Business Systems (UK) Ltd

Business Systems Workforce Management

At Business Systems we work with all major Workforce Management (WFM) manufacturers (Teleopti, NICE and Verint) and boast an outstanding Workforce Optimisation team of experts. With 30 years' workforce management experience, we offer full consultancy, project management, implementation and support services to deliver best fit, optimal workforce management solutions.

Features

  • We put forward the best solution for your organisational needs
  • Long-term forecasting with seasonality and trend calculations
  • Intraday Scheduling Management with real-time adherence tools and alerts
  • Integrate to people data sources including Active Directory, HR, payroll
  • Regular expert reviews to ensure your solution is performing
  • Get the most out of your WFM with bespoke consulting
  • Seamless implementation, integration and deployment
  • Agent self-assessment reports, including adherence
  • Workforce management employee self-service tools including absence management, shift swaps
  • Tailored workforce management systems configuration based on your organisation

Benefits

  • Achieve a return on investment within the first 12 months
  • Reduce staffing costs with accurate forecasting and scheduling
  • Identify where overtime is prominent and resolve the underlying issue
  • Meet your SLAs with support from workforce management experts
  • Improve operational efficiency and productivity with bespoke system set-up
  • Boost your customer service and employee satisfaction
  • Consultancy from experts with over 50 year of wfm combined
  • Easily add or remove agents to the workforce management suite
  • Empower agents, reduce employee turnover and increase productivity
  • Optimise training and development by replicating desirable profiles

Pricing

£19 per person per month

  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

7 7 4 6 3 6 0 8 7 7 6 4 5 0 8

Contact

Business Systems (UK) Ltd

Julie Kerman

0208 326 8326

contact@businesssystemsuk.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Maintenance windows reserved once a month for patching and cloud maintenance. 14 days’ notice is provided if this is going to occur or not. Typically, the window takes no longer than 1 hour, and is used outside of the customer’s core hours.
The hosted environment uses active replication, meaning that at any one time there are 3 instances of a customer's environment available in 3 separate locations. Should one become unavailable the solution will automatically and seamlessly switch over to another so as to safeguard against any disruption for the customer.
System requirements
  • Modern browser with updates for agents and team leaders
  • PDF Reader or Excel for reports
  • Screen resolution: minimum 1280x1024
  • 1 Dual core x 64 6GB memory
  • Port 80 for http and 443 for https open
  • Windows 7/8/10, latest updates applied

User support

Email or online ticketing support
Email or online ticketing
Support response times
98% of support phone calls are answered within 5 seconds by our Customer Service centre. They will log a case and assign the priority of the query or problem. Typically Business Systems provide technical 1st response within 20 minutes for Support related issues. Response times differ outside core business hours due to the automated routing of calls. A 24 hour facility is available where cases can also be logged 24/7 (calls are routed to the Out Of Hours Team; emails would be logged and picked up the first business day).
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Onsite support
Support levels
Business Systems provides five levels of support (remote access is a pre requisite) including: 1. Platinum - Full support, 2 hour response for P1 faults (24 hours a day, 365 days a year). 4 hour response for P2 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 2. Gold - Full support, 2 hour response for P1 faults (08:00 – 20:00 hours a day, 365 days a year) 8 hour response for P2 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 3. Silver - 2 hour response for P1 faults (0800-2000 Mon - Fri, includes UK Bank Holidays) 8 hour response for P2 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 4. Bronze - Basic on-site support 4 hour response for P1 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 8 hour response for P2 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 5. Tailored Service Level based on the customer's requirements e.g. custom support hours, on-site support, technical account manager etc.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Training is provided on site and delivered by Business Systems Workforce Management Consultants with resource planning backgrounds. The training is consultative and promotes knowledge transfer through hands on exercises and relevant support e.g. building the hierarchy and schedules. Training is 'Train the Trainer' based, to enable additional training to be conducted internally.
There are typically two workshops where the customer is guided to configure the product. Go live and post deployment support is also provided as standard and should the customer need additional go-live support, additional days can be provided.
There is also an online "Wiki" that provides a wealth of material for end users. This includes context driven help, process overview, and troubleshooting guides. End users also have access to the customer portal which includes forums, FAQ's and product documentation.
Business Systems provides training material covering the main modules. These guides provide an overview of the main functionality for modules in scope.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • Online Wiki
  • Video Tutorials
End-of-contract data extraction
Reporting, query SQL or copy/paste from end user interface. Copies of databases can be provided
End-of-contract process
There are a number of options available for extraction of data at the end of the contract. A full copy of the database can be provided on request. Other options include exports of schedules and forecasts from the admin client. The reporting module can also be used to generate reports and export the data as necessary. Employee information can be exported from the people module.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The desktop service is used by administrators and includes forecasting and scheduling functions. All agent based interaction is web based. Functionality is common across desktop or mobile browsers, display scales with some change to display for mobile devices. This is optimised.
Service interface
Yes
Description of service interface
Service Interfaces available across desktop and mobile device are intuitive and user friendly. The desktop service is used by administrators and includes forecasting and scheduling functions. All agent based interaction is via web based interfaces as well as other functions such as intraday management, real time adherence and team leader tools. This functionality is common across desktop or mobile browsers, display scales with some change to display for mobile devices.
Accessibility standards
None or don’t know
Description of accessibility
The Workforce Management web interfaces are designed to be accessible from multiple browsers and devices.
Accessibility testing
Not Applicable.
API
Yes
What users can and can't do using the API
The API functions are comprehensive. Many user, schedule and forecast based actions can be executed using the API. It is the main interface for integrations with 3rd party applications.
API documentation
Yes
API documentation formats
Other
API sandbox or test environment
No
Customisation available
No

