iSAMS Independent Ltd

iSAMS and Ed:gen

iSAMS and Ed:gen are powerful, versatile, online school management systems you can build and shape to meet every need. 100% web-based, cloud or on-premise, intuitive and easy to use with multiple third-party integrations available. Online portals feed vital information to all school audiences, lifting productivity, efficiency, communication and engagement.

Features

  • Web-based platform for the entire school community
  • Integrated accounting solution
  • Online portals for communicating
  • Apps for Teachers, Parents and Students
  • Powerful and Realtime Reporting
  • Multi-Academy Trust Dashboards (Ed:gen Only)
  • Access from anywhere in the world
  • Weekly updates without system interruptions
  • Customisable system with API integrations
  • Intuitive and easy to use

Benefits

  • 100% Web-based - Cloud-based, single interface system
  • Monitoring student behaviour & wellbeing
  • Automated Reminders
  • Notification Workflow Management
  • Modular Approach
  • Excellent in-house 19 Hour Per Week Day Telephone Support
  • Transparent, rolling annual contracts
  • Excellent in-house training
  • Run and submit the annual statutory reports
  • Integrates with full IRIS Education suite (Ed:gen only)

Pricing

£4,000 an instance

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jamie.reid@isams.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

8 7 9 4 6 6 5 0 4 9 5 8 7 0 6

Contact

iSAMS Independent Ltd Jamie Reid
Telephone: +441604659100
Email: jamie.reid@isams.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
ISAMS is browser based, our most up to date browser policy can be found here: https://www.isams.com/browser-policy/
System requirements
Updated Web Browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
Depending on the Priority Level of the ticket logged response times vary from 30 minutes (Urgent Priority Level) to By end of Business Day (Low Priority Level).

Our Service Desk is open 19 hours each day from Monday to Friday – we are only closed between 18:00 and 23:00 BST on these days, so you can call our Support team anytime outside of these hours on weekdays. They’re also available on Sundays from 06:00 to 13:00 BST.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Customer Support Team
This team is responsible for receiving and managing all Requests. Requests are identified, categorised and either Resolved or Triaged accordingly. Requests that cannot be Resolved within this team are escalated to the relevant and appropriate support team. The Customer Support Team deal with questions and issues relating to the use of the Software including the user interface (front end).
Technical Support Team
The Technical Support Team is responsible for managing Requests and issues relating to Client Data and investigating functionality defects (back end). The Technical Support Team also support the environment.
Both Customer and Technical Support services are included within the iSAMS annual fee.
Reporting Services
The Reporting Services Team is responsible for providing the report creation, amendment and consultancy services. Bespoke work is chargeable at £100 per hour
Support available to third parties
No

Onboarding and offboarding

Getting started
Every School is assigned their own Project Success Manager. They act as your single point of contact throughout the installation process.
You’ll learn from an experienced trainer who’ll understand your priorities as well as knowing iSAMS inside and out.

How that training takes place, and which of your staff it involves, is really up to you. We recommend your IT manager, assigned iSAMS administrator and at least one champion from your teaching team. You’ll probably want to include others, such as a member of the bursary and accounts teams. Every School will receive a minimum of 5 days onsite training.

Delivery depends on the people involved, and we’re happy to advise based on what’s worked best for hundreds of other schools.

Different modules suit different forms of training: classroom-style for admin staff, one-to-one with management, for instance.

Free webinars are provided weekly and are hosted in our iCommunity Site.

All iSAMS modules are documented and can be searched using our online Support Portal.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Each module within iSAMS is embedded with reports allowing Schools to export their data. An SQL Database backup will also be provided to help export additional data.
End-of-contract process
Upon the Client’s request made within 90 days of the date of expiry or termination of this Agreement iSAMS will make the Client Data stored on the Platform available to the Client for download in accordance with the Documentation provided by iSAMS. After such 30 day period iSAMS will delete all copies of the Client Data on its systems save to the extent iSAMS is required to retain such Client Data to comply with Applicable Laws.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Each teacher gets quick and easy access to school information and can easily complete key tasks such as taking a register or awarding commendations directly from their mobile device or tablet.

The app is easy to set up, yet sophisticated data encryption and device management protect sensitive school information falling into the wrong hands. You can also use the app as an alternative and cost-effective way of communicating with teachers. Free push notifications can be used to send alerts about relevant news and updates as soon as they happen, directly to each teacher.
Service interface
No
API
Yes
What users can and can't do using the API
Our comprehensive APIs allows for the third-parties to seamlessly integrate with the iSAMS MIS. We utilize industry standard API technology, enabling third-parties to take full advantage of well known protocols, so that developers are not required to install additional software. This facilitates you to synchronize your data across platforms, including everything from Admissions to Final Examinations.

