Innaxys Ltd

TRAM Training, Records and Accreditation Management

Market leading software for the management of training including specialist competencies for emergency services. End to end management for the creation, scheduling, booking-on, delivery and reporting of all training types, including instructor-led, practical, classroom and e-learning. Manage qualifications and authorisations with integrated corporate and statutory compliance reporting.

Features

• Comprehensive organisational training management and asset management
• Curriculum management and full integrated course/programme design
• Scheduling, booking and course/venue capacity management
• Real-time capture of training outcomes and information
• Mobile-enabled for access from authorised devices, phones and tablets
• Configurable business processes
• Fully interfaces to corporate systems (e.g. HR) for seamless integration
• Secure role-based access / session time-outs for added security
• Fully scalable to support large volumes of users
• Powerful reporting capability for transparency and accountability

Benefits

• Transparency and control over planning, delivery and progress through courses
• Adaptable to many other training requirements and curricula
• Built to meet the needs of Police and Emergency Services
• Instant updates of records saves time and duplication of effort
• Fully auditable trail of activity and actions
• Easy to use, intuitive system minimising the training needed
• Email notifications for instant alerts and process flow
• Eradicates double entry of data and information
• Seamless business processes
• Also deployable on private cloud for total control and security

£15 a user a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Sales@innaxys.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

105905988299208

Contact

Jean-Claude Lafontaine
01773 765350
Sales@innaxys.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response/acknowledgement within one business hour
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Innaxys is able to provide full support to our users through our online support portal, depending on the individual terms of each contract. Many of our clients choose second and third line support only, with their own IT teams providing first line support (after training by us).; ; Support is available as per the pricing schedule.; ; Please enquire for more details.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Training, user documentation and support for configuration and set-up is included in the service offering.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: In-app support
• End-of-contract data extraction: Innaxys will provide a procedure to export the data at the end of the contract
• End-of-contract process: At the end of the contract, Innaxys will provide the procedure to extract the data from the system to be re-imported into a new solution or archived by the client. ; ; When the data has been recovered, the system should be deactivated and de-installed from the client's private cloud environment.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Solution includes a bespoke mobile application which can be used by trainers in the field/range/classroom to record key information from training events including live capture of attendance and results, enabling real-time update of the Solution.; ; The app requires a secure connection to the client's network.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: The API is aimed at third party developers who want to exploit the analytical platform underneath the user interface. It is accessible under NDA by third parties or the client, if the client wishes to undertake development. Includes API interfaces to external systems for the sharing of data and seamless integration.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The Solution includes the ability to be customised and tailored to different types of training and asset needs. It can further be tailored to the needs of each client in terms of the role based access (how each user or group of users can access the solution and what functions each can access) and in terms of the contents of most of the drop down boxes and input selections according to the needs of each organisation, training and asset type being managed.

Scaling

• Independence of resources: Each installation is independent and discrete, implemented on the client's own private cloud (or a unique hosted deployment) with no interaction or dependency on any other installation or usage by any other clients/users.

Analytics

• Service usage metrics: Yes
• Metrics types: The Solution is fully audited, which can provide key information about the usage, access, security etc of the Solution
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data can be extracted from the Solution during the contact via the reporting and export modules. Alternatively Innaxys can build an interface with any required third party systems which will need to utilise the data on a regular basis.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Database export
  • PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats: Database import

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.99%
• Approach to resilience: Information available on request
• Outage reporting: SNMP Reporting via a dashboard

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
• Access restrictions in management interfaces and support channels: Access is controlled by username and password, and by IP
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Intertek
• ISO/IEC 27001 accreditation date: 01/12/2020
• What the ISO/IEC 27001 doesn’t cover: The full range of Innaxys operations and products/solutions are in scope of our certification
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Cyber Essentials
  • ISO27001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Innaxys follows an ISO27001:2013 Information Security Management System with all related and required processes and procedures. Certification was achieved in December 2018

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Complies with the requirements of ISO 27001:2013
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Complies with the requirements of ISO27001:2013
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Complies to ISO 27001:2013
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Complies to ISO27001:2013

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  The service contributes to Fighting Climate Change by reducing the level of processing resources required to deliver it.; Its cloud and mobile delivery enables the service to be operated by police officers on the ground, reducing the need to go back to station to access or process data and enabling them to support the community with the appropriate level of intelligence in hand.
• Tackling economic inequality:

  Tackling economic inequality

  Innaxys Ltd believes in supporting the local community by investing in the people it comprises. All the work we do is produced in the UK by personnel fully employed by our company with honest salaries. We do not rely on offshoring development and instead value the long-term relationship that can be created with permanent employees and the fact that provides jobs to the local community.
• Equal opportunity:

  Equal opportunity

  Innaxys Ltd is committed to promoting equal opportunities and a culture that actively values differences and recognises that people from different backgrounds and experiences can bring valuable insights to the workplace and enhance the way we work. We value and respect diversity and we provide equality of opportunity and the facilities to recruit and retain a diverse workforce.; We allow people to progress through the roles in the company to provide the most senior roles.
• Wellbeing:

  Wellbeing

  In addition to providing a comfortable environment for work, Innaxys has invested in a sports facility in-house to enable all our personnel to use the gym at no extra cost and make a break from work when they need. We have also established the means to balance remote working and on-site team working.

Pricing

• Price: £15 a user a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Sales@innaxys.com. Tell them what format you need. It will help if you say what assistive technology you use.