JMS One is a cloud based real-time staff management system for clients requiring end to end staff management. Seamless automation links on-boarding, compliance, rota, bank and agency bookings, time management and integrated timesheets. JMS One can be accessed either via the web or mobile app.
- Automated job booking system
- Integrated online timesheets
- Manage your bank and agency shifts
- Reporting suite with graphs and Excel reports
- Automated notifications by email or app
- Cancelled shifts re-posted automatically
- Web based user interface
- Mobile app available for iOS and Android
- Compliance module (Summer 2019)
- Automated rota (Autumn 2019)
- Efficiently manage your workforce
- No need for emails or phone calls
- Find staff to cover your shifts in an instant
- Proven to regularly fill shifts within 60 seconds
- Relevant stakeholders updated automatically
- Fully transparent to both candidate and client
- Provides traceability and control
- Enhances your analysis and planning
- Rapid robust and reliable
- Accessible 24/7 from any device
£50 per unit per month
- Free trial available
4 6 2 0 8 4 1 7 9 4 5 7 6 4 3
JMS Infotech Ltd
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||All emails received by JMS One support team will be actioned within one working day, excluding weekends and public holidays.|
|User can manage status and priority of support tickets||No|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||No|
|Onsite support||Onsite support|
|Support levels||On-site support is a client bespoke provision. Service levels are individually negotiated with each client.|
|Support available to third parties||No|
Onboarding and offboarding
All clients are allocated a dedicated Client Advocate. The Client Advocate will meet with the client to capture their requirements and discuss what they need to achieve from the system. Once agreed, our support team will configure the system as per the client's needs.
On-site training sessions are offered to all new clients to help with their onboarding process. All new users have access to a range of support materials to help them use the system, including an integral how-to-guide for users of the JMS One mobile app.
When applicable, we can assist the client to migrate their data into the JMS One system.
|Other documentation formats||In-app user guide|
|End-of-contract data extraction||Clients can extract their data at contract end by contacting their Client Advocate who will arrange the data extraction with the support team.|
|End-of-contract process||As contract end approaches, your Client Advocate will meet with you to review contract performance. At this time, we can also discuss any requirements you have in terms of data migration, data extraction or reporting should you not wish to renew.|
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||The JMS One mobile app is currently available for workforce users only. Functionality will be extended to client users by the end of 2019.|
|Description of service interface||
JMS One can be accessed in two ways, via the JMS One website or via the JMS One mobile app.
Workforce users can manage their shifts and timesheets using either the website or the mobile app.
The JMS One mobile app will be made available to client users by the end of 2019.
Client users can manage shifts, timesheets and their workforce, and can also run a range of reports using the website.
|Accessibility standards||None or don’t know|
|Description of accessibility||We are exploring ways of making JMS One more accessible in the near future.|
|Accessibility testing||We are exploring ways of making JMS One more accessible in the near future.|
|Description of customisation||
The system is fully configurable and can be customised in many ways, including:
Modular approach allowing client to choose features appropriate to their business needs.
Clients can work to a centralised or decentralised model.
Workforce registration can be configured with application questions bespoke to specific job roles.
Compliance document requirements can be tailored to client needs.
Automatic or manual timesheets branded with client's logo and colour scheme.
Shift patterns can be set for individual working locations.
User permissions can be set to organisational needs in line with individual job roles.
