Hornbill for HR

Hornbill for HR is a service delivery and process automation solution that eliminates dependencies on email, spreadsheets, and manual processes, allowing HR teams to deliver modern employee service experiences. Establish your Enterprise Service Management strategy, using Hornbill's SaaS platform to connect your HR, IT, Security, and other service delivery teams.


  • Collaborative Service Management: an innovative way to adopt HR best-practice
  • Powerful business process automation and task orchestration
  • Process Tracker display provides instant visibility of request status
  • Progressive capture improves speed and accuracy of data input
  • Fully-featured mobile interface keeps users connected and informed
  • Extend best-practice to other business units with Enterprise Service Management
  • Capture knowledge and expertise from conversation
  • Self-Service drives low-cost query and case resolution
  • Instant translation removes language barriers in real time
  • Powerful analytics for improved decision making


  • Free switch-on implementation service and 30-day trial
  • Priced for Life - no price increases guaranteed
  • No fixed term contract – we don’t lock you in
  • Trained for Life – no training costs
  • 100% codeless customisation
  • Continuous deployment means the software is always up-to-date
  • Upgrades do not affect your customisations
  • Deploy additional productivity and business applications with a single click
  • Move issue resolution and request fulfilment to lowest cost level
  • Publish HR services and enable employees to interact through Self-Service


£47.25 to £71.00 per user per month

Service documents


G-Cloud 11

Service ID

6 0 3 9 9 4 4 2 6 0 1 8 1 9 9



Gerry Sweeney

0208 582 8282


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints The Hornbill platform is kept up to date at all times. Updates are applied transparently and with no disruption to customers. Any maintenance that will impact service to a customer will only be carried out with agreement and a schedule secured from a 30 day advance notice, in order to undertake the work that has been agreed with each customer affected. Maintenance work is normally performed outside of normal working hours to ensure minimal disruption.

Where urgent work, such as emergency fixes, security patches or other
unforeseen maintenance work must be carried out, customers are kept
informed with regular updates.
System requirements Supported Web Browser: IE11+, Microsoft Edge, Chrome, Firefox, or Safari

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Service Availability Support: 24x7x365
Application Support: 9am - 5:30pm, Mon - Fri
Response Targets:
Priority 1 - 15 mins
Priority 2 - 30 mins
Priority 3 - 4 hours
Priority 4 - 8 hours
Comprehensive support for all types of issues and defined SLA’s are available with the Premier and Concierge Success Plans. https://wiki.hornbill.com/index.php/Premier_Success_Plan
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support No
Support levels Essential – £Free.
The Essential Success Plan is included in your subscription and offers 24x7 assistance via online reporting for critical service availability issues. Up to 3 named contacts can access the Hornbill Community Forum and make use of knowledge resources, open-source integration tools and Hornbill API’s.

Premier – £278 per month.
The Premier Success Plan includes everything in Essential and provides
5 named contacts with access to Hornbill’s Customer Support Teams
for formal application support for non-critical issues. Premier includes
multi-instance support, defined Service Levels and 10 credits of Expert
Services. A dedicated Success Team provides quarterly service delivery
reviews and priority incident reports.

Concierge – from £2,780 per month.
The Concierge Plan includes everything in Premier and provides 10 named
contacts with access to a Technical Account Manager, dedicated Product
Specialist, weekly service delivery reviews and Development escalation
priority. Concierge includes 100 credits of Expert Services and preferential rates on further expert services.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Hornbill for HR is highly intuitive to use and administer. Hornbill’s free 30-day ‘Switch-On’ service provides customers with access to Hornbill Product Specialists, who transfer knowledge to enable users to become self-sufficient in configuring and integrating the software with other business systems.

Product Specialists offer advice and assistance with:
→ Integration with your corporate e-mail system
→ Integration with your corporate directory service (typically AD or other
LDAP based directory service using SAML 2.0) for Single Sign-On
→ Setting up/importing your users
→ Importing your contacts or other static data
→ Importing assets
→ Advice on how to set up WebHooks for real-time integration with other
business systems
→ Setting up any aspects of the application(s) you have chosen to deploy on the Hornbill platform
→ Advice on customisations, settings, and what can (or cannot) be achieved according to your requirements.

At the end of the free 30-day Switch-On period, the majority of customers
are already getting value, and have all the proof points they need to simply
subscribe and continue using the software in a live environment, with no fuss, complicated and expensive installs or paid-for consultancy services.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction If the Customer terminates the agreement, Hornbill will retain the Customer's Data for a period of 60 Days from the Date of Termination. Upon request, Hornbill will provide the Customer with a copy of this data in an industry standard machine readable format.
End-of-contract process In the event that a customer wishes to terminate their subscription, Hornbill shall use reasonable endeavours to provide a copy of the customer’s data and documents within 20 working days. Such assistance may be subject to Hornbill’s terms and associated day rates for time and materials consultancy services.

