Zipporah Ltd

Zipporah: Impact Facilities, Sports, Appointments and Bookings

Zipporah's Impact solution brings together all your core booking needs into a single package combining the functionalities from the Room, Sport and Generic Appointment systems. From meeting rooms to 5-a-side pitches to benefit or MOT appointments everything you need to book on a one-to-one basis is in a single solution.

Features

  • Enhance your event management by offering bookings onto events
  • Assign individual staff to workloads as part of staff allocation
  • Check availability in real time with our diary booking feature
  • Manage your event from concept through to delivery and aftercare
  • Integrate with multiple system types - active-directory, finance etc.
  • Create ready made reminders to keep processes tasked and workflowed
  • Seamless proven integration with finance systems for easy payment administration
  • Comprehensive & fully integrated automated suite of report
  • Book all requirements simultaenously including catering and room layout
  • Search and filter number of attendees, catering and facilities required

Benefits

  • Fast creation and editing of new and existing events/ facilities
  • Full content customisation to suit your business
  • 24/7 availability, all booking data managed in one accessible system
  • Common core infrastructure gives piece of mind and service depth
  • Increases efficiency between back office staff and contact centres
  • Provide event attendance lists
  • Back office staff control of public bookings when required
  • No more lost booking information or excessive paper-based requests

Pricing

£30000 per licence per year

Service documents

G-Cloud 10

501365112513041

Zipporah Ltd

Jonathan or Jobe

02920 647048

gcloud@zipporah.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints None
System requirements Internet browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Zipporah support requests will fall into two categories dependent on the severity of the problem.

Category A: The failure of the services to function in accordance with the specification renders the Customer’s system inoperable and business operations are halted.
Category B: The Services contain errors or omissions or functional problems that the Customer is able to work around.

Category A response time: Respond within 1 hour, every endeavour will be made to correct the issue(s) within 1 working day.
Category B response time: Respond within 24 hours, every endeavour will be made to correct the issue(s) within 7 working days.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Zipporah support provides first line support telephone and email support is included within service charge for the annual use of the software solutions. This is support is provided Monday to Friday from 09:00 - 17:00. A dedicated support team is provided to support any issues that you might experience. In addition the up-time guarantee for the service is 99.9% based on 24/7/365 days of the year.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Zipporah uses a phased approach to deliver a controlled and logical project roll out to make the process of on-boarding as straightforward as possible. Every project is led by an experienced Zipporah project manager who will co-ordinate a cross functional team within Zipporah and liaise with client side staff. Initially Zipporah will provide a base lined version of the system in order to ensure an understanding of the client's full requirements and how the system delivers these. This will form the basis of meetings between Zipporah and the various business users to identify system changes and configurations needed. These will be confirmed by the client and Zipporah through a clear document for both parties to sign-off. Zipporah provides training for system end users as a 'train the trainer' approach. We provide user guides where each process and function is detailed and explained. The training sessions are a 'hands on' experience with scenarios set for attendees to ensure a full understanding of how to use the system. Zipporah also provide a Product Specialist resource where users can contact us and ask for clarification or advice. We also have FAQs on our website as well as videos showing step by step guides.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Zipporah is able to provide the customer with a complete database in Microsoft CSV, XML or Excel formats as standard. We are also able to offer a number of other formats which would be discussed on a case-by-case basis.
End-of-contract process There are no additional costs at the end of the contract. Zipporah provide customers with it's data in Microsoft formats.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service None.
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing Zipporah has worked with all of its clients to ensure that its applications are fully compliant with these standards. This includes working with the clients own testing teams to ensure that we meet these standard as a minimum Interface testing has included validation reports for your HTML and CSS for a landing page and a page containing a transactional form. Zipporah utilises validation tools to maintain these standards. In addition the output from the audits panel of Google Chrome’s developer tools are also utilised.
API Yes
What users can and can't do using the API Any API required would be attached to the relevant Zipporah solutions purchased by the client.
API documentation Yes
API documentation formats
  • PDF
  • Other
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The Zipporah solution is a highly configurable and customisable solution that allows the user to control and customise almost all of public facing elements and back office views as desired.

Intuitive tools, provided through the user-interface allows the user the ability to edit buttons, emails and page content so that they can create a solution which has their full look and feel.

Users are able to customise a wide-variety of the booking processes, including the toggling of options to have facilities such as 'document upload' or terms and conditions switched on or off. The status and workflow of bookings received can also be defined through customisation of booking types.

