Intec Systems Ltd

IBM Watson Talent Apps - IBM Watson Recruitment

IBM Watson Recruitment is an AI powered cognitive talent management solution that increases recruiter efficiency to allow HR to improve and accelerate people’s impact on the business. It automatically predicts, without bias, the best suited candidates who are most likely to succeed in an organisation.


  • Identify the best talent quickly
  • Evaluate and eliminate bias
  • Captures real-time market insights and employee sentiments


  • add


£23016 per licence per year

Service documents


G-Cloud 11

Service ID

3 9 4 2 7 1 7 1 0 6 0 5 3 7 7


Intec Systems Ltd

Steven Laurie


Service scope

Service scope
Software add-on or extension Yes
What software services is the service an extension to Software is used in conjunction with existing HR technology that can be provided from any vendor. IBM Watson technology will integrate into existing HR Information Systems (HRIS) and Applicant Tracking Systems (ATS).
Cloud deployment model Public cloud
Service constraints None
System requirements Integrate with existing HRIS / ATS.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Main system support will be provided by IBM, with Intec helping to prioritse and progress as required:
Severity 1 issues may be logged 24 hours a day, 7 days a week. The response time objective is to have an expert begin diagnosing your issue within 1 hour of receiving your initial report. Severity 1 issues are defined as: "A core software component is inoperable across all clients, or the service is down for all clients. This only applies to a production environment and indicates you are unable to use the program, resulting in a critical impact on operations."
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Standard support requests will be directed through to the IBM Help desk. However, Intec Systems will be able to provide additional resource and support during standard working hours. Education and training can be provided by Intec to help with some of the user based issues.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Intec can provide both onsite and web based enablement and training. Working closely with the delivery teams, the key users will be part of the team to ensure delivery meets the daily needs.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction With the Client’s written request following termination or expiry of either the Agreement and subject to its backup and retention policies, the data will be deleted or returned to Client.

Intec, in conjunction with IBM will arrange for an export of data in an access database. The following conditions apply:

● The data export will be in an access database structure and format provided by IBM. IBM will provide an entity relationship diagram for the access database.
● The export will be sent to the Client via SFTP process. The SFTP process will use username and password authentication.
End-of-contract process Intec will work with you to determine how best to manage the end of contract process. The contract can either be extended and we will agree the appropriate timeframe for the next term. If the decision is to terminate the contract there are no additional termination fees.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service As IBM Watson Talent Apps enahance the service delivered by the existing HRIS / ATS, the differences will be driven by those specific technologies.
Service interface No
What users can and can't do using the API Several API's available depending on the existing HRIS/ATS installed. Most of the more common systems have existing API's - contact us to find out if API's exist for your specific application.
API documentation No
API sandbox or test environment No
Customisation available Yes
Description of customisation The applications are dependant on the client data held in the existing HRIS / ATS (job requisition / candidate application etc). The Watson apps connect to these existing applications to give a tailored experience for each client.


Independence of resources IBM Watson Talent Applications are designed to scale for very large organisations. IBM use the technology internally which covers ~350k employees. The apps are designed to work in a fully multi-tenant SaaS environment.


Service usage metrics Yes
Metrics types [discuss with client what metrics are needed]
Reporting types Reports on request


Supplier type Reseller providing extra support
Organisation whose services are being resold IBM

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Other
Other data at rest protection approach Field-level encryption: The Talent Acquisition Suite offers field-level encryption using AES-256 for sensitive information such as a tax identification number.

Database encryption: Passwords are hashed in the database using SHA-512.

Backup encryption: All backups for all IBM Talent Management solutions is encrypted.
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Data Export and import to and from the Watson Talent applications (to and from the client HR applications) is usually managed via CSV transfer using a secure FTP site protocol mechanism (depending on the existing client HR systems). Often, API's will be available to manage this process more efficiently (most of the standard ATS platforms already have existing API's available).
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network Other
Other protection within supplier network While all data is encrypted in public transit, not all internal traffic between tiers is encrypted. Where interfaces between tiers are not encrypted, internal traffic is secured using firewalled networks.

Logical segregation: IBM segregates customer data logically using unique client IDs that prevent other customers from accessing a client’s data.

Field-level encryption: The Talent Acquisition Suite offers field-level encryption using AES-256 for sensitive information such as a tax identification number.

Database encryption: Passwords are hashed in the database using SHA-512.

For components powered by Talent Insights, all data at rest is encrypted with AES-256 bit encryption.