Hornbill will delete the customer specific data, backups and keys used to
encrypt data for archiving purposes within 30-60 days of the termination date. Data may be retained up to 12 months for archival purposes for a one-off administrative fee.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Standard service management functionality is available on both the mobile and desktop interfaces. However, a browser interface is required to access the administration interface and configure the solution.
Service interface Yes
Description of service interface Hornbill's service interface operates on any supported browser. Intuitive features, such as progressive capture, provide a consumer-like experience, so users require little or no training. Most aspects of the service experience can be customised, without the need for technical expertise or coding abilities. Hornbill for HR includes numerous pre-packaged business processes with workflows that are ready to adapt to meet specific business needs.
Accessibility standards WCAG 2.1 A
Accessibility testing Hornbill has not tested the application with specific assistive technologies. However, Hornbill's Development teams work with individuals within the user community who need to take advantage of accessibility options provided by the application and the browser. Feedback from users of assistive technology is prioritised and improved incrementally through Hornbill's continuous delivery approach.
What users can and can't do using the API The Hornbill platform exposes all functionality through a single unified and fully documented web services API. The API is an XML RPC-style request/response messaging scheme, with all inputs and outputs fully described by XML Schema and on-line documentation. Simplified language bindings are provided to enable developers to easily integrate with projects built using JavaScript, PHP, C#.NET , Java and C++. Full API documentation for the API is available from https://api.hornbill.com/docs/

Web Hooks, the opposite to an API call, is a call from Hornbill to a web endpoint of your choosing. Most application actions on a Hornbill instance can trigger an action-specific event when an action is performed. Hornbill can be configured to call to a web end point passing the action-specific data to the web service. This is a very powerful mechanism that enables near real-time integration with other business systems.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Hornbill’s unique business process engine and workflow orchestration drives manual and automated tasks to streamline the process of getting work done. The easy-to-use graphical interface enables 100% codeless customisation, allowing the complex operational processes to be configured without technical or specialist skills.

Progressive Capture enables configuration of a series of logical workflow stages and activities, to shield users from complexity, and ensure that processes are followed reliably every time.

Only users with adequate permissions can access the customisation domain and Hornbill guarantees that all customisations will continue to work when the service and software is updated.


Independence of resources Hornbill for HR is designed to accommodate enterprise-scale needs. The application scales horizontally though the addition of extra hypervisors and rack space. Hornbill can also quickly create an instance or a complete replica of the Hornbill infrastructure in Amazon Web Services (AWS), which means that capacity and scalability are never an issue.


Service usage metrics Yes
Metrics types Hornbill provides live service availability metrics online via - https://status.hornbill.com/

In addition, Hornbill tracks service usage information, such as Number of Subscribed Users, Basic Users, Mailboxes. Storage Usage is also available, including Total Usage, Disk Usage, Database Usage, and Last Audit Date/Time.

Application Subscription Information is available reporting Applications Installed, Version Numbers, Installation Date, Number of Subscribed Users and Number of Subscriptions Available.
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Hornbill will provide an export within 14 days of receipt of the Customer's request and can provide further copies, once every 90 days, at no additional cost. The data is archived, compressed, encrypted and placed on Hornbill servers. The Customer is notified by email and has 7 days to download the data. If more frequent downloads are required, Hornbill can provide a scheduled push of Customer data through an optional chargeable subscription add-on service called Hornbill Data Assurity. This service delivers a complete copy of the data to a cloud service controlled by the Customer e.g. Amazon S3.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • Excel
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Hornbill is committed to delivering the best level of service possible. We are open and transparent about our service level performance, and honest when things go wrong. While our standard terms of service contractually commit to service availability of no less than 99.5% we always measure ourselves against an operational target which is set at 99.95% – significantly more stringent than our contractual SLA.