Customisation requests should be made to the support team who will apply the customisations accordingly.
|Independence of resources||The JMS One servers utilise load balancing which ensures traffic is always directed to the server with the most available capacity at that time.|
|Service usage metrics||Yes|
|Metrics types||Transactional metrics can be obtained using the inbuilt reporting facility. Other metrics as required can be obtained by a request made to the JMS One support team.|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||In-house|
|Protecting data at rest||Physical access control, complying with another standard|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||Client users can export data from the JMS One website using an Export to Excel function. There is also functionality to generate graphical reports which can be exported as PDF. Should the client require any additional reporting, they can contact their Client Advocate for advice.|
|Data export formats||
|Other data export formats||
|Data import formats||Other|
|Other data import formats||Data imports are currently handled by JMS One support.|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||JMS One is available 24 hours per day, 7 days per week, 365 days per year, with a target uptime of 99.9%.|
|Approach to resilience||The JMS One website and database are stored in multiple servers across different locations. This allows an automated instantaneous switchover should any server become unavailable. In the event of a disaster recover situation, JMS One operates to a 2 hour recovery time objective (RTO) with a 7.5 minute recovery point objective (RPO).|
|Outage reporting||In the event that JMS One is not available, a message will be displayed to inform users along with an expected time for resumption of service.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||Access to management and support functionality is determined by role specific permissions, which can also be configured to client requirements.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||We adopt a unified view of how security impacts our organisation. We have scoped out which data needs to be protected, identified associated risks and have created strategic policies to ensure compliance. We regularly monitor and review risk and have created a framework of established solid policies and guidelines whilst promoting agility and adaptability.|
|Information security policies and processes||
Access Control Policy:
Outlines access available to employees with regards to data and information systems.
Information Security Policy:
High-level policy covering security controls. Primary policy is issued by the company to ensure all employees using information technology assets within the organisation comply with stated rules and guidelines. This ensures employees recognise there are rules which they will be held accountable to regarding the sensitivity of data, corporate information and IT assets.
Remote Access Policy:
Outlines and defines acceptable methods of remote connection to internal networks with specific rules for use of BYOD assets.
Formally outlines how employees can use electronic communication mediums. The primary goal is to provide guidelines to employees on what is considered acceptable and unacceptable use of corporate communication technology.
Disaster Recovery Policy:
Policy contributing to the larger business continuity plan, we use multiple servers across different locations, working to a 2-hour recovery time objective (RTO) and a 7.5 minute recovery point objective (RPO).
Business Continuity Plan:
Co-ordinates efforts across the organisation along with the disaster recovery plan to restore hardware, applications and data deemed essential for business continuity.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Our configuration and change management system tracks versions of hardware and software, and compatibility with all servers in the cluster. We record and document baseline versions and agree processes with all development team members to ensure compliance. Version control is managed by Subversion. We use common standard scripts to automate building, testing, integration and deployment, and undertake regular audits to ensure configuration and change management processes are maintained correctly and consistently.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Working to a pre-defined scope, our vulnerability management process consists of regular (scheduled) and random vulnerability scans performed across all servers and platforms. Any issues identified during these scans are recorded including the number of vulnerabilities detected and the severity/risk rating of identified vulnerabilities. These reports are analysed in order to determine risk and a remediation plan is prepared with clear deadlines for implementation of any required actions.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||Our protective monitoring process establishes ongoing collection and analysis of all log and event data, reviewing of activities, and performing real-time advanced correlation and pattern recognition. This includes information security controls including inspection of firewall logs, investigation of operating system security alerts and monitoring of Intrusion Detection Systems (IDS). This information is stored in order to provide an audit trail of security relevant events of interest. The information is reviewed on both a scheduled and random basis and will alert on individual and broader malicious events, simplifying remediation and helping to mitigate risk.|
|Incident management type||Supplier-defined controls|
|Incident management approach||Our incident management process aims to restore service as quickly as possible, minimise adverse operational impact, and ensure service levels are maintained. We apply standardised methods and procedures covering the response, analysis, documentation, management and reporting of incidents. Once an incident is identified, first level support aim to recover service as quickly as possible. If an incident cannot be resolved immediately, second level support will aim to provide resolution within agreed timelines. Our monitoring and escalation process ensures incidents are continuously monitored, providing any additional resources required to resolve high priority incidents and maintain service level agreements.|
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£50 per unit per month|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||Free trial with full functionality available on request for up to 30 days.|