Availability and resilience

Availability and resilience
Guaranteed availability IBM agree to deliver 99.2% (or better) system uptime within each calendar month, excluding scheduled downtime for regular maintenance. If system availability falls below the 99.2% threshold in a calendar month, IBM offer prorated credits of the applicable service fee for that month.
Approach to resilience IBM approach to resilience is: Critical components are protected against failure through redundancy where available. Failover-capable components are used where available. Non failover-capable components are provisioned with stand-by equipment where possible. Cloud Operations deploys tools to monitor network, system, and application components. Components are monitored with alerts of failed components being issued to Cloud Operations support personnel. Under normal operating conditions, response is usually within 15 minutes of the failure alert.
Outage reporting If the client agrees, IBM can notify users immediately of any maintenance or downtime via email and upon access, and also notify users by email when the system is available again. When the system is down—for example, during regular system maintenance—a message regarding the outage will be posted at the login page.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels IBM limits access to customer data to personnel with a business need to know. Various security mechanisms control access to those authorised, with application access controlled through our centralised “gatekeeper” process. Access requests are tracked through the IBM Control Desk. Anyone who has access to customer data is either an employee who signs a confidentiality agreement or, rarely, a consultant or third party who has agreed contractually to protect the privacy of our data.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Bureau Veritas Certification Holding SAS – UK Branch
ISO/IEC 27001 accreditation date IBM’s ISO 27001 certificate for the IBM Talent Management SaaS applications was renewed in Q4 2015.
What the ISO/IEC 27001 doesn’t cover The following ISO 27001 controls were deemed not applicable because they are managed by our data centres.
- Section A.11 Secure Areas
- Section A.11.2 Equipment
All other ISO controls in sections 5 through 18 were covered in the IBM Talent Management SaaS applications audit. The controls under the two sections referenced above are covered in the ISO 27001 certification for the data centres in question and are addressed through data centre management controls rather than application controls.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Audit for compliance with SOC 2 standards annually

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes IBM has an information technology (IT) security policy that establishes the requirements for the protection of IBM's worldwide IT systems and the information assets they contain, including networks and computing devices such as servers, workstations, host computers, application programs, web services, and telephone systems within the IBM infrastructure.

IBM’s IT security policy is supplemented by standards and guidelines, such as the Security Standards for IBM's Infrastructure, the Security and Use Standards for IBM Employees and the Security Guidelines for Outsourced Business Services. Our security policies and standards/guidelines are reviewed by a cross-company team led by the IT Risk organization at least annually.

The offices of the Chief Privacy Officer (CPO) and Vice President of IT Security collaborate regarding protection of data. The information security policy is enforced through protocols, regularly scheduled certification processes, technological controls, and management and staff dedication.

The IBM “Data Security and Privacy Principles for IBM Cloud Services” is available on IBM’s public website at: IBM also provides clients with product-specific information systems security overviews.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach The development and security of SaaS applications follows industry standards. Standards-based processes are built into every step of the SDLC for products. Product teams use OWASP guidelines, SANS and IBM standards for web application security and review source code using a reputable standardised tool. Applications undergo annual security assessments and periodic independent application and infrastructure penetration and vulnerability testing. Products are upgraded with new functionality on a regular release cycle. Major releases includes functionality added in minor builds and projects timed specifically for the release. Notification for any visible change is completed before each build, and client enablement is provided.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach IBM conducts regular internal application and network scans and engage a third party to perform regular application scans. All critical findings are remediated to close. The installation of patches and updates to the operating system is controlled and centrally managed. Patches are deployed either during regularly scheduled downtime or, for serious threats, fast tracked to prevent exploitation of the vulnerability. All patches and updates undergo QA testing prior to general installation. All IBM systems and workstations are protected by antivirus software that performs real-time scans. Updates to virus definitions are checked and installed automatically on a daily basis.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach The Hosting Environment has redundant firewalls at its perimeter. Inbound firewall security policy limits access to essential services necessary to access application functionality and to remotely manage the systems. All other types of traffic are denied. A network-based intrusion detection system is enabled and a reputable managed service provider provides monitoring, correlation, and notification to the Cloud Information Security and Cloud Operations teams.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach IBM's data incident response process serves to properly report and retain documentation for events, begin remediation, discover root causes, learn lessons, and prevent similar occurrences. IBM has a Computer Emergency Response Team (CERT) which encompasses each department’s role based on the incident. The team is composed of specifically trained and equipped employees who, working with the software business teams and other subject matter experts manage an incident until resolution. Should an incident occur while a client’s information is in IBM's possession, the client is notified of security breaches of customer data within two business days.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £23016 per licence per year
Discount for educational organisations No
Free trial available No

Service documents

Return to top ↑