Scaling

Independence of resources
Segregation of customer services in Azure DC

Analytics

Service usage metrics
Yes
Metrics types
Max agents used/month, Service Uptime
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Other
Other data at rest protection approach
We ensure that the databases and repositories containing the customer’s data are protected from unauthorized access by using appropriate authorization controls. All data is SSL encrypted while in transit.
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Reporting, query SQL or copy/paste from end user interface. Copies of databases can be provided
Data export formats
Other
Other data export formats
  • Word
  • SQL
  • PDF
  • XLSX
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
We ensure that all external entry points to network segments containing the customer’s data have restricted access controls in place and include at a minimum the following: External network perimeters shall be hardened and configured to protect against unauthorized traffic; All external connections shall terminate in a DMZ and connections recorded in an event log; Inbound and outbound points shall be protected at a minimum using firewalls and intrusion detection systems (IDS), and if possible include intrusion prevention systems (IPS), to prevent unauthorized activity; Web and application servers shall be separated from the corresponding database servers by means of firewalls.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
The customer’s data is only stored and processed in the Manufacturer's operations and in the operations of Microsoft Corporation. The customer’s data may not be stored on, or processed in or transferred to private devices, such as personal computers, mobile units (including smartphones) and external storage media (e.g. USB memory sticks).

Availability and resilience

Guaranteed availability
The hosting service offers a guaranteed uptime of 99.5%, excluding any planned maintenance within the Operational Time, scheduled and agreed downtime, and the occurrence of any Force Majeure Event.
Approach to resilience
The application runs in Microsoft Azure, which provides our customers with excellent business continuity. From a data point of view, this includes a built-in high availability subsystem that protects databases from failures of individual servers and devices in a datacentre.
Azure SQL Database maintains multiple copies of all data in different physical nodes located across fully independent physical sub-systems to mitigate outages due to failures of individual server components, such as hard drives, network interface adapters, or even entire servers.
At any one time, three database replicas are running—one primary replica and two or more secondary replicas. Data is written to the primary and one secondary replica using a quorum based commit scheme before the transaction is considered committed.
If the hardware fails on the primary replica, Azure SQL Database detects the failure and fails over to the secondary replica. In case of a physical loss of a replica, a new replica is automatically created. So there are always at minimum two physical, transactionally consistent copies of our customers’ data in the datacentre.
Outage reporting
This is achieved via Microsoft tools

Identity and authentication

User authentication needed
Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication
Users may authenticate through username (email address format) and password. Password complexity controls may be set. Alternatively SSO can be used with a 3rd party identity provider
Access restrictions in management interfaces and support channels
Customer controls, user accounts and role configuration. There is full granularity in user role configuration.

Each role is associated with application functions (screens or features within screens) and with a set of teams from the organisational structure. The users of the system can belong to one or more roles.
There is a set of detailed Global Functions which regulate exactly what a user may or may not do, such as make changes to absences, or see unpublished schedules.
Access restriction testing frequency
Never
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
UKAS
ISO/IEC 27001 accreditation date
06/11/2017
What the ISO/IEC 27001 doesn’t cover
All operational areas are covered.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials Certificate

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
All security incidents posing a threat to the information storage and processing facilities are reported and documented. For each reported incident it is required that a thorough investigation is conducted and remedial action taken leading to a satisfactory closure. All employees and contractors are made aware of what constitutes an information security incident and are familiar with the reporting procedures.

It is the responsibility of all employees and subcontractors to report any information security incident or suspicion to the ISO Security Officer and ensure that the incident is duly recorded on the Information Security Incident form. It is the responsibility of the Security Incident Management to take appropriate action to provide a prompt response to the incident and to facilitate normal operation as soon as safely possible. This is overseen by the Board.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
To ensure the confidentiality, integrity and availability of the customer’s data proper security controls are applied within all information processing centers, with a formal change management process. Separating environments for development, testing and production controls are in place to back up the customer’s data. Backup and restore procedures are included in the Disaster and Recovery Plan (DRP).
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Controls are in place to detect and prevent malicious code from being executed on any system. These controls are regularly updated, e.g. the most recent versions of antivirus signatures are distributed as soon as they are available, to ensure detection and prevention of malicious attacks.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
In line with ISO 27001 accredited governance procedures.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
In line with ISO 27001 accredited governance procedures.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£19 per person per month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Forecasting functionality is available as free-ware

Service documents

Return to top ↑