LEARNINGMATE SOLUTIONS (UK) LIMITED

LearningMate Frost

Frost is a cloud-based learning content management system featuring a suite of integrated digital products. Frost enables authoring, managing, and assembling of learning content and is designed to support personalised, adaptive, modular, and competency based learning models. Frost is available both as an enterprise and a SaaS solution.

Features

• Real time digital content management
• Real time competency and skills management
• Real time learning object management
• Workflow management
• Collaborative authoring, development, management, and delivery of online courses
• Centralised content management, accessible through multiple platforms and learning environments
• Tracking content usage, effectiveness, patterns in data to maintain/refine content
• User and content analytics for better decision making
• Support for assessments and intuitive management of media assets

Benefits

• Single source of truth for learning delivering LMS compatible content
• Manage content across multiple delivery channels, including mobile apps, ebooks
• Customise and manage learning outcomes taxonomy
• Manage complex content workflows
• Seamlessly search and add digital content to learning objects
• Track, analyse, and improve content efficacy using real-time content analytics
• Make data-driven decisions through learning materials and learning experiences
• Frost follows IMS Global and International Digital Publishing Forum standards
• Creates, manages and delivers assessments using IMS global standards (QTI)
• Low maintenance cost

£8,750.00 to £1,202,500.00 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@learningmate.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

136925639056269

Contact

Prasad Mohare
+44 794 783 3052
gcloud@learningmate.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Any planned updates to the software are communicated to the customer at least two weeks in advance. LearningMate usually plans this update during the early hours (midnight to 3am UK time) during low traffic hours to avoid inconvenience.
• System requirements:
  • Frost does have specific system requirements.
  • Frost can be accessed using web browser.
  • Frost does not require licenses or anti-virus technology as prerequisite.
  • Frost can be hosted on customer environment if needed
  • Customer environment hosting would need AWS server
  • Base services such as EC2, S3, API gateway.
  • Technology stack such PHP, Laravel, Angular etc pre-loaded.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We have different support SLAs depending on the request.; ; 1} For Incidents and Defect requests:; 1. Time to first respond: 30 Mins; 2. Resolution Time: (For Blocker 4 Business Hours), (For other incident categories, it will be added to the sprint/product backlog and resolution will be as per ongoing sprint plan); 3. SLA: 95% ; ; 2} For service requests*:; 1. Time to first response: 1 Business Day; 2. Resolution Time: Will be resolved as per mutual agreement after getting the requirements and detailed inputs from the customer.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Response 1:; We have different support SLAs depending on the request.; ; SLA for Incidents and Defect requests:; 1. Time to first respond: 30 Mins; 2. Resolution Time: (For Blocker 4 Business Hours), (For other incident categories, it will be added to the sprint/product backlog and resolution will be as per ongoing sprint plan); 3. SLA: 95% ; SLA for other requests*:; 1. Time to first response: 1 Business Day; 2. Resolution Time: Will be resolved as per mutual agreement after getting the requirements and detailed inputs from the customer.; ; *Service Requests will include:; (1) Request Expert Help; (2) Suggest an Improvement; (3) Fix an Account Problem; (4) Suggest a New Feature; (5) Request for Datas; ; Response 2: Support cost is included in the license fees; ; Response 3: Provided as needed
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We enable customers to be trained on Frost using the following techniques:; 1. web-based (online) training on the product; ; 2. service portal with platform documentation, user guides, FAQs;; 3. in-built help feature accessible from the menu panel.; ; We also provide consulting services to help customers manage data.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Built-in help feature within Frost
• End-of-contract data extraction: As an enterprise or a SaaS product, data and content for each customer are available on an Amazon cloud repository. Each customer has the ability to offload their data to any other repository if required.
• End-of-contract process: 1. The customer is reminded at least four months prior to contract expiry. Should the customer choose not to renew the contract, all data is made available on the customer hosted AWS cloud repository. ; ; Included in Price Of Contract:; 2. Frost SaaS License Model: The contract includes pricing for the annual platform license for agreed set of Users; Platform Tenant Configuration; Onboarding Training; AWS Hosting; and Support.; ; 3. Frost Enterprise License Model: The contract includes pricing for the annual platform license (unlimited Users); Platform Setup; Onboarding Training; and support.; ; Additional Cost: ; 4. Frost Enterprise License Model: Any Content Migration; Customer specific Platform Customisation or Integration requests; AWS Hosting Costs

