Planixs GRP Limited

Planixs Strategic Workforce Planning

Planixs Strategic Workforce Planning enables organisations to make confident strategic resourcing decisions using forecasting, modelling and planning tools that help users to plan and optimise their workforce against their demand and known constraints. Value delivered includes operational efficiencies, reduced costs, optimised utilisation, improved forecasting accuracy and real-time analytics.


  • Easy to use and innovative user interface
  • Online Collaboration: Work across multiple sites with real time updates
  • Supply & Demand Forecasting: Visualise all demand and supply data
  • Workforce Pyramid Modelling: Optimise the structure of permanent/contingent/outsourced labour
  • Scenario Modelling: Create multiple scenarios to compare the impact
  • Skills Capability Matrix: Understand required skills against your existing capabilities
  • Labour/Demand Cost Analysis: Manage and control your workforce financials
  • Data Integration: Configurable excel-based pivot views allow for Excel/CSV imports/exports
  • Automation Analytics: Model changes at task-level to identify efficiency gains
  • Comprehensive support models and SLAs


  • Understand your workforce and increase confidence in decision making
  • Make better use of your existing workforce and capabilities
  • Lower your cost to serve through targeted organisation structures
  • Uplift margins thought increased utilisation, efficiency and productivity
  • Minimise the cost of your planning process
  • Hold a single source of operational workforce data, driving accountability
  • Model multiple scenarios, understand the impact identify the best outcome
  • Increase confidence in decision making and delivery
  • Skills analysis drives succession planning and identifies training needs
  • Focus on the value from the data, not manipulating data


£6 per unit per month

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

2 4 5 3 5 5 5 6 0 9 8 2 8 0 4


Planixs GRP Limited

Stuart Houghton


Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints As a part of the service provision there are requirements that we have that are similar to other software services. There may be scheduled maintenance periods etc., but given this is a fully hosted service items such as hardware configurations etc will be seamless to the end user.
System requirements
  • Internet / network connectivity
  • Latest Internet browser
  • Screen resolution of 1280 x 1084 (recommended 1920 x 1080)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Planixs provides live technical support available to the end client from 9:00 am to 5:30 pm GMT/BST, Monday – Friday, excluding designated bank holidays. These hours are classified as “Peak Hours”. All other times are classified as “Off Peak Hours”.

Response times are determined by the severity of the issue/question and accordance with the SLA, full details of which can be found in the service definition document.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels We provide a single support level that is the same for all our clients. As part of the service we provide a service desk, email support and phone support to users where needed. This is at no extra cost (unless some onsite support is needed). You will be assigned both an account manager and a service manager who will provide ongoing support and points of escalation through the term of the service.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Our training methodology is based on the principles of “train the trainer” and each course is designed to support the needs of the business requiring the training and the solution offered. Full training materials will be provided. Training will be undertaken in various forms including, on site, web conferencing, pre-recorded and written training manuals.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction When the contract comes to the end, the supplier will provide a full extract of the data for clients future use.
End-of-contract process Given this is a hosted service, once the contract ends the hosted service is terminated accordingly. All client data is exported and returned to the client for future use / reference, and all instances are securely destroyed.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices No
Service interface No
Customisation available Yes
Description of customisation Users are able to customise language/labels through configuration and data access via permissions / roles settings.


Independence of resources As part of the monitoring bridge we monitor CPU, disk space and memory on client instances. If these near pre-defined thresholds then alerts are triggered and additional capacity requests are assessed. If capacity is needed then this is requested and deployed accordingly. This can be done dynamically and with short timelines owing to the flexibility of our cloud hosting platform.


Service usage metrics Yes
Metrics types We can provide usage metric reports on request that include areas such as who has logged in and when. The solution also provides other real-time metrics such as when user(s) last committed / saved data to the master database and when that was done etc.
Reporting types
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Other
Other data at rest protection approach Linux Unified Key Set-up (LUKS) disk encryption
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Users have the ability to export data from any of the screens in the application and also through the data mining component of the solution. This then enables them to load it directly into tools such as Excel. This is done in the knowledge that they are all taking the data from the same source.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Our SLA relates to service uptime for the application. This is measured based on the % uptime for the application, measured by month. Scheduled downtime relating to new releases, patches and any scheduled backups are not included in the calculation of uptime. Planixs provides service credits if the service falls below 95 % uptime. The credit is applied to future invoice(s).
Approach to resilience This information is available on request.
Outage reporting We have monitoring bridges in place that send alerts to our support staff who then respond accordingly due to the severity of the issue. Clients are notified accordingly.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication As above users are authenticated via username and encrypted password. Additional measures include VPN tunnels and also white list IPs only allowing access from specific source IP addresses. As required by client.
Access restrictions in management interfaces and support channels With regards to management interfaces, the same approach as application access is taken (e.g. usernames, secure passwords, HTTPS, VPN, white list IPs etc). All support channels accessed over the internet are done via HTTPS.
All access to production services are dealt with via strict policies and procedures (e.g. Info Sec policies). Two factor authentication is used by support staff. Server access is reviewed on a regular basis with appropriate onboarding and offboarding processes.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications All hosting centres we use are at least ISO27001 certified.

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Our hosting providers are all ISO27001 accredited. Internally we carry out penetration testing as a part of our software dev lifecycle. We are also audited by some clients. With regards to governance we have security officer who has a reporting line all the through to board level as and when needed. Further information can be provided on request.
Information security policies and processes We have a comprehensive info security policy that includes; segregation of duties, backup and recover, incident response, handling and distribution of data, password policies, data storage, confidential information etc.

Each member of staff signs the security policy upon joining. Audits of the policy are carried out.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The areas of hardware, software and documentation for the Solution are centrally managed within Planixs. The end-consumer is not impacted by the Configuration Management function.

Any change requests to live applications or the platform will require a change request to be raised to the Service Desk. An impact review is then carried out to assess the financial, technical and business impact, which is then communicated back to the end consumer who then make a decision on whether to proceed with the change or not. The change is then scheduled into the appropriate release type which will include penetration testing.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We use a combination NESSUS and OpenVAS for our vulnerability scanning tool along with the KALI Linux suite of tools for full coverage of penetration testing. Additionally our hosting providers provide ongoing vulnerability scanning and management of the overall platform and a notification agreement is in place in the event of them finding any. In the event of finding a vulnerability the remediating patch will be provided to the effected server(s) or service(s) at the earliest possible release date. Depending on the level of risk this could be the next scheduled release or immediate deployment.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We use OSSEC for our protection monitoring, which caters for intrusion detection and prevention. For example we monitor and alert on; detect DDOS attacks, brute force attacks, changes to system files and many others. When a comprise is found, for example OSSEC blocks source IPs to prevent any further attacks taking place and the bridge team are alerted accordingly with a full audit of attacks and remediation steps provided. In terms of speed, we respond instantly by blocking the IPs and through the alerts. Then an RCA is carried out to see if further action is needed.
Incident management type Supplier-defined controls
Incident management approach We have a defined an ITIL compliant process for common events. Our approach to Incident Management is as follows:
• Identify, log, diagnose and resolve Identity against the services
• Cooperate with end consumers and other Service Providers in diagnosing Incidents
• Apply any available workarounds
• Communicate known Incidents and workarounds to the affected team(s)
• Escalate Incidents that have a broad impact to the Service Desk Manager
Incidents are converted into problems for long term resolution. Incident reports are provided on a regular basis.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £6 per unit per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial The free trial typically lasts for 3 months. We include a level of support for that to help with setup and consulting support through its use. Production level SLAs are not included during the trial.

Service documents

Return to top ↑