MHR iTrent Integrated HR and Payroll
MHR provides software and outsourcing services for Human Capital Management (HCM), Payroll, Talent, learning, development and analytics. iTrent is a UK cloud-based, single database, integrated HR and payroll solution, that supports all aspects of HR management, recruitment and talent management. Complemented with a comprehensive business analytics suite.
- Flexible software and outsourcing service packages.
- Single solution for HR ,Talent ,Recruitment,Learning and payroll.
- Automated processes and workflows.
- Access from any device , PC, Mobile or Tablet.
- Highly configurable solution to support complex organisations.
- Legislative updates to ensure compliant solutions.
- Real-time reporting, standard reports and advanced analytics, management dashboards.
- UK owned and supported.
- Advanced customer Portal.
- Employee and Manager Self Service.
- Reduce costs and inefficiencies through online workflows.
- Aid strategic decisions through single of your workforce
- Reduce HR admin by devolving responsibilities through self service.
- Improve data accuracy by making employees responsible for their information.
- Drive organisation performance by standardising talent management processes.
- Focused recruitment, performance management and succession planning.
- Outsourcing options to reduce risk and costs.
- Ensure legislative compliance through regular updates.
£1.35 per person per month
- Free trial available
6 1 9 1 6 2 7 1 6 9 7 2 2 8 3
0115 945 6000
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Service constraints||We have 4 maintenance weekends per year. A calendar is available with details of these dates|
|System requirements||Browser Compatibility|
|Email or online ticketing support||Email or online ticketing|
|Support response times||This is dependant upon the urgency of the query and will be in accordance with our SLA.|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Onsite support|
|Support levels||All our customers receive the same service level, our standard support includes: • Service Desk logging, available via the portal or by telephone, the manned service desk available from 09:00 to 17.00 hours (Monday to Friday excluding English Bank Holidays). • Through the dedicated support line customers are able to contact the service desk whereupon each call is given a unique reference number. The call is assigned to the appropriate member of the support team for resolution and is owned and tracked at all times by the service desk. • a Customer Portal where customers can log new calls, track the progress of open calls, browse frequently asked ques-tions (FAQs), view closed calls and receive forward notice of imminent releases. A rolling two week patch and fix schedule is published on the extranet, as is an up-to-date list of all existing patches and fixes. • the customer portal comprises a powerful search facility of existing support materials (e.g. documentation, articles, patches, calls) and is available 24/7. • an account manager who will discuss with you your ongoing support. Regular scheduled meetings with your account manager ensure you are able to obtain the most from your implementation.|
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||MHR will work with the customer on a comprehensive implementation and training plan. MHR implementation takes a "done with " approach with the MHR consultants working closely with the customers own project team to ensure maximum knowledge transfer during implementation.This in conjunction with classic "train the trainer" classroom sessions make sure the customer is self sufficient after go live.|
|End-of-contract data extraction||There are a number of ways to extract the customer data at the end of the contract which include flat file , CSV or by using a BI tool such as business objects. If the customer wishes MHR to do this we will charge the standard consultancy rates for the number of days effort required.|
|End-of-contract process||At the end of the contract there are no additional fees.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Responsive design detects screen size. This automatically adapts its user interface to best suit the device being used to access.|
|Description of service interface||
ITrent is truly web based and designed to be accessed over the internet via a web browser for all aspects of the solution.
Connections to iTrent are secured and data encrypted in transit using HTTPS/TLS.
Supported for use on laptops, desktops, thin clients and mobile devices including smartphones and tablets and supported for use on mainstream browsers including IE, Edge, Chrome, Firefox and Safari.
Mobile devices supported include Android and Apple and access using devices native browser.
iTrent has been developed in HTML5 and uses responsive design to automatically adapt the user interface, depending on the device/screen size being used.
|Accessibility standards||None or don’t know|
|Description of accessibility||As outlined below, MHR’s web recruitment functionality conforms to the Web Content Accessibility Guidelines (WCAG) 2.0 level AA. Web recruitment will conform to WCAG 2.1 later this year. In summary, we are aiming for all functionality accessible to all users to be AA compliant and we are very close to achieving this.|
MHR’s web recruitment functionality conforms to the Web Content Accessibility Guidelines (WCAG) 2.0 level AA. Web recruitment will conform to WCAG 2.1 later this year.
