Bailey Solutions Ltd

Simple Little Library System

Simple Little Library System is hosted library management software to manage print and/or electronic library & information resources. It is a modular system for smaller libraries, written in the .Net framework using latest technology. Subscription includes hosting, usage licences, support, updates & back-ups. Pay monthly or annually. First launched 2017.


  • Catalogue module - with automated cataloguing
  • Loans module - with self service options
  • Finance module - to handle orders, receipts & invoices
  • Serials module - manage receipt of journals and serial publications
  • Pre-configured reports in every module
  • Web OPAC - for library users to discover resources
  • Regular releases - contain fixes, improvements & new features
  • Searchable help centre with comprehensive articles and training videos


  • Quickly download bibliographic details, additional text and images
  • Efficiently chase all outstanding orders grouped by supplier
  • Claim missing serial issues before it's too late
  • Intuitive system means low training overheads
  • Users can (optionally) self-loan & renew saving staff time
  • Track usage to inform whether replacement/renewal is justified
  • Users made aware of all resources both print & electronic
  • Easily review spending and control budgets throughout the financial year
  • Control access to resources and enforce licensing constraints


£648.00 per instance per year

  • Free trial available

Service documents

G-Cloud 10


Bailey Solutions Ltd

Shaun Ellenger


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints No
System requirements
  • Library staff only need a browser
  • Library users only need a browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Support is available are during the 9.00 to 5.30 pm weekdays, excluding bank holidays.
Response times range from 1 hour to next release depending on the grade:
Critical - 1 hour response with expected resolution;
Key - 2 hour response with expected resolution;
Minor - 4 hour response, fixed in next release;
How to Question - 2 hour response;
Requirement, e.g. server move - varies;
Request for Modification - considered for future release;
Suggestion - considered for future release.
There is also a 24/7 online help centre with videos and manual style content.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support No
Support levels The subscription includes:

Initial installation and set-up on the hosted platform.

Phone, email support and the online help centre during weekdays and normal working hours, 9.00 am - 5.30 pm.

Automatically applying releases to your software. Frequent releases include fixes for errors and improvements.

Nightly back-ups

The subscription does not include:

Technical support for data services, e.g. bulk data cleansing and data manipulation, which can be purchased at £99 per hour for remote services.

On-site support which can be purchased at £760 per day plus travel expenses + VAT

Extra support services will not be incurred without a Purchase Order from the buyer.

Support queries should be addresses to and then it will be assigned to a named technical consultant.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Free installation and site set-up including the initial branding.
We provide free training videos, quick guides and manuals. We are also planning a searchable help centre which will help topics with short videos and manual style instructions.
We can provide online training sessions and there is an hourly rate currently set @ £80 per hour + VAT.
We can provide on-site training and there is a half-day charge currently set @ £345 per half day + travel expenses + VAT.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • YouTube videos
  • MP3 video files
End-of-contract data extraction We supply a SQL Server database with the client's data in tables but with the software's system objects (code modules, views, stored procedures) removed. There is no charge for this service.
End-of-contract process At the end of the contract a SQL server database containing the client's full relational data is provided at no extra cost.
If the client requires continued hosting or re-directs to their new system then this can be be provided at cost.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Mobile display is linear and re-scaled to fit neatly on mobile screens.
Menus change icons on mobile to (optional) words on desktop.
You can tap buttons and selections in the mobile and use a mouse with desktop service.
The software will also scale up on wide screen monitors.
Accessibility standards WCAG 2.0 AAA
Accessibility testing We are using modern CSS3 and HTML5 technology and Bootstrap helps us meet accessibility standards. The interface is tested with assistive technology throughout development as each function is developed, at the test phase and at beta phase. We test with screen readers. e.g JAWS and common speech recognition software using manual accessibility tests and we test that every element on the web page is accessible. We also make sure our software is cross browser compatible.
What users can and can't do using the API Clients can use the API to allow third party search engines to search the records, return search results and link through to the web page with the resource details.
Users are not making changes they are simply receiving search results with records that match their search criteria and then viewing the individual records by clicking through to the full details.
API documentation Yes
API documentation formats HTML
API sandbox or test environment No
Customisation available Yes
Description of customisation Library Staff can can select alerts and reminders on their home page.
Library Staff can set various system options for the system, e.g. fines on or off, reservations allowed, cataloguing templates used. There are settings for each module.
Library Staff can edit the cataloguing templates.
Power Users can configure the web OPAC and how it works for Library users. They can change the displayed field names, configure the search results, the indexed fields, the timing of the indexing, the bibliographic display, and various other attributes in the OPAC. Power Users can also add and remove standard gadgets, create custom gadgets and custom pages, and manage the menu items. Power Users can create a theme for the appearance of the OPAC. Library users can change the font size. This list is not comprehensive.


Independence of resources Normally your software would be housed on a server shared with other clients. The server serves many clients, There is one database per client so it's not a multi-tenanted database. The only way we can guarantee that clients won't be affected by other clients' activity is by providing you with a dedicated server on our host platform. This currently costs around £1,200 extra per year depending on your requirements.


