OPTIME Scheduling Cloud - Timetabling, Room Booking, Exam Scheduling, Ceremonies, Placement

EventMAP provide solutions that get right to the core of timetabling, scheduling, resource and space planning issues within Education (Higher and Further) and training institutions within Public Sector (Health and Law Enforcement). Solutions have been designed in partnership with end-users to provide powerful, flexible tools optimising the utilisation of resources.


  • Academic Timetable and Training Schedule Management
  • Room Booking Management
  • Ceremony planning and management
  • Examination Scheduling and Management for examinees and invigilators
  • Intuitive User friendly design accessible on numerous devices and browsers
  • Ability to auto-generate timetables and schedules
  • Auto Approval process for room booking requests
  • Import tools and APIs enabling integration with other systems (eg.Outlook)
  • ADFS User authentication integration
  • Placement - work placement management


  • Supports institutions achieve the Smarter Scheduling of resources
  • Drives the optimisation and utilisation of resources associated to scheduling
  • Process efficiencies through automatic creation of timetables based on constraints
  • Availability of resources made transparent
  • Users have Real-Time access to information
  • Enables scenario modelling and 'what if' planning
  • Solution accessible from any site or location, supporting flexible working,
  • Holistic view of resource usage enabling informed management decision making
  • Enables KPIs and targets to be monitored and achieved
  • Single source of truth for timetabling and scheduling information


£0.95 per licence per year

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11



Barry McCollum



Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints No Constraints
System requirements None applicable

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times First response within 24 hours of ticket being raised (Monday to Friday)
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels As part of the contract and licence the following support is included:

A key contact is provided for to all clients and they will be responsible for resolving all technical matters. Regular meetings will be agreed with the client .

Raising issues should be directed to and processed via the EventMAP Support Centre.

-Where an issue is emailed these will be added to the Support Centre
-Where an issue is raised over the phone these will be added to the Support Centre and not resolved over the phone unless the issue is urgent.

Queries or Issues raised are categorised as follows:

1. Bug – breaks standard functionality of software.
2. Bug (External) – due to external circumstances outside of EventMAP control.
3. Incorrect behavior – functionality is not as expected.
4. Change Request – a problem with software which does not break standard functionality, but impacts usability of the software.
5. Feature Request – requests for new developments

Feature Requests may incur additional development related costs where the request is bespoke to the client or not on the immediate Product Roadmap.

A detailed service level agreement will be provided to the client when on-boarding.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Users are provided with training manuals and relevant documentation during the course of the project.

In built help documentation is provided within the system

Onsite training services can be provided (at a daily charge, please refer to SFIA). Dependent on the buyers needs training services can be tailored, whether training large groups or 'train the trainer'
Service documentation Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats Word
End-of-contract data extraction Reports can be downloaded in various formats including csv utilising the reporting suite.

During the off-boarding period, together in partnership with the client the most appropriate format for the data to be provided can be agreed.
End-of-contract process Should the client decide not to extend the contract. Prior to the contract end date there will be an off-boarding period (the duration of which will be agreed with the client). The system and all associated data will be deleted after 1 month or deleted immediately on request.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Menus adapt dependent to screen size.
Accessibility standards None or don’t know
Description of accessibility OPTIME Scheduling Cloud provide text descriptions for its features and follows WCAG guidelines
Accessibility testing Testing to support accessibility is undertaken in-house. The following assistive techology is used:

NVDA – Windows – Mozilla Firefox
NVDA – Windows – Internet Explorer & Edge
NVDA – Windows – Chrome
VoiceOver – Mac – Safari & Chrome
What users can and can't do using the API Create, Read Update Delete records using the API.

Clients cannot change the API themselves but can request for changes to be made. There are no limitations to the use of the API
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation User Specific Profile Customisation

Existing Functionaility & Features can be configured and customised based on users and roles within the buyers organsiation

New Features & Functionality requests are possible but undertaken by developers within our company


Independence of resources Cloud infrastructure is configured to scale on demand


Service usage metrics Yes
Metrics types Various metrics can be provided based on the customers needs, metrics such as

Uptime %
Response Times m/s
Number of users
Reporting types
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Other
Other data at rest protection approach Data is held within Microsoft Azure and is governed by their security protocols
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Data can be exported in multiple formats including csv or PDF through the reporting function within the solutions. Where data is not accessible through the reporting function a request can be raised following the support process
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON
  • XML
Data import formats
  • CSV
  • Other
Other data import formats
  • JSON
  • XML

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability 99.9% availability as standard.
Approach to resilience Available on request
Outage reporting Automated Email notification
Phone call to key client contacts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels N/A
Access restriction testing frequency At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach EventMAP’s InfoSec team and CTO are responsible for verifying compliance, using various methods including walk-throughs, deployment of automated testing tools, and internal or external audits.
Information security policies and processes EventMAP defines three distinct levels of security assessment:

 Full – a full assessment of the web application for all known vulnerabilities using both automated tests and manual testing, based on the OWASP Testing Guide.
 Quick – a quick assessment typically involves testing for the top ten security risks as defined by the OWASP Top Ten web application security risks.
 Targeted – a targeted assessment involves testing for a specific vulnerability.

Web applications meeting the following criteria are subject to security assessment:
 New applications – brand new software products undergo a full security assessment before being released into any production environment.
 Major application updates – any major changes to the software codebase undergo a full security assessment before being approved for release to production environments.
 Patch releases – minor application updates are subject to an appropriate assessment level based on the risk of the changes to the application functionality and/or architecture.
 Emergency Releases – emergency releases will be allowed to forgo security assessments, carrying the assumed risk until such time that a proper assessment can be carried out. Emergency releases will be designated as such by the Chief Technical Officer or an appropriate manager.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach 1. Change raised by client through Support Centre
2. Assessed (various impacts including security) and Approved/Declined
3. Added to a work package and sprint
4. Assigned to an individual
5. Developed in a non production environment
6. Once development completed promoted to a Test Environment
7. Tested and User Accepted
8. Deployed to Production (Live) environment at an agreed time with the client.
9. Change Record retained
Vulnerability management type Supplier-defined controls
Vulnerability management approach Technical Teams monitor alerts and notifications which identify potential vulnerabilities that could affect our services.

Potential vulnerabilities are reviewed and assessed to determine the impact, likelihood and risk.
Following the assessment actions are then undertaken. For severe incidents issues are addressed as a priority and resolutions implemented as quickly as possible.For low risk vulnerabilities these are resolved within within 2 day.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Any potential compromises are notified by platform provider to EventMAP technical teams and these notifications are monitored by the 24.7.

Upon notification of any compromises an internal process and checklist are completed to assess the risk and impact.

Following the assessment and severity of the compromise actions are then undertaken. For severe incidents issues are addressed as a priority and resolutions implemented as quickly as possible.
Incident management type Supplier-defined controls
Incident management approach • Issues raised will be added to the EventMAP Support Centre with a status 'Open'
• Customers and EventMAP staff can communicate via comments on the ticket
• When requiring further discussion before it can be correctly processed, status set to Pending
• When an issues is proceeding Status set to Work In Progress.
• When an issue has been processed, Status set to Closed
• At any stage, an issue can be transitioned from Closed to Reopened. Reopened tickets will enter the same workflow as is outlined in the above points

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £0.95 per licence per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial A full trial version of the software can be made available to clients free of charge, on request. The duration of the of the free trial period will be agreed with the client.

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Terms and conditions
Service documents
Return to top ↑