Frontier Software plc

ichris cloud software

Frontier Software is a provider of software for Human Capital Management (HCM) Payroll and Talent Management. ichris is a cloud based, fully integrated solution including modules for recruitment, training, performance management and self service and is available 24/7 using a range of devices. Payroll outsourcing services are also available.

Features

  • Access system from anywhere, anytime via a range of devices
  • Fully integrated or stand alone HR and Payroll management software
  • Payroll software with RTI and auto enrolment capability
  • Employee/Manager self service options and mobileHR for smartphones
  • Real time data analysis using an integral report designer
  • Modular design to meet your needs and budgets
  • Diary reminders and automatic notification of tasks and events
  • Multiple country, company, language and currency options
  • Comprehensive security, audit and validation
  • Unlimited history always available

Benefits

  • Modern interface delivers a positive user experience
  • User configuration tools to empower the user
  • Manage data remotely and at your convenience
  • Automatic email generation saving time and effort
  • Devolve responsibility through self service and reduce HR administration
  • HMRC's PAYE Recognition for payroll software for peace of mind
  • Range of outsourced payroll processing services to suit individual needs
  • Compliance with statutory requirements through upgrades
  • Easily scalable for growth in employee numbers and/or users
  • End to end management of the employee lifecycle

Pricing

£10000 per licence per year

Service documents

Framework

G-Cloud 11

Service ID

7 3 7 3 0 6 5 4 2 6 8 3 1 1 9

Contact

Frontier Software plc

Sandra Walker

01543 274665

sandra.walker@frontiersoftware.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints Details of the supported hardware configurations can be supplied upon request.
Our aim is for 100% uptime and we use all reasonable endeavours to ensure 98% availability during Frontier Software business hours. This excludes scheduled downtime (during Frontier Software business hours) for system maintenance and loading of updates, which is agreed in advance between the customer and Frontier Software.
System requirements
  • Oracle or SQL Service licence required for database option
  • Hosting service fees may be applied

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Helpdesk support is available between 8.30am and 5.30pm, Monday – Friday (excluding bank holidays in England) and is provided under the annual maintenance agreement. Out of hours/weekend service available at an additional cost.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Frontier Software provides email and telephone support and can also connect through your VPN to offer additional support (provided that the necessary connection software is supplied). Alternatively, our support consultants can use Teamviewer at no cost to you. A secure customer services area of the web site is provided for tracking calls. All help desk support, during business hours, is provided under the annual maintenance agreement.

The help desk team is comprised of application and technical support consultants, plus an implementation/training consultant is on duty with the help desk each day. On most occasions queries can be dealt with immediately, however, should the call be of a nature where immediate help is not possible, the user will be given the Log Call Number as a reference point. The support consultant will evaluate the level of escalation required depending upon its category and inform the user the timescales involved for a solution.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Services offered by Frontier Software include on site training with associated documentation and workbooks. A regular schedule of training courses held at our premises is always available.

All of our products have context sensitive F1 Help facilities, including a ‘How To’ section to guide users through common processes. There is also a full range of documentation issued with our products as part of the ongoing maintenance agreement.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction The Import/Export tool, provided with the software, enables the user to extract data using Excel technology.
End-of-contract process Contracts are open ended and the user can give notice to end the contract in accordance with the terms and conditions.

If Frontier Software consultancy support is required to extract data, charges will apply.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Currently we only support IE 11 on desktop.
Service interface No
API Yes
What users can and can't do using the API The Web Services option enables the ichris Business Rules Engine to function as a service provider in a service-oriented architecture (SOA) with UDDI, WSDL, and SOAP. It allows the latest Web Services enabled
tools and applications to be used for integration projects. Web Services skills required by the client.
API documentation Yes
API documentation formats PDF
API sandbox or test environment No
Customisation available Yes
Description of customisation Highly customisable application that allows authorised users to tailor existing forms (screens) and to create additional ones in order to reflect your business processes and data storage needs. For example:
- Change field, form or menu labels to match your terminology
- Create new forms, fields or menus to suit
- Add fields to existing forms
- Hide fields that are not immediately required