MHR is working towards making the employee and manager self-service accessible with a large number of screens already conforming to the WCAG 2.0 guidelines.
We are working together with the Royal National Institute of Blind People to ensure that our products are accessible. RNIB have already implemented a number of our products and a variety of people with disabilities are using our software.
|What users can and can't do using the API||ITrent is enhanced with a suite of bi-directional web services allowing import/export to and from external systems.|
|API documentation formats|
|API sandbox or test environment||Yes|
|Description of customisation||The product is a highly configurable and tailorable solution with a novel approach to customisation that places this flexibility in the hands of the customer. New forms, new fields and user defined drop-down lists may be added by the user at no addi-tional cost. All of this additional information can be accessed for reporting. All the drop down lists may be populated with customer specific data and each customer's business processes may be mapped using the user configurable embedded graph-ical workflow functionality. Appropriate user defined fields are accessible by a pow-erful search facility. Users are also able to add fields to existing screens and forms. Authorised users can create new screens/forms and fields easily and simply by se-lecting parameters from a drop down list. Following user training, users can create any number of user defined fields and screens without the need of assistance from the supplier. System customisation can be performed by any user, subject to their security profiles. Customers have complete control over the user profiles.|
|Independence of resources||The service is not multi-tenanted using virtualisation technologies to provide each customer with a dedicated environment. In order to ensure consistent response times the expected system demands are carefully assessed. Headroom is then factored in to ensure a comfortable quota of resource CPU, memory etc is allocated or procured and ensures that end user response times are not affected by resource intensive processes such as GTN, Costing etc. This is not a one off at system inception rather an ongoing process with regular system monitoring and health checks to continually track performance and response times.|
|Service usage metrics||Yes|
|Metrics types||We can provide availability reports on request, for statistics such as up time in a month.|
|Reporting types||Reports on request|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||
|Other data at rest protection approach||
MHR does not encrypt customer information at rest as standard although this can be offered as a separate service if required using Oracle TDE methodology. This will use AES encryption.
MHR also use becrypt disk protect to encrypt all employee disks including laptops and USB drives.
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||All outbound data can be extracted using methods and utilities such as the inbuilt search facility or standard reports. The integrated report writer outputs in PDF, CSV and also in some cases in TXT whilst the search facility outputs to HTML, CSV and directly to Microsoft Word and Excel. Seamless mail merge facilities certify against RTF based mail merge allowing integration to any desktop office application such as Microsoft Office.|
|Data export formats||CSV|
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Other protection between networks||Additionally MHR provide an SFTP service for transferring of data between customers and MHR. Data on the SFTP server is encrypted at rest and in transit. TLS for email encryption between domains is an available additional service, which is being adopted widely across our customer base. Alternatively MHR offer a secure mail service whereby notifications are sent to users; users are then required to login to the secure mail service portal to access emails.|
|Data protection within supplier network||Other|
|Other protection within supplier network||The company is fully ISO27001, ISO9001 and HMG backed Cloud Security Principles certified serving as the basis for the company’s business planning arrangements. Policies are in place to protect personal data include • Access Control • Data Protection • Handling Customer Data • Role-based access controls • HMG security cleared with NPPV Level 3 Police approval. • Fully compliant with the DPA 1998 holding data for over 300 organisations. • Registered with the ICO as a data controller. • Access to databases is restricted to security cleared database admins. • Full audit logs at application and database levels are captured.|
Availability and resilience
Please see the SLA in the terms and conditions for more details.