The system also includes the ability for roles to be defined which determines user access. This customisation of roles allows the system administrator to define who has the authority to customise various elements of the system.

Form builders within the module also allow for the customisation of the booking process to define what information you want to capture based on what somebody is looking to book.

Scaling

Scaling
Independence of resources We supply individual hosting for clients based on their needs or requirements. Clients therefore have their own, dedicated server which ensures no interference with the solution. Clients are able to opt for shared hosting, with client specific, independent databases - where we isolate every client through the options provided to us via IIS and put upper limits on each individual site.

Analytics

Analytics
Service usage metrics Yes
Metrics types The service metrics we provide are within an array of application specific reporting suites. These reports allow clients to access a wide range of metrics from systems and provide comprehensive and clear information about how the service is functioning.
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach There are a number of standard reports that contain all system information - the user is able to export these in a number of Microsoft formats.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • XL
  • PDF
Data import formats Other
Other data import formats
  • Excel
  • Spreadsheet

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability The Standard SLA covers: 99.9% monthly network up-time guarantee, 5-hour hardware failure response time Credit allowances for hardware or network failure beyond SLAs 24.7 automated SLA monitoring and notification. On top of this we offer a network guarantee of 99.9% monthly network up-time for our ISP network. In the event of a network fault that takes your server off-line, we will offer a credit allowance.
Approach to resilience Available on request.
Outage reporting Networks are continuously and automatically monitored. Zipporah are immediately informed of any potential problem so that it is normally rectified before your service is affected. If any complications arise, the support team will be in regular contact to update clients of on-going progress and expected resolution time-frames. This service would usually be provided via email.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Identity and authentication controls restrict access through the following mechanisms: Authentication federation, Username and password, Username and strong password/passphrase enforcement.
Access restriction testing frequency At least once a year
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 CfA
ISO/IEC 27001 accreditation date 22/06/2016
What the ISO/IEC 27001 doesn’t cover Everything is covered by our ISO 27001 accreditation.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes The Zipporah information security policy covers all forms of information security such as data stored on computers, transmitted across networks, printed or written on paper, stored on discs and drives, stored on the Cloud or spoken in conversation or over the telephone. All managers are directly responsible for implementing the Policy within their business areas, and for adherence by their staff. It is the responsibility of each employee to adhere to the policy. Disciplinary processes will be applicable in those instances where staff fail to abide by this or any other Zipporah Ltd security policy. It is the policy of the company to ensure that information will be protected against unauthorised access, that confidentiality of information is assured, that integrity of information is maintained, that regulatory and legislative requirements regarding intellectual property rights, data protection and privacy of personal information are met, that business continuity & disaster recovery plans will be produced, maintained and tested, that staff shall receive sufficient information security training and that all risks are identified, measured, communicated, controlled and where necessary, reduced in magnitude. All breaches of information security, actual or suspected are reported and investigated by the Zipporah Security and Risk Committee.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Zipporah use SVN as our code library which maintains all changes and check-ins performed on Zipporah code, allowing us to compare any check-ins to review what was done. The use of SVN allows us to manage branching of our solutions to maintain versions for specific clients. Zipporah operate a job monitoring system allowing monitoring of support and development jobs. Jobs are matched to check-ins to reference change and reasons for change. In achieving accreditation for ISO27001:2013 we have processes for designing and writing software including security considerations and impacts. This includes stages of peer review for security and pen testing.
Vulnerability management type Undisclosed
Vulnerability management approach We have a Cisco ASA 5516 firewall with Firepower. Windows updates through GFI, deploying Critical updates automatically. We obtain all the cyber threats through firesight management and have also been given a portal to Mi5’s Cyber security.
Protective monitoring type Undisclosed
Protective monitoring approach Our data centre deploys the Cisco Firesight Management Center alongside Cisco 5516x firePOWER IPS, Apps, AMP and URL with Smartnet.
Incident management type Undisclosed
Incident management approach As part of our ISO 27001 and 9001 certifications Zipporah has a complete process to for Non-Conformance Control, Information Security Incidents & Corrective Actions. Any non conformance report can be submitted via telephone or email. Corrective Actions and Actions to Prevent Recurrence are identified and recorded on the NCR. Once complete NCR’s when appropriate are returned to the customer, then filed and reviewed at the Management Review Meeting.

Incidents can be reported through a variety of means whether directly to our support system or via telephone. Equally where we have automated tools this may issue us alerts.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £30000 per licence per year
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