Many of our schools have successfully integrated iSAMS with several leading software providers. We offer a dedicated Developer Portal to schools and third-parties, which includes comprehensive support documentation to enhance your software development experience. https://developer.isams.com
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
All modules within iSAMS can be independently configured and customised to complement a schools bespoke requirements. Each module is permission based to ensure the correct staff members have access.

Custom branding is applied to iSAMS, Parent & Student Portal / Apps.
Custom notification workflows are setup per module
Custom Pastoral Structures to record Safeguarding and Behavioural profiles

Scaling

Independence of resources
Our entire cloud hosted environment is monitored by a sophisticated monitoring system that alerts our engineers to any issues that may cause downtime or impede optimum system performance. This includes advanced tools which aren’t available on client premises, including New Relic, SolarWinds and more. Any issues that are raised during this system monitoring will be flagged and comprehensively investigated, with swift actions taken to rectify them.

Analytics

Service usage metrics
Yes
Metrics types
Online service metrics can be found here https://status.isams.com/
Hosting Infrastructure
London (UK) Data Centre
Hong Kong Data Centre
Internal Applications & Services
Company Website
Developer Portal
Documentation Portal
Marketplace API & Website
Management API
Remote Access API & Website
Update System API & Website
3rd Party Services
Cloud SMTP Service
Push Notification Services
SMS Gateway (EU & ROW Inbound)
3rd Party Services
Central CRM API (Private)
Finance Portal & API (Private)
Discussion Forum Website
iCommunity Portal
Ideas Portal
Identity Portal
Infrastructure Monitoring Service
Webinar Service
3rd Party Services (Support)
Online Chat
Telephony (Inbound & Outbound Calls & Recordings)
Support Website
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Many of the iSAMS modules allow users to export their data using built in reports. Formats supported are PDF, Excel, CSV, Word and Powerpoint.

Custom Reports can be created by a School or iSAMS using Microsoft SQL Server Reporting Services (SSRS). Direct database read only access can also be provided to extract any data required.

iSAMS has a fully documented API service which can also be used to export data.
Data export formats
  • CSV
  • Other
Other data export formats
OneRoster API implementation
Data import formats
  • CSV
  • Other
Other data import formats
OneRoster API implementation

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
ISAMS will aim to ensure the Platform will have uptime of not less than 99% (measured on a 24x7 basis) excluding Planned Maintenance but including Emergency Maintenance.

Emergency Maintenance means Software maintenance performed in respect of the Software which is required to address a Defect or security issue that requires urgent resolution and which may be performed within or outside Working Hours. Advance notice will be given to the Client by email, where practicable.
Approach to resilience
Available on request
Outage reporting
A publish dashboard status of services can be found here: https://status.isams.com/

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Support access is restricted to email addresses from a Schools Domain. One or many users will be given access to all support requested from their School. Management Interfaces are only accessed if correct permissions are granted through the iSAMS control panel.
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
21/03/2019
What the ISO/IEC 27001 doesn’t cover
Everything not covered by the statement on the certificate.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
ISO 27001

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
We used Azure Devops to track work items. All work performed on the system must be attributed to a work item number. 2 developers must review the code. We have automated security scans on each pull request (code commit) code quality issues and security vulnerabilities are highlighted. All developers undergo security training.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We host our servers with Rackspace. Raskspace assess security risks and apply patches when necessary. As soon as a patch for a security threat has been released, an overnight task is scheduled to install and configure.
Protective monitoring type
Undisclosed
Protective monitoring approach
Users submit issues they find via our Zendesk helpdesk platform. Based on the severity of the issues a member of the development team is assigned to replicate and fix the potential compromise. Rackspace offer a DDoS Detection and Mitigation service, iSAMS subscribes to this to reduced any potential system downtime. Incidents are dealt with based on severity. Further details can be provided upon request.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Users report incidents by emailing to helpdesk.isams.com Zendesk is used to track the progress of Tickets. Incident Reports are created to identify trends from within Zendesk. Incident Reports can be published via our iCommunity Website / email (a forum used by all iSAMS Schools).

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£4,000 an instance
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jamie.reid@isams.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.