Applied - predictive and bias-free hiring platform
Applied is a hiring platform built using behavioural science that helps organisations to hire the best person, without bias. We use data to promote better hiring decisions.
Spun out of the Behavioural Insights Team, Board including Harvard Prof Iris Bohnet.
- Blind / anonymised screening/sifting of candidates
- Signature de-biased selection tool including anonymisation, chunking, crowdsourcing, randomisation
- De-biased interview module that supports scoring, scheduling, and feedback
- Predictive, skill-based selection tools including work samples/job previews
- Extensive candidate feedback based on skill strengths and weaknesses
- Hiring team/candidate feedback to measure experience and promote employer brand
- Job description/ad text analysis to remove bias and improve conversion
- Data analytics/reporting including diversity pipeline, adverse impact, predictive validity, sourcing
- APIs/integrations to job boards, other ATSs, and selection/assessment tools
- UX/UI focusing on accessibility and delivering simplicity for all users
- Evidence-backed platform that improves diversity/inclusion by removing unconscious bias
- Improves the quality and the speed of hiring decisions
- Candidate-friendly platform with behavioural reminders, and two-way feedback tools
- Elaborate data analytics/tracking to measure what works and experimentation
- Demonstrated 3x improvement in the quality and conversion of candidates
- Demonstrated 67% reduction in sift time and interview efficiency
- Improves attraction/sourcing, including diverse candidate pools, and ROI calculations
- State-of-the-art user experience including behavioural 'nudges'; and simple, accessible UX/UI
- Interview management that de-biases, shows predictive validity, and interviewer data
- Predictive selection/assessment tools that focus on skills
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||
We also provide a standalone text-based job description analysis tool that improves diversity/inclusion and conversion.
We also hold APIs to other ATSs, assessment/selection tools, and job boards.
|Cloud deployment model||Public cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||During weekdays, we aim to get back to those with queries within the day if we can, and weekends 24-36 hours (urgent cases only).|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.1 AA or EN 301 549|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.1 AA or EN 301 549|
|Web chat accessibility testing||As we use an external web chat system, we rely on their wider platform accessibility standards.|
|Onsite support||Yes, at extra cost|
|Support levels||Customers will receive full onboarding support and a dedicated account manager who will manage the provision of technical support. Depending on the scope of a project, dedicated technical and engineering teams, or additional data analytics, can also be provided. The cost for these staff are priced based on their day rates.|
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||New users are provided with a choice of digital or onsite training, this training is provided by members of the account management team at Applied. All users receive comprehensive guidance on how to use the product via the application and product website.|
|End-of-contract data extraction||Users can self-service extract the standard data from the system during and at the end of their contract. There is no additional charge for this. If users would like access to custom datasets, these can be supplied on a fee basis.|
|End-of-contract process||Their logins and access to the account with be removed upon their request or contract end date.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Cosmetic layout differences|
|What users can and can't do using the API||We provide a web-hook API to capture hiring events in real-time. It's a read-only service and there are no usage limits.|
|API documentation formats||HTML|
|API sandbox or test environment||Yes|
|Description of customisation||Specific content can be customised directly by the hiring manager, such as the questions applicants need to answer, and the automated emails sent to applicants. Further customisation is possible but would be performed by the Applied team at the specific request of customers.|
|Independence of resources||
Applied is a single stable platform. There are two ways in which we ensure all customer demands are met.
- Branches and staging sites for product updates. New product features and updates are created in an environment that is separate from the customer version of the product.
- Dedicated account, technical and service teams.
|Service usage metrics||Yes|
Applied provides tracking and analytics on candidate interactions with the system. For example
- Drop off pipeline data against diversity metrics
- Performance of candidates in application process
- Performance of hiring teams - reviewers and interviewers
- Predictive validity of skills questions
- Performance of job board and sourcing channels by diversity and quality of candidate
- Volume of hiring team usage
- Time to hire
- Feedback from candidates and hiring teams
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Data can be exported by users in the application. The standard format for this is via a CSV file.|
|Data export formats||
|Data import formats||
|Data protection between buyer and supplier networks||IPsec or TLS VPN gateway|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||We guarantee uptime of 99.5% and offer a pro-rata refund at 10x time. This means that 10.5% downtime would result in a full refund.|
|Approach to resilience||
All parts of our service except for the primary database are stateless & very portable, so can either scale horizontally under load, or be quickly rerouted to a fail-over host in case of datacentre problems. Catastrophic failure of the primary database would require using backups & transaction logs to restore data so would cause downtime (to avoid data loss).
Additional information available on request.
|Outage reporting||Applied has a public status dashboard and an automatically updated twitter account which reports outages to users.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||The user's assigned role is checked on every operation.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||You control when users can access audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||You control when users can access audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||Less than 1 month|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||Cyber Essentials|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||We're certified for Cyber Essentials, but are compliant (but not certified) with most of the relevant portions of CSA CCM3, PCI-DSS, and ISO27001|
|Information security policies and processes||Please refer to our security policy (www.beapplied.com/security). Access to internal policies available on request.|
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||
All changes to infrastructure go through our risk management process, and the potential impact of failures assessed, and mitigated where necessary.
Accepted changes are applied programatically, ensuring our records are always correct. Records are fully version controlled and auditable.
Software changes are reviewed against our security policy. Resulting code changes are fully auditable and are subject to our release procedure, including several types of testing and peer review. We automatically track security flaws and licencing problems in any proprietary or open source components or libraries.
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||
We use open resources like OWASP, vendor advisories, and dependency monitoring services to understand the attack vectors we need to protect against. We also commission penetration tests at regular 6 month intervals, and disseminate the learnings amongst developers.
Patches are typically deployed within 24 hours of receipt.
Where possible, we automate the testing of common application-layer issues. For example, automated testing that fails a build if it finds instances where external input is rendered without being sanitised for XSS.
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||
We log all activity centrally so that we can monitor the application as a whole or one component at a time, and have alerts set up that notify us of unusual patterns immediately.
Depending on the severity of the incident it is either escalated immediately, or marked for analysis.
Upon discovering a potential compromise we notify affected customers and end-users within 72 hours (to balance those parties' right to know with our need to find out the facts and any meaningful remedies).
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
Customers and end-users can report events by email or phone. Our centralised log alerting can also warn us of incidents.
All incidents then follow our incident management process, which can result in escalation to the CTO. They're assessed for for cause, and impact, and where necessary a response plan is triggered. Anticipated incidents, e.g. catastrophic database server failure, or DDoS attacks on DNS providers, are planned in advance.
Notification of an incident is communicated to customers ASAP (currently within 1 hour, but soon in real-time), and explanation of the incident and action plan follows within 72 hours.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£500 per licence per month|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||Try out our Job Description Analysis Tool and analyse your job descriptions for potentially problematic words that impact on the job description's inclusivity. Use the tool unlimited times to get an inclusion and conversion score, or sign up for full access to the tool for 1 week.|
|Link to free trial||https://textanalysis.beapplied.com/|