KnowAll.Net is a hosted library management system to manage print and/or electronic library & information resources and knowledge. It is a scale-able & modular system, written in the .Net framework using latest technology. Subscription includes hosting, usage licences, support, updates & back-ups. Pay monthly or annually. First launched in 2003.
- Catalogue module - with automated cataloguing
- Loans & Access module - with self service options
- Finance module - to handle orders, receipts & invoices
- Serials module - manage receipt of journals and serial publications
- Inter-library loans module to manage inter-library loans
- Pre-configured reports in every module
- Electronic Resources Management (ERM) to control access
- Web OPAC - for library users to discover resources
- Regular releases - contain fixes, improvements & new features
- Knowledge management functionality
- Quickly download bibliographic details, additional text and images
- Efficiently chase all outstanding orders grouped by supplier
- Claim missing serial issues before it's too late
- Intuitive system means low training overheads
- Users can (optionally) self-loan & renew saving staff time
- Track usage to inform whether replacement/renewal is justified
- Users made aware of all resources both print & electronic
- Easily review spending and control budgets throughout the financial year
- Control access to resources and enforce licensing constraints
- Searchable help centre with comprehensive articles and training videos
£1950.00 per instance per year
- Free trial available
Bailey Solutions Ltd
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Support is available are during the 9.00 to 5.30 pm weekdays, excluding bank holidays.
Response times range from 1 hour to next release depending on the grade:
Critical - 1 hour response with expected resolution;
Key - 2 hour response with expected resolution;
Minor - 4 hour response, fixed in next release;
How to Question - 2 hour response;
Requirement, e.g. server move - varies;
Request for Modification - considered for future release;
Suggestion - considered for future release.
There is also a 24/7 online help centre with videos and manual style content.
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
The subscription includes:
Initial installation and set-up on the hosted platform.
Phone, email support and the online help centre during weekdays and normal working hours, 9.00 am - 5.30 pm.
Automatically applying releases to your software. Frequent releases include fixes for errors and improvements.
The subscription does not include:
Technical support for data services, e.g. bulk data cleansing and data manipulation, which can be purchased at £99 per hour for remote services.
On-site support which can be purchased at £760 per day plus travel expenses + VAT
Extra support services will not be incurred without a Purchase Order from the buyer.
Support queries should be addresses to firstname.lastname@example.org and then it will be assigned to a named technical consultant.
|Support available to third parties||Yes|
Onboarding and offboarding
Free installation and site set-up including the initial branding.
We provide free training videos, quick guides and manuals. We are also planning a searchable help centre which will help topics with short videos and manual style instructions.
We can provide online training sessions and there is an hourly rate currently set @ £80 per hour + VAT.
We recommend 2-3 one hour online sessions per module purchased.
We can provide on-site training and there is a half-day charge currently set @ £345 per half day + travel expenses + VAT.
We recommend one half-day training per module purchased.
|Other documentation formats||
|End-of-contract data extraction||We supply a SQL Server database with the client's data in tables but with the software's system objects (code modules, views, stored procedures) removed. There is no charge for this service.|
At the end of the contract a SQL server database containing the client's full relational data is provided at no extra cost.
If the client requires continued hosting or re-directs to their new system then this can be be provided at cost.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||No|
|Accessibility standards||WCAG 2.0 AAA|
|Accessibility testing||We are using modern CSS3 and HTML5 technology and Bootstrap helps us meet accessibility standards. The interface is tested with assistive technology throughout development as each function is developed, at the test phase and at beta phase. We test with screen readers. e.g JAWS and common speech recognition software using manual accessibility tests and we test that every element on the web page is accessible. We also make sure our software is cross browser compatible.|
|What users can and can't do using the API||
Clients can use the API to allow third party search engines to search the records, return search results and link through to the web page with the resource details.
Users are not making changes they are simply receiving search results with records that match their search criteria and then viewing the individual records by clicking through to the full details.
|API documentation formats||HTML|
|API sandbox or test environment||No|
|Description of customisation||
Library Staff can can select alerts and reminders on their home page.
Library Staff can set various system options for the system, e.g. fines on or off, reservations allowed, cataloguing templates used. There are settings for each module.
Library Staff can edit the cataloguing templates.
Power Users can configure the web OPAC and how it works for Library users. They can change the displayed field names, configure the search results, the indexed fields, the timing of the indexing, the bibliographic display, and various other attributes in the OPAC. Power Users can also add and remove standard gadgets, create custom gadgets and custom pages, and manage the menu items. Power Users can create a theme for the appearance of the OPAC. Library users can change the font size. This list is not comprehensive.
|Independence of resources||Normally your software would be housed on a server shared with other clients. The server serves many clients, There is one database per client so it's not a multi-tenanted database. The only way we can guarantee that clients won't be affected by other clients' activity is by providing you with a dedicated server on our host platform. This currently costs around £1,200 extra per year depending on your requirements.|
|Service usage metrics||Yes|
OPAC usage statistics are available in the web OPAC for Library Staff.