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Frost enables the administrator to create and assign roles to users in their organisation. These users will have a specific user id and password assigned to them that they can use to access the system. Post login, users would only see features and content that are assigned to them.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: At present, we perform testing using NVDA. Our future roadmap includes JAWs, Voice over, TalkBack
• API: Yes
• What users can and can't do using the API: Frost supports the following APIs:; (1) IMS CASE based APIs for competency exchange;; (2) Proprietary Rest APIs for communication;; ; The APIs are configured to enable: ; 1. Only authorised user access to restricted and confidential information and information assets;; 2. Accountability with appropriate permissions to modify and delete information on the system for authorised users.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Frost is available as an enterprise solution with custom-built features as per client's specific requirements.; ; The following are examples of product customisation and integration that can be achieved in Frost:; 1. Integration with external content repositories;; 2.Rest APIs that support additional channels such as mobile and wearables;; 3.Help with content architecture and taxonomy management optimisation;; 4. Custom LMS-based settings;; 5. Additional report and analytics, Business Information, visualisation; 6. Themes, templates, content widgets to support the learning experience through custom course players within the LCMS, which can be launched from the LMS or any delivery channel;; 7. Integration with other teaching and learning systems;; 8.SSO and other identity management integration;; 9.RPA BOTs for content and data transformation to support change management.; ; Frost is also available as a SaaS-based product which does not allow customization of platform features however additional reports and analytics can be generated as required. Customer suggestions are considered for the product roadmap.

Scaling

• Independence of resources: Frost uses Amazon Web Services (AWS) cloud services to host all data and applications. The AWS cloud services automatically scale the infrastructure resources to align with user load on the Frost platform.; Frost also offers active monitoring for any outages by NOC/SOC teams. We deploy a product support and DevOps team to perform incident remediation.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide data around content usage within a course, time spent per page in a course, enrollment and student count.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: LearningMate leverages AWS encryption services and various encryption methods for storing data securely. We can provide further details upon specific requests.
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Frost provides the ability to export content and data in various formats for integration with the delivery platform, including various learning management systems.; ; Content:; Frost complies with all IMS supported data formats such as IMS Common Cartridge, IMS CASE, QTI 2.1; ; LMS specific formats such as Canvas, Blackboard, D2L etc.; ; Data:; all utilisation records (course consumption by student, time spent etc) can be exported using IMS Caliper or CSV.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • IMS CC
  • Canvas
  • Blackboard
  • D2L
  • IMS CASE
  • QTI 2.1
• Data import formats: Other
• Other data import formats:
  • IMS CASE
  • Blackboard
  • D2L
  • Canvas
  • IMS CC
  • QTI 2.1
  • LTI 1.1, 1.3

