Traineasy Ltd

Traineasy LMS

A robust and powerful Moodle-based LMS with additional functionality including live reporting for managing training compliance. Suitable for large organisations and in use by several NHS Trusts, Traineasy LMS has an integrated appraisal module for supporting staff development.

Features

• Moodle-based LMS
• Powerful additional features for managing training compliance
• Powerful, live, fast, real-time reporting on training compliance
• Supports classroom activities with self service booking
• AICC- and SCORM-compliant
• Integrated appraisal module with competency reporting
• Ability to add certificates to courses
• Quiz and survey modules for knowledge checking
• Supports and/or logic for training compliance rules
• Easy to use, blends Moodle with extra functionality

Benefits

• Robust and reliable
• Fully integrated appraisal module saves cost of separate systems
• Live compliance reports save time, no need for manual reports
• Scalable, in use with large NHS Trusts
• Automatic user data upload function keeps user data up-to-date
• Fully supported by extremely experienced team

£5,000 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@traineasy.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

115905990429236

Contact

Sarah Lambie
01908508777
sales@traineasy.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: None
• System requirements: Recent spec web browser with javascript allowed

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within a maximum of 4 hours elapsed business hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Admin users from our LMS customers are able to contact us between the hours of 9 and 5 on UK business days via the support@traineasy.com email address or by phone on 01908 508777. We aim to resolve all requests for support as quickly as possible but ultimately, they are triaged, with the more serious issues taking priority. 9 - 5 helpdesk support for administrator users is fully covered within the LMS licence fee. Onsite support and training are provided at additional cost. Support for end users of this service is not available.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onboarding assistance is typically defined as a costed Project. We work closely to ensure a knowledge transfer to the administrators. Key stages might include:; - The initial LMS build, including configuration of the user data structure and graphical theming; - Creation of the course catalogue structure and uploading of content; - Configuration of instructor led training activity (for example, lists of venues, rooms, etc. and the agreement of the booking/cancellation email text); - Agreement of username convention and an initial upload of user data; - Creation of the user groups (audiences) for training; - Creation of the training compliance rules (known as the compliances in the system); - Configuring the training compliance email reminders; - Uploading of the historical training records (records of prior learning – RPLs); - Creating and applying enrolments for courses and compliances; - Preparation for launch (system testing); - Launch
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: All user data, training completion and training compliance data is extractable in CSV format via the front end UI.
• End-of-contract process: Where content or application is hosted - subscription stops and access is removed.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Users are able to log into the service whatever their device and be assured that all functionality is available to them. Screens adjust as needed to ensure objects, such as menus, remain visible and usable. Some screens, for example, those designed for use by system administrators, are not suitable for mobile phones, otherwise, end users can log in, view their dashboards, complete training, and so on without issue.
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: No
• Customisation available: Yes
• Description of customisation: We work with clients at the onboarding stage to make sure the platform is themed according to their corporate branding and style guidelines.

Scaling

• Independence of resources: Customers are provided with a dedicated LMS and server, specified at the outset to support the contracted number of users and to ensure the service is not affected by other clients. The customer’s server is specified according to the numbers of user accounts and system features required, based on standard criteria. All servers are monitored and automatic warnings set to provide notification should a client’s system start to approach set limits, at which point system resources can be upgraded to ensure continuation of agreed service levels.

Analytics

• Service usage metrics: Yes
• Metrics types: Progress reporting on users via the LMS
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: All user data, training completion and training compliance data is extractable in CSV format via the front end UI.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Customer LMS will be hosted at the ISO-27001-compliant Amazon Web Services (AWS) facility in London, UK. All commercially reasonable efforts will be made by Amazon and Traineasy to make the service available with a Monthly Uptime Percentage of at least 99%.
• Approach to resilience: Available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: N/A
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Amazon Web Services use EY CertifyPoint
• ISO/IEC 27001 accreditation date: 22/11/2023
• What the ISO/IEC 27001 doesn’t cover: All covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: NHS Data Security and Protection Toolkit 2023-4