Availability Service Credits are calculated on a monthly basis as a percentage of the Subscription Fee where the SaaS Service Availability falls below a certain threshold as shown below:

- Between 99.49% and 98.50% - 2.5% Service Credit
- Between 98.49% and 97.50% - 5% Service Credit
- Between 97.49% and 96.50% - 10% Service Credit
- Less than 96.50% - 20% Service Credit
Approach to resilience Customer instances run on industrial strength fully redundant hypervisor
based infrastructure.Emergency restore and recovery within 2 hours.
Backups taken daily, weekly and monthly for each instance. Backups are cycled, so there is always one daily, weekly and monthly full backup available. Backups are taken without any service downtime. Instances are continuously replicated to backup servers in another data centre for full offsite data redundancy, and locally within the same data centre to facilitate fast recovery.
Outage reporting A public dashboard is available at https://status.hornbill.com/ showing current status information and details of the past twelve months service availability, so customers can see how Hornbill performs
against its' operational targets. Uptime shown for the current month
represents the availability for the current month to date and is updated daily.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels A valid username and password is required to access management interfaces and support channels. Hornbill operates a Named Support Contact policy and requests for support are accepted from nominated contacts only. A 'Named Account Authority' is responsible for operational changes, such as authorising adjustments to the numbers of subscribers and keeping Named Support Contact information up-to-date.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 British Standards Institute
ISO/IEC 27001 accreditation date 19/10/2018
What the ISO/IEC 27001 doesn’t cover No standard controls are excluded from Hornbill's ISO/IEC 27001 certification.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Hornbill is committed to preserving the confidentiality, integrity and availability of its physical and information assets. Hornbill’s Information Security Management System (ISMS) is ISO/IEC 27001:2013 certified.

Physical Security includes external and internal HD CCTV cameras tied back to DVR systems, with backup to SAN storage. Proximity access control uses access card and biometric authentication. Mantrap uses ultrasonic technology for single person verification and intruder and door tampering alarms are in place with a secure managed loading dock. Physical access to Hornbill’s network operations centre is controlled by electronic door access and strict policies. All visitors to Hornbill are known entities, and must sign in to the building, and are always escorted when entering secured perimeters. Hornbill instances are security hardened at three levels. Only a subset of the Hornbill Cloud team has locked-down “physical” access to Hornbill instances to enable maintenance and investigation of any issues that arise. All changes to Hornbill instances are logged through a formal Change Request process and require authorisation before any change may be applied. Access to all systems is audited and reviewed on a regular basis to ensure that the strict controls in place are adhered to.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Change requests must provide sufficient information to support assessment. Cloud Service Manager (CSM) reviews changes in accordance with Hornbill’s risk management framework. Standard/minor changes are approved by the CSM. Emergency changes require CAB Executive approval. Significant/major changes are carried out in test environments, must include test plans, business and technical acceptance criteria, and back-out plans enabling rollback of configuration items to a working baseline. Email approvals from the CAB/Chief Technical Officer are attached to change requests for audit purposes. Significant/major changes Releases to production must be authorised by the CSM to ensure minimal impact on service availability and business continuity.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Hornbill evaluates strategic and operational risks on an ongoing basis. Risk assessments are carried out whenever there is a change to assets, scope of the Information Security System, code, or to the risk environment. The potential impact of each threat-vulnerability is assessed using the risk likelihood scale and risk levels are automatically calculated and recorded against the asset in the risk assessment register. Vulnerabilities are identified from multiple sources (vendor information, CVE/NIST lists and in-house testing) on weekly basis. CVE critical assessments are carried out on daily basis and are either resolved\patched or mitigated by process within 12 hours.
Protective monitoring type Supplier-defined controls
Protective monitoring approach All instances, services and hardware are monitored from several locations around the world. Over 100 metrics per instance are checked every 5 minutes, covering; performance, load, availability, capacity, sanity checks, security and backups . Any warnings are logged and escalated to Hornbill's Cloud Team, and response times are in accordance with the priority classification assigned to each incident: - Priority 1 (15 mins), Priority 2 (30 mins), Priority 3 (4 business hours), Priority 4 (1 business day). Customers are notified and any potential impact on service availability is published on the Cloud Services Platform Portal - https://status.hornbill.com/
Incident management type Supplier-defined controls
Incident management approach Incidents are raised by customers with enhanced Success Plans though a form on Hornbill's website. The webform performs a high-level health-check on the customer’s instance once the customer details have been provided. The Support team confirms the request priority with the customer and provides a meaningful response to satisfy SLA response targets and subsequently works towards SLA resolution targets. Incident reports are available to customers through the self-service portal. If either the health-check or internal processes identify a critical issue affecting system availability, a major incident process is activated involving senior management personnel who project manage the issue to completion.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £47.25 to £71.00 per user per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Hornbill's 30 Day Satisfaction Guarantee removes risk and enables the customer to make an informed decision to either subscribe, or walk away. The 30 Day trial period includes; free implementation in the form of a Switch-On service and free training.
Link to free trial https://www.hornbill.com/solutions/hr

Service documents

Return to top ↑