|Approach to resilience||MHR have in place a Business continuity plan designed to ensure that MHR continues all functions in the event of a disaster. This plan is reviewed twice yearly and is dynamically updated as the organisation changes. MHR has been certified to ISO27001 since 2005 and are currently following the ISO22301 guidelines to en-sure we maintain structured approach to this part of our entire business (not just hosting Service continuity solutions and procedures are in place to ensure that the risk of having to invoke DR is significantly reduced. Both sites have many resilient features, which includes: Three phased power, Monitored UPS System capable of supporting IT infrastructure and essential systems. Diesel generator which kicks in within seconds of the main power failing and taking over from the UPS system. Power is distributed using APC units with dual feeds to each rack. All servers have multiple power supplies and network connectivity. Other resilient features include diversely routed communications links, N+1 air handling units, and 24/7/365 monitoring. All these facilities are supported by a service contract. We also have resilient BACS solutions at both sites and a further CHAPS backup should the primary solution fail.|
|Outage reporting||The service is monitored and managed by a dedicated team of MHR staff utilising software such as SCCM, Spotlight for Oracle, Opnet. Any outages or issues are promptly notified to affected customers by telephone, email and through the service portal. For infrastructure upgrades MHR operate a quarterly maintenance window. This Is scheduled and communicated to customers one year in advance. For up-grades and patches to customer environments, necessary work is communicated to customers with plenty of notice. Customers can then schedule a suitable time for work to be completed by MHR's hosted IT team. A dashboard is also provided to customers including measurements relating to page (i.e. response time) performance and uptime. This provides customers with a set of visual performance indicators in a single view dashboard that provides both real-time and historical information.|
Identity and authentication
|User authentication needed||Yes|
|Other user authentication||
Access to iTrent is controlled via user name and password authentication. Alternatively users can authenticate using an external LDAP-based directory, such as OpenLDAP or Active Directory
ITrent can take advantage of Single Sign-On (SSO) via a Security Assertion Mark-up Language (SAML 2.0) protocol to login into iTrent. This allows the user access to iTrent without seeing the traditional logon form containing the user name and password fields.
The SSO configuration can also be modified to integrate with ADFS or Shibboleth.iTrent supports two factor authentication (2FA) for additional security when accessing the system.
|Access restrictions in management interfaces and support channels||
Data and functionality access is assigned according to user definable security profiles. Once the user has successfully logged on with their password authenticated, they will be granted access according to the security profile in which they reside. Access to data may be controlled at functional, screen, and field level. Access to list content can be restricted with access defined as, fully editable, read-only, non-visible.
When accessing support channels, user accounts are created on MHR’s Service cloud portal. These are linked to an email address. Any calls to support are verified on details, such as address, email address, phone number etc.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||Lloyds Register LRQA|
|ISO/IEC 27001 accreditation date||27/09/2016|
|What the ISO/IEC 27001 doesn’t cover||Entire business is covered|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||
|Other security governance standards||Cyber Essentials|
|Information security policies and processes||All MHR security policies and processes are aligned to ISO27001:2013|
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||MHR operate a change board chaired by IT director, we have a configuration management database, which is SharePoint for HROIT and ManageEngine for Internal IT. This forms part of our ISMS in line with service change control, ISO27001:2013. The customer change control process is built in line with ISO9001:2008 and ISO27001:2013, any changes of customer environments are all performed through a signed off change from both customer and MHR.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||Infrastructure within MHR’s datacentres are regularly scanned using QualysGuard. Authenticated scans are performed to identify vulnerabilities. This data is supplemented by threat intelligence form NCSC, CERT and security industry bodies to feed vulnerability/patch management processes. The infrastructure is patched as required. Systems are regularly scanned by our Qualys suite to ensure all devices are at the required patch levels MHR perform an annual CREST penetration test of the software, hosted service and corporate network. Customers work with MHR to perform their own penetration tests as part of the due diligence process. In 2017 there were around 20 penetration tests conducted.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||
MHR has its own professional hosted IT team that monitor the service and infrastructure 24/7/365.
Additionally the security system is monitored for exploits and vulnerabilities by our security partner 24x7x365 using a specialist Security Operations Centre. All perimeter devices are monitored real time using a SOC operated by NTT to a service level where all critical events are responded to within 30mins.
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||MHR have incident management procedures as part of the ISMS, requiring all staff to log incidents. All incidents are assessed by a security forum attended by MHR's chief security officer who follow incident until resolution. Incidents are reviewed at department and exec level on a monthly basis.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£1.35 per person per month|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||MHR has a full system demo environment available on user request usually for a week at a time.|