Working Time Solutions Ltd.


Working Time Solutions combines specialist insight with proven technology to help you manage shift workers more efficiently and effectively. You’ll find our WORKSuite® software is the most powerful, flexible and intuitive dedicated workforce management system available on the market.


  • Build shift patterns including seasonal patterns and standby/call in
  • Unlimited shift lengths and pattern durations
  • Manage overtime, TOIL, flex and reserve hours
  • View availability and assign staff
  • Realign staff to fluctuating requirements
  • Track holiday and shift swaps
  • Absence management
  • Realtime tracking and exception reporting


  • Eliminate admin: Cut working time-related administration by 25%
  • Maintain compliance: Avoid regulation breaches and report against key metrics
  • Engage employees: Increase flexibility and support work-life balance
  • Manage shifts and rotas via an intuitive dashboard
  • Ensure accuracy: Feed real-time information to payroll and HR systems
  • Inform decisions: Use workforce analytics to support effective planning


£2.50 per person per month

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

1 7 2 3 0 9 1 2 1 9 3 7 0 1 9


Working Time Solutions Ltd.

Nigel Maxfield

07568 128558

Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
System requirements
Google Chrome

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times vary depending on the category of the support issue and a full detailed support plan can be obtained from this framework.

Several support arrangements are offered for WORKSuite including enhanced weekend support and out of hours support before 9am and after 5pm
User can manage status and priority of support tickets
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Support is provided on a tiered category basis and provided through the
Customer Support Center.

The Customer Support Center will handle the Customer’s call as follows:
i. (i) Level 1 – Customer Care Center. Processes incoming calls, and create service requests. Service requests then route the support calls to a support resource. The Status of open service requests is monitored.

ii. Level 2 – Telephone Support. Technical Phone Support is the first point of contact for incident escalations. Technical Phone Support specialists will be staffed with system specialists that are trained for the support of WORKSuite software. If an issue cannot be resolved within a reasonable time frame, it will be escalated to level 3 support for assistance.

iii. Level 3 – Engineering Support. Engineering Support consists of software engineers that are responsible for providing comprehensive support for emergency situations and system failures where the software or platform is inoperable.

iv. Level 4 – Engineering Support. Product and maintenance releases including Upgrades.

iv. Hours of Support. Normal support hours are 8:00 AM – 5:00 PM (GMT/BST) Monday through Friday excluding weekends and holidays.

Support required outside of these normal support hours may be subject to additional charge.
Support available to third parties

Onboarding and offboarding

Getting started
Working Time Solutions provide training facilities including documentation and 'how do I' help and training for administrators and general users of the system. This training forms part of the onboarding process and can include train the trainer, full on site training and remote training provided through the WTS LMS service
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
WORKSuite has a set of export facilities allowing a user to extract or remove data currently held for that tenant on the Working Time Solutions AWS Platform. This includes work schedules and users in a CSV format.
End-of-contract process
WORKSuite is provided as a service with varying features and functionality made available to purchasing customers.

All data can be exported by the customer into a csv format including schedules, users and other data elements required by the customer and is provided as part of the standard product.

As all data held within the WORKSuite product is managed and administered by the customer at the end of the contract the user has a set period of time to decommission the tenant data which is set by the close of service section of the contract.

Using the service

Web browser interface
Supported browsers
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The software adapts to the smaller window size
Service interface
Description of service interface
Secure customer portal
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
This is managed by our service provider
Customisation available
Description of customisation
Customisation is a design feature of the WORKSuite product and includes shift pattern designs, roles and user access rights, display options for part of the system.


Independence of resources
Our platform infrastructure is part of an auto scaling group from AWS which monitors performance of the EC2 instances continuously. This monitoring scales the number of machines and back end service along with the machine types the application and databases are running on to maintain the same experience for the user and individual tenants.


Service usage metrics


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
A user can export their data using the system export facility covering rotas, schedules, users, planned schedules.
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats
  • CSV
  • Other
Other data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
The WORKSuite managed SaaS platform offers 99.99% guaranteed up-time or better.
No refunds are offered as penalties outside of this SLA.
Approach to resilience
The resilience network and platform descriptions are available on request.
Outage reporting
Email alerts are provided along with a public dashboard on service status.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
WORKSuite is a multi tenanted platform which operates a unique tenant token system restricting data from one tenant to another. Our administration console has restricted access based on your role to create new users and our tenant administration services are restricted to specific personnel within Working Time Solutions. Support is provided to end users through calls, messages and screenshots from a user so no access is granted to a user account within Working Time Solutions to our support personnel.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
Working Time Solutions have adopted a security governance priority to our SaaS platform and it is expected that our systems will be audited against our security models by the end of 2019 and we are confident that whilst we have not had the formality of a certification process our security remains strong and has adopted best practice and the highest levels of security encryption available.
Information security policies and processes
Working Time Solutions work closely with the customers IT Security Coordinator. On Security Incident containment, eradication and recovery is part of our processes in accordance with the Working Time Solutions Incident Response processes. This includes, but is not limited to, the ability for customer to track the status of reported information security events, to request and receive discrete access and information associated with customer Data (user data, system/security event logs, network or host packet captures, logs from security components such as IDS/IPS/Firewalls, etc.) in an unencrypted fashion for the purposes of conducting investigations and the ability for Working Time Solutions to track the status of a reported information security event. Working Time Solutions will alert and notify any customer whose data may have been compromised or be under attack through our pro-active threat analysis SOC.

Coordinator (via phone and email) of detected suspicious events or unusual activities with security implications. The Incident Response (IR) family of the SCP contains further details regarding the Working Time Solutions IR role and responsibilities.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Working Time Solutions Ltd takes advantage of the Amazon Web Service infrastructure to benefit from a standard set of controls and configuration options which are of the certified and accredited standards by independent certifying agencies.

This approach includes:
1.1 Physical location and legal jurisdiction
1.2 Data centre security
1.3 Data at rest protection
1.4 Data sanitisation
1.5 Equipment disposal
1.6 Physical resilience and availability

DoD SRG, FedRAMP, FIPS, ISO 9001, ISO 27001, ISO 27017, ISO 27018, PCI DSS Level 1, SEC Rule 17-a-4(f), SOC 1, SOC 2, SOC 3
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Working Time Solutions review and patch on a monthly basis. The AWS platform provides networking and patch levels maintenance across the IaaS.

Working Time Solutions will be launching its Security Operations Center(SOC) in 2019 along with membership of the IT ISAC service to identify threats.

WTS operate a monthly patch cycle for our application servers including all components and services.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
WORKSuite is monitored 24/7 365 days a year using StatsD to Prometheus DB and provided Graphs using Graphana.

All App Logs are generated through LogStash through to elastic search and Cobana to provide graphs of the corresponding data. All unusual trends from data logs are highlighted to our operations centre.

Any compromises found creates an incident within our incident control centre. Working Time Solutions maintains a dedicated security team to deal with any potential issues within a 1 hour window.
Incident management type
Supplier-defined controls
Incident management approach
Working Time Solutions have a predefined incident control system integrated into our DevOps environment which allows a customer to create a support ticket, give the ticket a specific category and that ticket is automatically routed to the correct incident support co-ordinator.

Users can report incidents using the phone, email or directly through our ticket management system.

Incident reports are provided monthly to customers through an emailed report or by logging into the ticket management system.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks


£2.50 per person per month
Discount for educational organisations
Free trial available
Description of free trial
Demo software linked to a generic database featuring full functionality of WORKSuite excluding configuration options and systems integration.

Available for 30 days as standard.

Service documents

Return to top ↑