently asked questions and corresponding answers, (b) a “knowledge base” database which may be queried by licensee end users, and (c) the availability of technical support buttons through which licensee end users may request additional support. Telephone support is available to system administrators and client named callers.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started We offer training via webinars (3 sessions as standard) for system admins. In these sessions we shall define strategic objectives and measurement design, configuration requirements through the starter pack, communication planning and reporting needs.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Insala shall return all such materials to Licensee and certify to Licensee that this has been done.
End-of-contract process Upon termination Insala shall cease to provide the Services and all sums due for the current license year shall become payable by the Licensee. Licensee shall immediately discontinue use of the System, delete all System Material from its files, return all and any accompanying materials to Insala, and send written certification that all of the foregoing have been completed;
If Insala has any Content Materials or information belonging to Licensee, such as original materials used to upgrade portions of the Licensee’s version of the System, Insala shall return all such materials to Licensee and certify to Licensee that this has been done.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The site is responsive and available on mobile devices
Accessibility standards None or don’t know
Description of accessibility Access to information, information systems, information processing facilities, and business processes are controlled on the basis of business and security requirements based on a principle of least privilege. Formal procedures are documented and implemented to control access rights to information, information systems, and services to prevent unauthorized access.
The level of access to the server can be limited depending on the user. Admins will have full access and will be able to grant further access to users within the system.
Accessibility testing We adhere to Web Content Accessibility Guidelines (WCAG) 2.0 guidelines.
API Yes
What users can and can't do using the API Insala’s software integrates and interfaces with other HRIS, LMS, and CRM system through standard APIs, custom APIs, and over SAML SSO.
Integrations are implemented via API services integration or automated batch file transfer, both of which are commonly used to integrate with systems such as PeopleSoft, ADP, Larson, BizLibrary, SkillSoft and Success Factors to name a few.
Via a services integration approach, the Insala REST API is made available for the client to authenticate and access user record data as well as post updates into the Insala portal via real-time triggers.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The platform is fully customisable and scalable for each client. We can incorporate client branding and customise the homepage so that it fits with your current internal portal. The custom reporting tool allows admins to perform real time reports. Client specific fields can be added to the application to aid reporting. CRM integration allows participants to create their own accounts and login to the system. Additional languages can be set up and implemented in to the system.

Scaling

Scaling
Independence of resources Insala has performed a number of system stress tests to confirm the system is capable of performing well at high traffic levels. Performed tests have confirmed the server and application architecture can sustain volume over 500% greater than the highest experienced traffic recorded. The tests were based on simulated concurrent user "wait times" and utilised system resources using use case paths through the site. Tests performed to date indicate system population can be grown to 2 million users. Additional load testing is conducted as appropriate.

Analytics

Analytics
Service usage metrics Yes
Metrics types Network
Reporting types Regular reports

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Individual users should send Insala a request to be completely deleted/forgotten from the system via the support request screen.
The user request must be a validated subject access request by confirming the identify of the individual user and rights of that user to the account in question.
The company administrator should ensure that user data is removed from their record and make sure that these users do not and cannot come be restored in Insala system.
Once Insala has confirmed deletion request from company admin, we can initiate delete process in the portal.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Legacy SSL and TLS (under version 1.2)
Data protection within supplier network Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Insala commits to provide a highly available solution where the Software will be available 99.8% on average excluding scheduled system downtime within a given calendar month. Insala will credit Licensee’s account if this system access availability commitment is not met. Insala will calculate the time within a given calendar month that the Software is inaccessible to Licensee’s users due to any reason other than scheduled downtime. Such inaccessibility will consist of the number of minutes that the Software is not accessible.
Approach to resilience Information available on request
Outage reporting Insala has a documented incident response plan for response to suspected or confirmed security incidents, as part of the Insala incident response and disaster recovery plan.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels Access controls are to be set at an appropriate level which minimizes information security risks yet also allows the organization’s business activities to be carried without undue hindrance.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users receive audit information on a regular basis
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Rackspace US
ISO/IEC 27001 accreditation date 21/11/2011
What the ISO/IEC 27001 doesn’t cover N/A
ISO 28000:2007 certification Yes
Who accredited the ISO 28000:2007 Rackspace US
ISO 28000:2007 accreditation date 21/11/2011
What the ISO 28000:2007 doesn’t cover N/A
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification Trustwave
PCI DSS accreditation date 19/06/2017
What the PCI DSS doesn’t cover N/A
Other security certifications Yes
Any other security certifications
  • SSAE16
  • SAS 70
  • ISAE 3402 Type II SOC 1 standards

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes All employees and contractors which require access to data systems are required to complete information security and data privacy training at hire and annually thereafter to certify compliance to the Insala security standards and procedures. These standards are reviewed annually during re-certification and approved by the Insala CTO. Information security is managed within Insala led by the Chief Technology Officer with close advisement by the Systems Administrator, Software Architect and representatives from data center partners for network and infrastructure security. Management approves information security policies, assigns security roles, and coordinate and review the implementation of security across the agency. Information security is coordinated across different parts of the agency with relevant roles and job functions. Information security responsibilities are clearly defined and communicated. Security of Insala’s and clients’ information assets and information technology that are accessed, processed, communicated to, or managed by external parties will be maintained.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Insala follows the Microsoft Operations Framework in many aspects for change control, configuration management, and deployment. Insala employs the Microsoft Solutions Framework methodology for project development. Insala employs the Microsoft Secure Development Lifecycle tenets and practices in the SDLC. Documentation of Insala processes and procedures is kept up-to-date and used to continually improve internal processes.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Insala follows the Microsoft Operations Framework in many aspects for change control, configuration management, and deployment. Insala employs the Microsoft Solutions Framework methodology for project development. Insala employs the Microsoft Secure Development Lifecycle tenets and practices in the SDLC. Documentation of Insala processes and procedures is kept up-to-date and used to continually improve internal processes.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Risk assessments will identify, quantify, and prioritize risks against company and client specified criteria for risk acceptance and objectives. The results will guide and determine appropriate action and priorities for managing information security risks and for implementing controls needed to protect information assets. - Identify the risks - Identify Insala and client assets and the associated information owners - Identify the threats to those assets - Identify the vulnerabilities that might be exploited by the threats - Identify the impacts that losses of confidentiality, integrity and availability may have on the assets - Analyze and evaluate the risks.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Risk assessments will identify, quantify, and prioritize risks against company and client specified criteria for risk acceptance and objectives. The results will guide and determine appropriate action and priorities for managing information security risks and for implementing controls needed to protect information assets. - Identify the risks - Identify Insala and client assets and the associated information owners - Identify the threats to those assets - Identify the vulnerabilities that might be exploited by the threats - Identify the impacts that losses of confidentiality, integrity and availability may have on the assets - Analyze and evaluate the risks

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £30 per licence
Discount for educational organisations Yes
Free trial available No

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