House-on-the-Hill Software Ltd

SupportDesk Human Resources Helpdesk

SupportDesk HR is a Human Resources helpdesk with controlled access privileges, which can be used alongside HR tools, to ensure that the unique aspects of HR calls and staff requests can be catered for. Use SupportDesk HR for paperless processing of holiday requests, new starters and other internal staff tickets.

Features

  • Customer Self-Service Portal for logging and tracking HR requests
  • Workflow Configuration to guide sensitive issues through predefined processes
  • QuickCalls templates for speedy submission of routine HR Requests
  • Form Designer to customise purpose built web-based HR Request Forms
  • Customisable User Dashboards for quick links and summaries
  • KPI Monitor for managers to assess Request volumes in real-time
  • Easy to use reporting tool
  • Customisable automated emails for sending updates to managers and requestors
  • Resource Booking facility for reserving meeting rooms and scheduling assets
  • Access to FAQs, User Guides & Noticeboard via Self-Service Portal

Benefits

  • Proactively manage all HR requests in streamlined, paperless workflows
  • Keep end users in the loop with automatic email updates
  • Easily assess staff workloads, identify where special procedures are required
  • Create a company-specific look and feel with extensive personalisation capabilities
  • Use booking facility to avoid clashes with calendar view
  • Give customers immediate access to FAQs, self-help and company noticeboard
  • Mandatory fields and pre-configured dropdowns ensure accurate capture of data
  • Automatic recording of actions, emails and corespondence provide full audit

Pricing

£25 per licence per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 9

965116214022365

House-on-the-Hill Software Ltd

Trudy Broadhead

0161 427 8988

TrudyBroadhead@HOUSEONTHEHILL.COM

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to SupportDesk Freedom of Information can operate as a standalone service but can also be used in addition to any other SupportDesk processes e.g. SupportDesk IT Service Management or SupportDesk Facilities Management.
Cloud deployment model Public cloud
Service constraints Our aim is for our hosted systems to be available 100% of the time. Any planned downtime would be in consultation with the client and is not likely to exceed 15 minutes.

Only internet access is required for use of the service.
System requirements
  • Only use of the Internet is required for accessing SupportDesk
  • SupportDesk can be accessed on a variety of end devices

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Support is provided between 8:30 am and 5:30 pm Monday to Friday, except for UK Public Holidays.

First Response is within 2 hours followed by priority based assessment. Urgent and High issues are attended to immediately.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Our standard support service is included as part of the ‘software as a service’ agreement.

The Standard Service comprises of the following:
1 The diagnosis of faults reported by the customer.
2 The rectification of such faults, by means of a fix or workaround.
3 The notification of updates which need to be applied to correct a specific fault.
4 Access to the online Support Library which includes guides and videos. 5 Advice by email or telephone in relation to reasonable enquiries on the use of the SupportDesk system.

Issues can be reported by email, logging directly into our support portal or by telephone.

Support requests made by the customer of an urgent or high nature will be attended to as matter of priority.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Users are given access to the Support Library and the Support Service as part of the rental.
A minimum number of Consultancy/Training Days are recommended, based on the size and complexity of the system. This is an exercise to ensure that the software satisfies the requirements of the business and the user understands how the service can be adjusted for minor changes. The Consultancy/Training can be delivered on-site or online.
The Support Service is intended for reporting issues and straight forward enquiries.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction At the end of contract the database will be returned to the user (if required) in a secure manner. Similarly, for any ancillary attachments that have been loaded.
End-of-contract process As part of the contract, at termination the user is offered the option of continuation of service, which would of course incur the prevailing charges. If the service is no longer required then we will either return or destroy the data as requested by the user.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service SupportDesk’s mobile service desk allows engineers to access their work queue to log and update calls while working on user locations. End-users can also log and monitor their tickets. SupportDesk can be accessed by Mobile Web App and Tablet on both iPhone & Android devices which are HTML5 enabled.
Accessibility standards None or don’t know
Description of accessibility With regards to the four principles of WCAG 2.0:

Perceivable: This is achieved through the styling and use of HouseForms.

Operable: The browser interface predominantly requires the use of a mouse. Users are assisted with system and content navigation.

Understandable: Text if necessary can be altered using Forms. The content appears and operates in predictable ways. Data validation helps users avoid mistakes.