Pre-configured management reports in the Loans module also provide loans and usage statistics.
The Library Staff dashboard provides at-a-glance information about system state, e.g. how may orders, outstanding orders, loans, outstanding loans, outstanding serial issue, etc.
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Physical access control, complying with another standard|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||Library staff can export catalogue data and data in any list screen.|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||99.7% uptime|
|Approach to resilience||
Built by the MOD as a command and control centre protecting people and technology from nuclear threat, the construction and security standards are what you might expect of such a purpose built fortress. It sits 30 metres beneath a 3.5m high perimeter fence, with concrete walls 3 metres thick, steel doors weighing several tons and includes military Electro Magnetic Pulse and Tempest RFI intrusion protection. Layered on top of this physical inaccessibility is a 24-hour watch with guard dogs, CCTV and a series of sophisticated access controls.
• 24/7/365 security guards and guard dogs permanently on site
• Vehicular gate with control barrier
• Infrared CCTV with 24 hour capture covering all entrances and operational areas
• Visual verification of all users entering data floor – NO un-manned escort
• Borer security card access system
• Very early sophisticated smoke and heat detection systems
• Firetrace detection and extinguishing system
• Redundant air conditioning units to guarantee stable data floor temperature and humidity @ N+1
• Redundant UPS conditioned power @ N+1
• Diverse Power Supplies with diesel generator backup @ N+1
|Outage reporting||Email alerts|
Identity and authentication
|User authentication needed||No|
|Access restrictions in management interfaces and support channels||
Library Users do not have to be authenticated to search and discover library and information resources. The client can decide to apply IP filtering to restrict users who have access to the Web OPAC.
Library Staff have to sign in via a Citrix account to access the management interfaces.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||You control when users can access audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||British Standard Institue|
|ISO/IEC 27001 accreditation date||19/05/2017|
|What the ISO/IEC 27001 doesn’t cover||A.14.2.7 Outsourced development - N/A|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
Our policy is to protect the company’s information assets from all threats, whether internal or external, deliberate or accidental, to ensure business continuity, minimise business damage and maximise return on investments and business opportunities. The Managing Director has approved the Information Security Policy ensure that:
a. Information will be protected from a loss of: confidentiality, integrity and availability.
b. Regulatory and legislative requirements will be met
c. Business continuity plans will be produced, maintained and tested
d. Information security training will be available to all staff.
e. All breaches of information security, actual or suspected, will be reported to, and investigated by, the Information Security Manager.
Supporting guidance and procedures: risk assessment, information classification, data protection, incident handling, information backup, system access, third party services (supplier due diligence), malware controls, mobile device security & remote working, passwords and encryption.
The role and responsibility of the designated Information Security Manager is to manage information security and to provide advice, guidance on implementation of the Policy, review and maintenance.
All managers are directly responsible for implementing the Information Security Policy within their business areas.
It is the responsibility of each employee to adhere to the Information Security Policy.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Identify potential change: A customer encounters a problem, proposes a change or desires new functionality; Determine technical feasibility; Determine costs and benefits; Analyze change impact; Plan change
Developer coding using Visual Studio Team Services; Propagate change;
Test change; Roll -out change to one client tester; Update documentation; release notes and users' help centre; Release change in a system release rolled out to clients; Review and close change
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
We monitor for potential new threats, vulnerabilities or exploitation techniques which could affect our service regularly using F-Secure Radar.
Just Computing also monitor the servers 24/7 for vulnerabilities.
The severity of threats and vulnerabilities is considered within the context of the service and this information is used to prioritise the implementation of mitigations.
Using a suitable change management process, known vulnerabilities are tracked until mitigations have been deployed.
A centralized OS management tool carries out systematic patching across all hosted client sites.
Timescales depend on the severity of the risk. They could be deployed within 24 hours to one month.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Alerts form Just Computing 24/7 monitoring or F-Secure warnings.
The risk is assesed. Patch developed. Patch issued as soon as practically possible and released sometimes with 24 hours. Otherwise low risk compromises are addressed inthe next monthly release.
|Incident management type||Supplier-defined controls|
|Incident management approach||Often we find incidents are picked up by Just Computing 24/7 monitoring of their servers and we are notified by mobile phone if they happen out of hours. Just computing will manage incidents on our behalf and have a predefined process. They will restore normal service as quickly as possible. Users can report incidents via our dedicated support number +44 (0)1273 242958 or our support desk: email@example.com We provide incident reports via email.|
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£1950.00 per instance per year|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||
Buyers can trial the complete software application for free for 30-days without providing a credit card or other payment method.
Doesn't include data import services.
|Pricing document||View uploaded document|
|Terms and conditions document||View uploaded document|