CareerBurst is a digital platform that empowers all individuals and managers to drive and support great careers through expert content and practical tools. CareerBurst challenges current career management mindsets by delivering structured career support that will address the challenges of each individual. It equips managers to support their people.
- Expert content from career development and talent retention specialists
- Practical tactic cards to help staff develop their career
- Develop and collaborate with mentors on a Career Action Plan
- Hold Career Conversations with your mentors
- Develop mentors to support staff
- Specific content for career development
- Specific content to develop mentors and line managers
- Built around a robust and proven methodology
- Take an organisational or self driven approach to career development
- Retain your best talent and develop their careers
- Achieve high engagement with staff and create a supportive environment
- Reduce costs of recruitment by retaining staff or internal appointment
- Reduce staff churn
- Retain the skills of your staff to grow your business
£4620 per instance per year
9 8 6 9 4 8 8 3 2 1 6 0 6 2 7
The Working Manager Limited
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|System requirements||None. Only a web browser is required|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Target response is within 48 hours|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||Support is included to the administration team of CareerBurst. This is typically managed remotely. Onsite support is available from a consultant at a cost of £850 + VAT per day plus expenses at cost.|
|Support available to third parties||No|
Onboarding and offboarding
Our team of skilled account managers can help you analyse the opportunity of moving to CareerBurst and enable you to create a user centric environment where those wishing to develop their career will not only come to once but on a sustainable basis.
All of our account managers have been exactly where you are and can provide practical advice. Every TWM client is assigned a dedicated account manager who will be your primary contact and will work with you to manage the delivery, and importantly the help you drive adoption of your solution. Support is provided at every step from initial scoping through to delivery and continued use. We will help make sure that your CareerBurst portal evolves with your needs.
As our account managers are uniquely qualified and experienced as Learning and Development Managers or Organisational Development Managers, they are well equipped to advise you on the best approaches for both roll out and adoption, as well as how to best leverage benefits from the functionality you will have available to you.
|End-of-contract data extraction||Each user is able to export their Career Action Plan|
|End-of-contract process||At the end of a contract that is not renewed, the users CareerBurst solution will be archived with user access removed. Any data to be returned will be agreed. If a client requests that their solution is permanently deleted, this will be done within 30 days.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||None. CareerBurst uses a responsive design to adapt to mobile devices.|
|Description of customisation||CareerBurst can be branded for each organisation and organisation specific content added|
|Independence of resources||Each client has their CareerBurst solution hosted on their own area of TWM's dedicated servers housed by Rackspace, a leading ISP. TWM monitors individual client usage and server performance to make improvements where necessary and maintain exceptional performance levels.|
|Service usage metrics||Yes|
|Metrics types||Metrics can be provided through the Account Manager so that managers can understand who is accessing content and when as well as progress. This helps identify engagement strategies to achieve the highest level of engagement possible.|
|Reporting types||Reports on request|
|Supplier type||Not a reseller|
|Staff security clearance||Staff screening not performed|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Physical access control, complying with CSA CCM v3.0|
|Data sanitisation process||No|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||Exported information must be carried out by our technical team and can be requested through a client's Account Manager.|
|Data export formats||CSV|
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
Availability: 99.5% during the core day. Not more than 2 hours unavailability in any core day
All of the above service levels are measured on a monthly basis. A working day for the purposes of this Schedule shall be Monday to Friday, excluding public holidays and bank holidays. A core day for the purposes of this Schedule shall be (Monday – Friday 09:00 – 17:30hrs).
Availability shall be calculated using the following mechanism
A = (600 x WD) (D Dp) x 100
(600 x WD)
A = Availability in %
600 = Number of minutes per working day
WD = Number of working days per calendar month
D = Total downtime recorded in minutes
Dp = Planned downtime and agreed exclusions recorded in minutes which is scheduled in advance to perform system testing, upgrades, enhancements and routine maintenance activities.
Failure to meet availability levels will be discussed commercially with your Account Manager.
|Approach to resilience||
CareerBurst is hosted by Rackspace.
Rackspace are a Tier 4, ISO27001 compliant datacentre in the UK.
The technical resilience of the service is supported through:
• Use of an established data-‐centre, Rackspace, registered to ISO27001
• Multiple data-‐lines and ISPs to the data-‐centre
• High specification dedicated servers for the application and data.
A managed backup plan at RackSpace causes a daily backup of live production data and each day takes an “image” of everything regarding the data and site configuration for the clients site.
Backups are retained for 14 days. The backups are not encrypted as they are retained onsite within the data centre, with the policy being that only backups taken offsite being encrypted. Encryption of backups can be made at request of the client but there may be an additional charge. After the backups have expired they are aged off and overwritten.
The application and database servers have multiple hard drives and use a combination of RAID types 1 and 5 depending on requirements to keep systems running in case of hard drive failure.
Prior to software upgrades we take a full backup of the server.
This enables complete recovery of a previous version if required.
|Outage reporting||Clients will be notified of an outage by email from our support team in the event of any problems. We will always strive to rectify problems as soon as possible.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||Support is given administrators only and identity is confirmed via security questions. The close working relationship between client and Account Manager helps reinforce this.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||BSI accredited Rackspace. Certificate IS 636168|
|ISO/IEC 27001 accreditation date||07/10/15|
|What the ISO/IEC 27001 doesn’t cover||N/a|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Who accredited the PCI DSS certification||Visa accredited Rackspace|
|PCI DSS accreditation date||01/06/2009|
|What the PCI DSS doesn’t cover||N/a|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||
Security is included in all staff induction and regular briefings are held with all staff.
All staff credentials are recorded securely
Any breach is recorded in a security incident log
The log and improvement are reviewed quarterly
|Information security policies and processes||
All information security is overseen by Chris Alexander in collaboration with Rackspace, our ISP used for hosting. Information security policies form part of all staff inductions. Any breach is reported directly to Chris Alexander.
All client data falls into two categories
Restricted – disclosure causes significant risk to clients and/or TWM
Private – disclosure causes moderate risk to clients and/or TWM
We are responsible for ensuring the security of data held
Access to systems:
- Auto-secure of unattended workstations
- Auto-secure of TFS Server
- User Authentication for each Developer
- All code changes tracked
- All versions of code maintained
- Rackspace – RDP Autosecure
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Where the CLIENT or TWM identifies the need for a Change then either party must submit a proposed change using the Change Control Form to the other.
No Change shall be valid until it is authorised in writing by the authorised representative of both parties.
Each Change shall be assigned a unique reference number and effective date of change.
Any improvement or addition to the Systems or Services which does not result in increased costs to the CLIENT shall not be subject to the above change control procedures.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Logs are reviewed on a monthly basis to identify any potential threats. Should a vulnerability be detected, it is treated as urgent and prioritised over all other development and hotfixes issued as quickly as possible.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||Logs are reviewed on a monthly basis to identify any potential threats. Should a vulnerability be detected, it is treated as urgent and prioritised over all other development and hotfixes issued as quickly as possible. Should an incident be identified or reported, we aim to respond to incidents within 4 hours.|
|Incident management type||Supplier-defined controls|
|Incident management approach||
Whether incidents are internal or external, users are asked to complete our Incident Response Report Form which is then added to our Incident Log. Information captured includes a summary, notifications made and action taken.
For each incident there is a post incident analysis which generates a lessons learnt. Processes are then updated accordingly.
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£4620 per instance per year|
|Discount for educational organisations||No|
|Free trial available||No|