DCV Technologies Ltd

HRX4

Digital Human Resources Management & Employee Engagement. Providing a comprehensive platform for Human Capital Management (HCM). This allows organisations to move to a complete digital HCM platform, with seamless scaling across functionalities delivering a modern digital experience to all stakeholders and assisting organisations to streamline HR processes.

Features

  • Fully secure UK AZURE HR and engagement SaaS Solution
  • Employee engagement and internal social media features
  • Real time and comprehensive employee reporting and information analysis
  • Remote access - Mobile enabled
  • Fast customization and feature enhancement
  • Scale-ability from smallest to largest organisation
  • GDPR compliant
  • Quick and low cost deployment

Benefits

  • Completely integrated next generation digital solution for all HR demands
  • Includes employee engagement features like staff surveys, internal social media
  • Customisable workflow engine
  • Extensive and integrated performance management features, including 360 degree feedback

Pricing

£8.00 to £20.00 per user per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11

845680800173186

DCV Technologies Ltd

Alisdair Ferguson

01442899430

alisdair.ferguson@dcvtechnologies.co.uk

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Allows authentication from other secure 3rd parties like Google and Azure integrations.
Cloud deployment model Private cloud
Service constraints Services are hosted in Azure PaaS. Client requirements are browser such as Chrome (latest version), Microsoft Internet Explorer 11 and above, MS Edge, Mozilla Firefix (latest version)
System requirements
  • Services are hosted in Azure PaaS
  • Client requirements are browser such as Chrome or Microsoft

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Our response times are within 1 - 5 hours, Monday to Friday and at weekends.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.1 AA or EN 301 549
Web chat accessibility testing After analysing common tasks a variety of user testing was conducted in addition to the following:
• Screen reader: JAWS (person with a severe vision impairment)
• Screen reader: NVDA (person with a severe vision impairment)
• Magnifier: ZoomText (person with a moderate vision impairment)
• Speech recognition: Dragon Naturally Speaking (person with a physical impairment)
• Speech recognition: Windows Speech Recognition (person with a cognitive impairment)
Onsite support Onsite support
Support levels High priority:
1. The implemented application is not operational for users during scheduled availability
2. A major function of the system is not operational for usage during the scheduled availability

Normal Priority:
1. A minor function of the system is not operational for one or more users
2. A user has questions about the system functionality or needs assistance in using the application
3. A user needs administrative assistance

Low Priority:
1. Enhancement requests are logged low priority, but are reviewed and scheduled by the Microimage project team. Based on the above severity availability, problem response and resolution time will vary
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We offer training and implementation support and materials.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction We can extract the database and / or they can use the standard query and reporting tools to extract data.
End-of-contract process We will provide the database extract and the related technical documentation and also offer a migration service to another provider.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Desktop services are accessed by application windows provided using typical web browser functionality. While mobile services are accessed via mobile app functionality.
API Yes
What users can and can't do using the API Authenticated users can securely access & download HCM data via Azure API Manager.
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
  • Other
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Through client customization features, like workflow builder, custom reports, work flows etc.

Scaling

Scaling
Independence of resources We monitor the service using Azure elastic service to manage the back-end. Processing Power and DB Procession stretches/shrinks when required.

Analytics

Analytics
Service usage metrics Yes
Metrics types Average response time, Data In, Data Out & DTU utilization.
Reporting types Regular reports

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold MicroImage

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Using tools that come as part of the service, or commission specific support service from us.
Data export formats
  • CSV
  • Other
Other data export formats JSON
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks Monitoring, adhering to data security standards on a cloud based AWS architecture.
Data protection within supplier network Other
Other protection within supplier network Data is hosted in Azure PaaS and infra security is provided by Azure.

Availability and resilience

Availability and resilience
Guaranteed availability Each service will be configured depending on the end client requirements and SLA will be defined to meet these requirements.
Approach to resilience Using Microsoft AZURE UK redundancy resilience and fail-over.
Outage reporting Through the application home screen, service portal and through service management reporting.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Username or password
  • Other
Other user authentication Via REST APIs
Access restrictions in management interfaces and support channels Access level Authentications
Access restriction testing frequency At least every 6 months
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users receive audit information on a regular basis
How long user audit data is stored for Between 6 months and 12 months
Access to supplier activity audit information Users receive audit information on a regular basis
How long supplier audit data is stored for Between 6 months and 12 months
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes System manages Data decryption, thus individuals are not permitted to manage such tasks.
Microimage has assigned authorized professionals to manage the HCM Cloud System and access via Internet to execute required tasks.
AES Encryption with a 256-bit key and a random IV per encryption- AES each cipher encrypts and decrypts data in blocks of 128 bits using cryptographic keys of 256-bits, respectively.
Secret-key ciphers use the same key for encrypting and decrypting, so both sender and the receiver shall recognize and use the same secret key.
All key lengths are capable to protect classified information up to the "Secret" level with "Top Secret" information requiring 256-bit key lengths.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach ALM lifecycle, test and release approach.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach 1. Preparation
We define the scope of the vulnerability management by limiting the number of vulnerabilities identified by the vulnerability scanner in the first phase.
2. Discovery
Once the preparation phase is complete,any issues such as poor application responses and system crashes will be detected through the scan and recorded with recommended actions.
3. Analysis
Determine the associated risks and provide a risk remediation on the defined re-mediating actions.
4. Reporting
Generate reports on regulatory compliance, threats analysis, service level agreement statuses.
5. Remediation
Execute the planned re-mediating actions within the time-frames
6. Rescan
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Since HCM Cloud is hosted on Azure, Azure's protective monitoring on the cloud hosting directly applies to HCM Cloud. HCM Cloud adopts Microsoft disaster recovery mechanisms.
We adhere to the Microsoft SQL server Geo Restoring facility enables data base recovery via Azure portal.
Microimage maintains the HCM Cloud code-base separately for faster restoration at the event of a disaster to ensure minimum disturbance to business operations. Microimage maintains the logs for system sign in /sign out.
Resigned administrators’ rights to access the system will be restricted subsequent to notifying resignation. Microimage maintains the logs for system sign in /sign out.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Clients are allowed to escalate issues in the system through an incident reporting system (ticketing system). This facility is provided subsequent to the completion of Setting up and Configuration of HCM Cloud.

The official ticketing system email (support@microimage.com) will be shared with clients after completing the set-up and configuration and successfully transferring the client to the LIVE Phase.
Further we are in the process of becoming GDPR compliant therefore any incident regarding a data breach will be addressed as per GDPR requirements.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £8.00 to £20.00 per user per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial 30 day trial.

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions pdf document: Modern Slavery statement
Service documents
Return to top ↑