Ingenium - Vendor Management System
The Ingenium - Vendor Management System (VMS) helps Customers manage their own temporary agency staffing supply chains.
- Restricted access - username and password protected platform
- Supplier Relationship Management Dashboard
- Video interviewing functionality
- Automated booking process including "push" notifications
- AWR Compliance
- Supplier Tiering
- VMS "light-touch" option
- Demand Management
- Consolidated timesheeting and invoicing
- Comprehensive real-time management information and dashboard reporting
- Gain visibility and control over agency spend
- Achieve cost savings and back-office process efficiencies
- Improve internal decision making through detailed insight and analytics
- Improve supplier performance
- Automate the accreditation and enrolment of agencies
- Manage and mitigate employment risk - AWR, Pre-employment checks
£1500 per instance per month
- Education pricing available
5 7 8 1 0 9 4 3 0 4 0 9 7 3 8
Ingenium Technology Services Limited
0781 089 8210
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Email or online ticketing support||Yes, at extra cost|
|Support response times||
When raising tickets, users complete a series of questions, which enables Ingenium to assign each ticket a priority rating.
Priority Level 1:
The technology is ‘down’/inaccessible.
Priority Level 2:
Operation of the technology is severely degraded.
Priority Level 3:
Certain non-essential features of the technology are impaired.
Priority Level 4:
Low priority queries – Password resets
Ingenium operates a 24-7 Help Desk, who will look to resolve all Priority Level, 3, 2 and 1 issues within 2 business days, 1 business day and within 2 hours respectively.
All Priority Level 4 issues will be sent to our Customer's to resolve.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.1 AAA|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||Yes, at an extra cost|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.1 AA or EN 301 549|
|Web chat accessibility testing||
Audio: We use sound to improve user accessibility. When a user receives a new message or their place in the que moves up, we signal this with a particular sound.
Aria-label: Our web-chat uses aria-labels on elements that don't have enough descriptive text For example: ‘Close the webchat’ is better than ‘Close’
|Onsite support||Yes, at extra cost|
1st line customer support
Any issues/faults with the Ingenium technology which are defined as:
Priority Level 1 - the platform is down or inaccessible or
Priority Level 2 - the operation of the platform is severely degraded, or non-business critical components of the service are not operational should be escalated to the Ingenium Help Desk either by telephone or via the platform (subject to availability). Our Help Desk will look to resolve all Priority Level 1 or 2 issues within the following timeframes:
Priority Level 1: 2 hours
Priority Level 2: Within 1 business day
All system support is covered within the license fee payable by customers.
Telephone support will be available Monday-Friday, 9am to 5pm.
|Support available to third parties||Yes|
Onboarding and offboarding
The Ingenium platform incorporates a series of built-in wizards and templates which make using the software, simple, easy and straight forward for users.
The platform also includes a help-library and tutorials that are designed to support and encourage self-learning. Customers can request training from Ingenium either over the web or face to face for an additional cost.
|End-of-contract data extraction||
At the end of any contract period, Ingenium will provide all platform users with sufficient time, during which they will still be able to login to the platform and complete any necessary actions/transactions.
We will not charge customers a fee for exiting a contract.
We propose passwords for Senior platform users remain active for a period of 30 days after conclusion of contact, and 14 days for all other platform users.
Ingenium will create a denormalised SQL server database with all user, company and transactional data, which will be provided to customers on an encrypted disc.
|End-of-contract process||Upon receipt of notification from a customer that they wish to terminate and/or not extend their contract with Ingenium, all data will be transferred back to the customer in a format agreed during the exit process|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||None.|
|What users can and can't do using the API||Ingenium’s API Gateway enables us to configure connections to any third party system so that our customers can integrate to any other systems that support API connections|
|API documentation formats|
|API sandbox or test environment||Yes|
|Description of customisation||Ingenium’s ‘no code’ platform enables every aspect to be customised and most customisation is supported by configuration tools that do not require technical skills to use so that our customer’s superusers can make many routine configuration changes to processes that can evolve as requirements change. We can also support bespoke code where necessary with fortnightly releases that undergo automated testing (without creating a branch to the source code)|
|Independence of resources||
Each customer will be provided with their own instance of the Ingenium technology platform that they will be able to customise accordingly.
Ingenium will ensure secure, reliable network performance for all customers.
From a technical support perspective, customers will be provided with be assigned a dedicated technical support account manager.
|Service usage metrics||Yes|
Ingenium will provide customers on request, with management information pertaining to system usage.
Customers will be able to view and manage within the platform itself, the issue and allocation of platform licenses, based on the current usage of the platform by users
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||‘IT Health Check’ performed by a CHECK service provider|
|Protecting data at rest||Physical access control, complying with SSAE-16 / ISAE 3402|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Users may export their data via the reporting section of the tool, into a series of pre-defined Microsoft Excel reporting formats|
|Data export formats||
|Other data export formats||
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||
Availability and resilience
Ingenium will aim to provide customers with a 24/7 accessible service, excluding emergency maintenance windows (if taken during hours of 5am-8am GMT) weekly maintenance windows, and extended maintenance windows.
We would look to provide customers a system uptime of greater than 95%. Failure to achieve this, will result in customers being provided with service credits
|Approach to resilience||Available on request|
Customers will receive email alerts notifying them of any system outages, whether planned or unexpected. In relation to planned outages, these will be communicated to customers on their home screen, when they login to the platform
Identity and authentication
|User authentication needed||Yes|
|User authentication||2-factor authentication|
|Access restrictions in management interfaces and support channels||All system access is permission based. The process for assigning and changing user permissions will be agreed with Customers as part of the Ingenium.net implementation process.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||2-factor authentication|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||Ingenium's, Information Security Management System (ISMS) has processes for all governance and security aspects, including staff training, data protection, data transfer, hardware and access procedures.|
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||Ingenium and its supporting infrastructure is governed by a strict change control policy and procedure. These controls are audited by a SSAE 16 audit to validate our operating effectiveness. Changes are assigned a risk category and are tested thoroughly by following a formal testing methodology.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||
Ingenium conducts internal and external weekly vulnerability scans. Vulnerabilities are rated on criteria, e.g. internally/externally facing, age, ease of exploitation, etc. The rating determines the correct active to be taken.
Our security team scans for internal, external, credentialed and non-credentialed vulnerabilities and delivers a list of vulnerabilities with a defined risk level. Our IT team patches systems based on vendors' patch cycles throughout their lifetime. Once our security team communicates vulnerabilities, the IT team works to remediate, testing in the staging infrastructure when possible, and deploying during the next suitable window
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||Ingenium follows NIST Incident Response Lifecycle for security incidents, whereby, known vulnerabilities and secure configurations are scanned to identify any potential weaknesses|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||Ingenium follows NIST Incident Response Lifecycle for security incidents, whereby, known vulnerabilities and secure configurations are scanned to identify any potential weaknesses|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£1500 per instance per month|
|Discount for educational organisations||Yes|
|Free trial available||No|