Service usage metrics Yes
Metrics types OPAC usage statistics are available in the web OPAC for Library Staff.
Pre-configured management reports in the Loans module also provide loans and usage statistics.
The Library Staff dashboard provides at-a-glance information about system state, e.g. how may orders, outstanding orders, loans, outstanding loans, outstanding serial issue, etc.
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Library staff can export catalogue data and data in any list screen.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • XLSX
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • XLSX

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability 99.7% uptime
Approach to resilience Built by the MOD as a command and control centre protecting people and technology from nuclear threat, the construction and security standards are what you might expect of such a purpose built fortress. It sits 30 metres beneath a 3.5m high perimeter fence, with concrete walls 3 metres thick, steel doors weighing several tons and includes military Electro Magnetic Pulse and Tempest RFI intrusion protection. Layered on top of this physical inaccessibility is a 24-hour watch with guard dogs, CCTV and a series of sophisticated access controls.
• 24/7/365 security guards and guard dogs permanently on site
• Vehicular gate with control barrier
• Infrared CCTV with 24 hour capture covering all entrances and operational areas
• Visual verification of all users entering data floor – NO un-manned escort
• Borer security card access system
• Very early sophisticated smoke and heat detection systems
• Firetrace detection and extinguishing system
• Redundant air conditioning units to guarantee stable data floor temperature and humidity @ N+1
• Redundant UPS conditioned power @ N+1
• Diverse Power Supplies with diesel generator backup @ N+1
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed No
Access restrictions in management interfaces and support channels Library Users do not have to be authenticated to search and discover library and information resources. The client can decide to apply IP filtering to restrict users who have access to the Web OPAC.
Library Staff have higher access levels to administer the system and access the configuration settings.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Username or password
  • Other

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 British Standard Institue
ISO/IEC 27001 accreditation date 19/05/2017
What the ISO/IEC 27001 doesn’t cover A.14.2.7 Outsourced development - N/A
ISO 28000:2007 certification Yes
Who accredited the ISO 28000:2007 British Standards Institute
ISO 28000:2007 accreditation date 19/05/2017
What the ISO 28000:2007 doesn’t cover No exceptions
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Our policy is to protect the company’s information assets from all threats, whether internal or external, deliberate or accidental, to ensure business continuity, minimise business damage and maximise return on investments and business opportunities. The Managing Director has approved the Information Security Policy ensure that:

a. Information will be protected from a loss of: confidentiality, integrity and availability.
b. Regulatory and legislative requirements will be met
c. Business continuity plans will be produced, maintained and tested
d. Information security training will be available to all staff.
e. All breaches of information security, actual or suspected, will be reported to, and investigated by, the Information Security Manager.

Supporting guidance and procedures: risk assessment, information classification, data protection, incident handling, information backup, system access, third party services (supplier due diligence), malware controls, mobile device security & remote working, passwords and encryption.

The role and responsibility of the designated Information Security Manager is to manage information security and to provide advice, guidance on implementation of the Policy, review and maintenance.
All managers are directly responsible for implementing the Information Security Policy within their business areas.
It is the responsibility of each employee to adhere to the Information Security Policy.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Identify potential change: A customer encounters a problem, proposes a change or desires new functionality; Determine technical feasibility; Determine costs and benefits; Analyze change impact; Plan change
Developer coding using Visual Studio Team Services; Propagate change;
Test change; Roll -out change to one client tester; Update documentation; release notes and users' help centre; Release change in a system release rolled out to clients; Review and close change
Vulnerability management type Supplier-defined controls
Vulnerability management approach We monitor for potential new threats, vulnerabilities or exploitation techniques which could affect our service regularly using F-Secure Radar.
Just Computing also monitor the servers 24/7 for vulnerabilities.
The severity of threats and vulnerabilities is considered within the context of the service and this information is used to prioritise the implementation of mitigations.
Using a suitable change management process, known vulnerabilities are tracked until mitigations have been deployed.
A centralized OS management tool carries out systematic patching across all hosted client sites.
Timescales depend on the severity of the risk. They could be deployed within 24 hours to one month.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Alerts form Just Computing 24/7 monitoring or F-Secure warnings.
The risk is assesed. Patch developed. Patch issued as soon as practically possible and released sometimes with 24 hours. Otherwise low risk compromises are addressed inthe next monthly release.
Incident management type Supplier-defined controls
Incident management approach Often we find incidents are picked up by Just Computing 24/7 monitoring of their servers and we are notified by mobile phone if they happen out of hours. Just computing will manage incidents on our behalf and have a predefined process. They will restore normal service as quickly as possible. Users can report incidents via our dedicated support number +44 (0)1273 242958 or our support desk: We provide incident reports via email.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £648.00 per instance per year
Discount for educational organisations No
Free trial available Yes
Description of free trial Buyers can trial the complete software application for free for 30-days without providing a credit card or other payment method.
Doesn't include data import services.


Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