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Traineasy maintains a written Information Security policy that defines employee’s responsibilities and acceptable use of information system resources. The organisation receives signed acknowledgement from users indicating that they have read, understand, and agree to abide by the rules of behaviour, before providing authorised access to Traineasy information systems. This policy is periodically reviewed and updated as necessary. Our security policies cover a wide array of security related topics ranging from general standards with which every employee must comply, such as account, data, and physical security, to more specialised security standards covering internal applications and information systems.
• Information security policies and processes: The Information Governance Steering Group is the primary vehicle for managing information Security policies and processes. ; ; Within Traineasy the Dev Ops Manager is the Chief Information Security Officer and is responsible for the day-to-day operational effectiveness of the IS policy, and its associated policies and processes. ; Traineasy's Data Protection Officer is responsible for ensuring that the company and its constituent business areas remain compliant at all times with Data Protection, Privacy & Electronic Communications Regulations, Freedom of Information Act and the Environmental Information Regulations. Both report in to the IG Steering Group.; ; Traineasy follows the information security model comprising three main components: confidentiality, integrity and availability. These components are all reviewed on an ongoing basis as part of our Risk Assessment process. The types of data, location and access levels are constantly reviewed and monitored as part of this process. Staff education and training is integral to this process, and all staff are required to be compliant in mandatory Information and Cyber Security training, carried out at least annually. Traineasy is affiliated to the NCSC and goes through the Cyber Essentials Certification process annually.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Management approach ; Traineasy maintains a change management process to ensure that all changes made to the production environment are applied in a deliberate manner. Changes to information systems, network devices, and other system components, and physical and environment changes are monitored and controlled through a formal change control process. Changes are reviewed, approved, tested and monitored post-implementation to ensure that the expected changes are operating as intended.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Security assessments are done to identify vulnerabilities and to determine the effectiveness of the patch management program. Each vulnerability is reviewed to determine if it is applicable, ranked based on risk, and assigned to the appropriate team for remediation.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Traineasy deploys Avast endpoint monitoring software. The dashboard shows status across all devices. Alerts are sent to our team and vulnerabilities are regularly reviewed. MyNCSC provides early warning service to our public URL's. Statuscake monitors uptime.
• Incident management type: Supplier-defined controls
• Incident management approach: Traineasy has a formalised incident response plan (Incident Response Plan) and associated procedures in case of an information security incident. The Incident Response Plan defines the responsibilities of key personnel and identifies processes and procedures for notification. Incident response personnel are trained, and execution of the incident response plan is tested periodically. An incident response team is responsible for providing an incident handling capability for security incidents that includes preparation, detection and analysis, containment, eradication, and recovery.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Wellbeing

  Fighting climate change

  In recognition of the climate crisis and the threat - particularly to vulnerable communities this poses, Traineasy has pledged to become a Carbon Literate organisation by the end of 2024 and Net Zero by 2030. We have developed a suite of five climate change knowledge e-learning modules aligned with the Carbon Literacy Project's 'Carbon Literacy Knowledge (CLK) Framework', which are now available for customers as well as Traineasy staff, to work though as part of their Carbon Literacy training. To complement these, we have produced 12 additional e-learning modules that discuss ESG, sustainability and the circular economy. This 'Green Skills Curriculum' supports the UK governments Intervention E39: "Green skills courses targeted around ensuring we have the skilled workforce to achieve the government’s net zero and wider environmental ambitions." We will be adding further modules to our Green Skills library of e-learning courses throughout 2024 and 2025, all of which will be available for customers as well as Traineasy staff as a resource to help them develop the skills we will all need for a greener future.

  Tackling economic inequality

  E-learning can help overcome employment inequality by providing equal access to education and training opportunities. For instance, online learning platforms can offer courses and training programs that can be accessed by anyone, regardless of their location or socioeconomic status. This can help individuals from disadvantaged backgrounds gain the skills they need to secure better employment opportunities.; ; E-learning can help bridge the skills gap by providing affordable and accessible training options. Online learning platforms can offer a wide range of courses that allow workers to continually acquire, retain, and revise in-demand skills throughout their careers. This can help workers stay competitive in the job market and meet the evolving demands of the workforce.; ; E-learning can also help address pay gaps in the workforce. For example, providing equal access to training and development opportunities can help ensure that all employees, regardless of gender or race, have the opportunity to develop the skills needed to advance in their careers and earn higher wages. Additionally, e-learning can provide training on diversity, equity, and inclusion, which can help organizations understand and address systemic pay inequalities.

  Wellbeing

  The mental, physical and emotional wellbeing of our staff and customers is fundamental to our success. One of the ways we seek to promote this is by including a suite of seven short animated videos covering 'the five ways to wellbeing' in the video gallery of every LMS we supply to customers, and in the LMS used by Traineasy staff when completing their induction or annual training.

Pricing

• Price: £5,000 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Traineasy can create a sandboxed demonstration site for testing using the standard product. We don't impose a time-limit on access but this is not commercial and with limited user accounts and is part of a proof of concept approach to show you the features.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@traineasy.com. Tell them what format you need. It will help if you say what assistive technology you use.