Simitive Ltd

Living Review

Simitive review is specifically designed to manage and streamline the annual appraisal process increasing completion rates and improving employee performance by creating greater engagement by the employee in their outcomes. The system provide an advanced tool-set encouraging regular interaction and dialogue around individual performance, strategic aims, progress, career and development

Features

  • Fully supports living review and real-time review with aligned objectives
  • Notepad to capture 1-1 conversations, private thoughts between reviews
  • Unlimited customised forms: induction, probation, review, research knowledge, career progression
  • Automated workflow with reminder emails.
  • Integration with all HR systems
  • Real-time reporting on progress
  • Access from mobile technology
  • Capture training and development, compliance data
  • Incorporate behaviour and competency frameworks
  • Supports hyperlinks and external data sources

Benefits

  • Living review enables on-going, meaningful conversations around objectives
  • Customisable forms reflect your values and objectives
  • Prepopulation reduces manual data entry and duplication of effort
  • Real-time reporting tracks completion and measures objective completion
  • Identifies the right skills to deliver your key objectives
  • Integration with key systems including Research.
  • Automatic reminders ensure reviews are completed on time.
  • Hyperlinks ensure access to all documents can be easily accessed
  • Supports multiple reviewer to reflect cross departmental working
  • Supports all types of staff including multi-role and specialist

Pricing

£6.50 to £7 per user per year

  • Education pricing available

Service documents

G-Cloud 11

997938864318797

Simitive Ltd

Devinder Whelan

0117 9117950

devinder.whelan@simitive.com

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to The Simitive suite includes workforce allocation and planning, activity based costing, compliance and learning solutions. Each product can be implemented as a stand-alone system, or integrated to provide employee dashboards.
Cloud deployment model Private cloud
Service constraints Simitive systems are ‘locked’ for 15 minutes during the night for monthly code releases. There are no requirements for other downtime as the system is architected to provide 24 x 7 availability.
System requirements
  • Web browser access, all current web browsers are supported
  • Internet access

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Support calls are handled in line with the below standard SLAs.

Severity 1: Critical system problem or issue. 15 minutes from receipt of notification.

Severity 2: Time critical problem or issue. 60 minutes from receipt of notification.

Severity 3 & 4: Non critical system problem or issue. Acknowledgement within 24 business hours from reciept of notification. A process will be agreed with the customer.

The above are for standard UK business hours (Monday to Friday 0900 to 1700 excluding bank and public holidays). Additional support hours includng weekend support is available on request.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Standard support is available Monday to Friday (0900 to 1700) excluding Bank and Public Holidays. Support calls are handled in line with standard SLA.

Standard support is provided as part of the annual license fee, and no additional costs are payable by client.

Extended support service, up to and including 24x7 support and managed services are available on request. Costs for extended services are based on the number of client licenses and the scope of the service.

Simitive's Support Manager is responsible for ensuring SLA are met and to conduct regular service reviews.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started All projects follow Prince2 methodology, which defines the scope of the project and the required work-streams are established, for example SSO, form design and reporting.

During the design and implementation, Simitive project managers work closely with the client.

Simitive provide the following types of training:
On-site for system administrator.
On-line training for system administrator using remote technology.
User guides and training guides.
Service documentation Yes
Documentation formats
  • PDF
  • Other
Other documentation formats Word
End-of-contract data extraction At the end of the contract client data is returned to the client in a format agreed with the client and deleted from Simitive systems.

Any systems used in the provision of the services are cleansed to industry best practice standards.
End-of-contract process At the end of the contract client data is returned to the client in a format agreed with the client and deleted from Simitive systems.

Any systems used in the provision of the services are cleansed to industry best practice standards.

There are no additional costs at the end of the contract.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service By necessity the responsive design of the system alters the look of screens to facilitate clarity on smaller devices.
API Yes
What users can and can't do using the API The system is capable of integrating with any system via its APIs. It is currently integrated with most major HR / Finance systems as well as Proprietary systems. Simitive runs version 1.0 live REST API web service; secured with HTTPS and oAuth using a JSON format (other formats can be supported). This API allows a client to programmatically create/read/update user records and associated information.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The system can be customised to allow individual organisation branding, terminology and import of any data including job description, grade and any other relevant information to support policies such as equality and diversity. Individual review forms can be customised to different types of users and roles to ensure the review is relevant and engaging for all staff types.

Within the system, there is customisation the client can configure. For system changes, Simitive support staff or consultants will be required to perform an impact analysis and make the required changes.

Most Simitive modules allow extensive configuration by the client without recourse to Simitive.

Scaling

Scaling
Independence of resources Simitive systems are delivered via a massively scale-able architecture based on Amazon EC2. Each client's instance is isolated from all others to ensure that there can be no effects across clients.

Analytics

Analytics
Service usage metrics Yes
Metrics types Service metrics are provided both within the system, through standard reports and through the use of google analytics.

In addition, Simitive carry out service reviews with Clients on a regular basis.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Review forms can be exported in pdf format by users.
The reporting tools, for individuals with the right security permissions, allow users to export data into excel spreadsheets.

The data held within the system can also be exported to a data warehouse.

The API is bi-directional and will allow data to be written back to key systems as required.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Simitive systems are guaranteed to deliver 99.5% availability with service credits should this level not be achieved.

Over the last 4 years Simitive has delivered 100% availability.
Approach to resilience Available on request.
Outage reporting Simitive Sysops monitor all systems continuously for any potential outages.

The systems architecture automatically replaces failing items before an actual outage occurs.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Users do not have access to management interfaces.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 EY CertifyPoint
ISO/IEC 27001 accreditation date 11/11/2016
What the ISO/IEC 27001 doesn’t cover The AWS ISO27001 certification does not cover outside of the data centre environments (which covers the hosting environment and its associated data centres, machine, storage, software and security environment).
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials Plus (UK)

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Simitive have formal information security policies which are owned by the Managing Director and form an integral part of the company's standard operations. The policies are processes cover internal as well as service delivery security.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach All changes to the Simitive cloud require approval by a Director and Head of Technical Servies. Any changes are subject to impact assessment prior to any action.

As a user of Amazon EC2 Simitive are subject to and controlled by the certified standards and regulations that form part of Amazon service.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Simitive carry out continuous threat analysis and all patches are applied inline with industry best practice and providers recommendations.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Simitive systems are monitored constantly for any potential compromises through a suite of monitoring tools. As soon as a potential compromise is identified the instance or instances potentially affected are locked whilst detailed examination is carried out. Depending on the outcome of the investigation remedial actions are carried out and any changes made before the instance is reactivated.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Simitive have standard tested processes for incident management. In the unlikely event that an end user is aware of an incident befire Simitive it can be reported by email, phone or client portal 24x7. For any incident a report is produced following appropriate investigation and resolution which will be shared with any affected clients.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £6.50 to £7 per user per year
Discount for educational organisations Yes
Free trial available No

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