Robust: The development of SupportDesk is driven by demands of customers and the market place and hence is adapted for current and future user tools where possible.
Accessibility testing No testing has been done for use of the interface with users of assistive technology. However, the customizability of the system via the use of Forms and Styling allows for the interface to be adapted to suit use by people requiring additional assistance.
API Yes
What users can and can't do using the API With SupportDesk’s WebAPI tickets can be created or updated from links to other systems and vice versa. Data can also be extracted from third party systems. Each installation will have different requirements so configuration will be required.
API documentation No
API sandbox or test environment Yes
Customisation available Yes
Description of customisation SupportDesk comes supplied with its inherent data dictionary and customisable forms. This allows users to rename/remove fields they wish to change. Additional fields can also be added. The forms designer enables the user to create bespoke forms and dashboards for their team. Furthermore, SupportDesk comes with default categorisations but these can all be adjusted to suit the user’s business practices via the interface.

Scaling

Scaling
Independence of resources The SupportDesk service runs multiple processes so that systems do not adversely affect each other.

Analytics

Analytics
Service usage metrics Yes
Metrics types House-on-the-Hill’s QuickReport designer allows you to design your own custom service desk reports and also comes with over 100 pre-configured reports. Charts and graphs can be displayed and reports can be run instantly, scheduled to run on specific days and times. Reports can be emailed or exported to html, csv and pdf format and can also be displayed on user dashboards.
In addition, House-on-the-Hill's KPI Monitor also offers customisable reports for the analysis of the system allowing you to measure against many KPIs. The real-time KPI Monitor automatically refreshes every 30 seconds and KPI reports can be incorporated into dashboards.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Less than once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach SupportDesk data can be exported into CSV format for transfer to other systems.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Our aim is for systems to be available 100% of the time.
(Ignoring scheduled and agreed maintenance down time)
Year Percentage Uptime
2016 99.999%
2015 99.995%
2014 99.999%
2013 99.995%
2012 100%
2011 99.994%
Approach to resilience Backups of data are taken twice daily. Additional backup servers are available in readiness in the event of a permanent or long term failure of the primary server.
Outage reporting The hosted software services are setup to alert us in the event of any outage.
Once alerted we investigate the root cause of the issue. If there is an issue with the hosting infrastructure we have a policy to keep the user updated on an hourly basis and to consider switching to an alternative platform after 4 hours of outage.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Access to the management interfaces within the service desk software is the same as for any other user, requiring login and password.
The support service is available to recognised parties.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information No audit information available
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 SN Registrars (Holdings) Limited
ISO/IEC 27001 accreditation date 27th July 2015
What the ISO/IEC 27001 doesn’t cover Our scope statement is :-
‘The Information Security Management System at House-on-the-Hill Software Ltd, applies to the management of hosted SupportDesk systems including availability, the safekeeping of classified data as identified in the Information Classification System and the IT Assets held by House-on-the-Hill Software Ltd’

Our certification does not cover how users handle their own data and keep it secure, for example we do not stipulate a clear desk and screen policy for the clients end-users as this is beyond our control.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification Worldpay (UK) Limited
PCI DSS accreditation date 04/11/2016
What the PCI DSS doesn’t cover Worldpay has issued certification to House-on-the-Hill Software to indicate that House-on-the-Hill has attested to have met the requirements of the Payment Card Industry Data Security Standard (PCI DSS) version 3.2.

Compliance is attested to on an annual basis.
Other security accreditations Yes
Any other security accreditations Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We have numerous policies relating to information security, and these have been independently certified by a UKAs accredited body as meeting the requirements of ISO27001:2013. Policies include:
Information Security Policy, Access Policy, Client Confidentiality Policy, Clear Desk and Screen Policy.
Policies are reviewed annually and also reviewed as part of the information security audit process. The team are kept up to date with the salient points within the policies during routine weekly staff meetings.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Application changes are risk assessed for potential security impact as part of the development process. The revisions are tested prior to any hosted system update. Application updates are always part of a discussion with the client. The Change Management process is fully tracked and authorised using our own helpdesk software.
Vulnerability management type Supplier-defined controls
Vulnerability management approach MS updates are applied promptly. When we become aware of critical updates for offerings which support our service provision, these are updated as soon as possible.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Anti-malware is installed and is constantly updated and monitored.
This is checked on a regular basis. Event and IIS logging are also monitored.
Incident management type Supplier-defined controls
Incident management approach A security incident is a loss of confidentiality, integrity or availability of the hosted system or the data it manages. Any breach is logged as an incident, recording events and actions, then reviewed once resolved. Our information security system objectives are to minimise such incidents and hence non-conformances are taken seriously and carefully monitored.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £25 per licence per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial We can provide immediate access to our generic trial system or create a personal trial system. Initially for a month, though this can be extended. The trial provided is a fully functional core system. Peripheral services such as mail read are not initiated, backups and service monitoring are not included.

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