Scaling

Scaling
Independence of resources To be completed

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Users can export data via the supplied Import/Export tool (Spreadsheet Interface). This tool enables users to transfer large volumes of data out of their database. It is a truly versatile tool consisting of a workbook with worksheets that correspond to specific system forms. These can be processed in batches and an authorised user can create and modify worksheets as required to meet specific data export requirements.
Data export formats
  • CSV
  • Other
Other data export formats
  • HTML
  • XLS
  • XML
Data import formats
  • CSV
  • Other
Other data import formats XLS

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Our aim is for 100% uptime and we use all reasonable endeavours to ensure 98% availability during Frontier Software business hours. This excludes scheduled downtime (during Frontier Software business hours) for system maintenance and loading of updates, which is agreed in advance between the customer and Frontier Software. To date this has been achieved.
Approach to resilience All data is stored in a Tier III+ high security data centre. Further information is available on request.
Outage reporting Email alerts.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Access to information and other IT assets will be granted only to authenticated users and on a strict needs only basis.

We have and will maintain an equal obligation to protect the secured environments and assets of our customer base from unsanctioned access. This will be facilitated through the control of end users via three access classifications :
- System
- Privileged
- External
Whilst all employees are system end-users of our environment, only a subset of these are allowed higher privileges. Privileged users enjoy access rights to otherwise restricted operational areas and infrastructure
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Bureau Veritas
ISO/IEC 27001 accreditation date 16/12/2005
What the ISO/IEC 27001 doesn’t cover All areas of the business are covered
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes The purpose of our Information Security Management System (ISMS) policy documents is to provide a framework to manage risks to our data, processes and other information assets and resources, to deliver an acceptable degree of operational security, whilst recognising that some risks cannot be completely eliminated. This framework is achieved through a series of ISMS policy statements and associated controls. The ISMS is a key framework in our business operation. The ISMS policy documents are applicable to all Frontier Software offices.

All users receive the ISMS Policies and Controls document on commencement of employment. Information security vulnerability awareness is vital to an effective ISMS and in support of this, Frontier Software is responsible for maintaining ongoing information security awareness training. The annual training and the employee's participation is mandatory.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach No change will be made to any hosted environment without an appropriately authorised Frontier Software Change Request Service Form from the client.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Procedures and managed controls exist to ensure a consistent approach to a prescribed and secure operation of our environment.

Vulnerability patches are applied at that point in time where it is considered and determined that reported exploits must be remediated. Under this condition, such change will be applied under the change management framework.

To minimise the potential of attack, all servers and desktops will be implemented only after our thorough operating system hardening regimen, is implemented, as a part of the server/desktop sanctioning process.

Technical vulnerabilities must be assessed on a constant basis, and prioritised according to Manufacturer Severity Levels.
Protective monitoring type Undisclosed
Protective monitoring approach All staff must be cognisant of threat and operate in accordance with our ISMS policies and controls. Threat may be accidental. It may also be intentional, perpetrated for gain, mischief or disruption. Whatever the cause, inadequate protection or conduct may be sufficient for a serious breach to occur affecting the entire IT and business service. The company provides Information Security Awareness training to all staff and, may elect to apply similar awareness training to third parties, where it is deemed necessary.
Incident management type Undisclosed
Incident management approach All users of information services are required to report suspected security weaknesses or threats to our infrastructure or services on a continuous basis. Reported candidates will be assessed as quickly as possible and must be made know to immediate team members and escalated to the Line Manager. Security candidates must be assessed immediately and escalated to Line Management upon its confirmation of damage or disruption. Upon conformation, the candidate becomes a formal incident and treated within the Incident Escalation Framework as per our ISMS policies.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £10000 per licence per year
Discount for educational organisations No
Free trial available No

Service documents

Return to top ↑