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee 99.45% availability on all support models. Our software contract does not include any refund policy.
• Approach to resilience: Our product stack makes use of high availability features present under the cloud infrastructure. In addition, third party products, security products and services are deployed on the product stack. Additional details will be provided on specific request.
• Outage reporting: We use third party tools (Datadog), cloud native alert tools (AWS Cloud Watch), and email alerts to report any outages.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: We restrict access in the Frost interface using named user authorisation and authentication, and role based access control.; ; Frost has a comprehensive role management capability where each role created in the system includes specific access and actions that a user is allowed to perform. With this capability, customers can define the role of a user, which in turn determines the actions and features the user has access to.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Standards Institution (BSI)
• ISO/IEC 27001 accreditation date: 30/04/2018
• What the ISO/IEC 27001 doesn’t cover: Application service transactions - Control 14.1.3 is not applicable under ISO/IEC 27001 for LearningMate as we do not have any payment gateway service in our applications/ products.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: CISO -> CIO -> DIRECTOR IT -> Incident Response Team. ; ; Our policies and processes have been formulated to provide clients with information security that ensures integrity, confidentiality, privacy, accountability and availability by adhering to applicable legal and contractual requirements. We have deployed industry standard security solutions and cloud services for endpoint management (encryption, data leak protection, security incident event monitoring, antimalware, patch management and mobile device management). Every LearningMate employee undertakes mandatory ISMS training during onboarding. We conduct periodic refresher training and assessments to keep our employees certified with LearningMate’s ISMS requirements. Regular internal and external audits are also conducted to ensure we comply with information security policies and procedures.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All configurations are managed by our DevOps team. Changes relating to infrastructure and applications are managed by version control and automated build systems. Operational and project risk management guidelines ensure and mitigate any potential risks through the life-cycle of development. An internal audit team ensures the product and associated projects follow internal guidelines and best practices on data security.; Development, QA, staging and production environment changes are tracked throughout each build and release cycles. Third-party security analysis tools are run on the codebase for the identification of security vulnerabilities. All findings are fixed as part of the release cycle.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: The operations team ensures: ; ; checking for patches released by software vendors and scanning using vulnerability assessment tools;; ; patches with critical, high and medium CVE are first tested in a staging environment; ; ; if vulnerabilities are very high, the security operations team will test patches and make system changes to mitigate vulnerability; ; ; third party audit tools with high CVE vulnerabilities are subscribed along with vendor notifications, online blogs and CERT sites;; ; AWS Guardduty monitors intrusions 24/7/365; ; ; security alerts are tracked and logged at application level; ; ; AWS Guardduty and Cloudtrail events are logged; ; ; VPC flow logs are monitored using Cloudwatch.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: As part of ISO27001 guidelines, the security and operations team proactively monitors, tracks and assesses: ; ; alerts received from native security services;; ; indicators of security compromises and responds as per incident management guidelines;; ; awareness of latest high CVE vulnerabilities and known published threats;; ; known critical vulnerabilities that disrupt business operations; ; ; VAPT assessment & remediation as per predefined frequency.; ; The response to reported data breaches follows these stages: containment and recovery; investigation and data protection impact assessment; notification of respective stakeholders; evaluation and response.; ; Detected incidents are reported within 24 hours. Remediation is made according to the data breach response procedure.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: LearningMate incident management procedures help to address the information security incidents related to information processing facilities and improve our ability to promptly restore operations when affected by such incidents.; ; Incidents are first captured and reported as per our ISO 27001 procedures. Incidents are reported on Jira Ticket helpdesk or using email. Once the situation is investigated and with the impact level determined, a formal incident report is prepared and discussed with relevant stakeholder for remediation.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  LearningMate has taken the following initiatives as part of our goal to integrate sustainability practices and principles into our operations:; ; We use filtered water instead of packaged drinking water as much as possible to follow more sustainable practices and reduce usage of plastic. ; We avoid using disposable cutlery in our cafeterias and have reusable plates and glasses. ; We provide office bus transport to discourage employees from driving individual vehicles. Each bus carries up to 50 employees at a time. The buses provide location-specific drops as well as drops to the nearest public transport systems.; All cleaning products used in the company premises are environment-friendly.; To promote reduction of waste, we have a dry and wet waste segregation system in place (cafeteria waste). The local municipality recycles the dry waste and wet waste is deposited for composting purposes.; We use lights and air conditioning judiciously by turning off lights and AC of sections/bays after employees sitting in those sections have left for the day.; We encourage our employees to use the staircase, if and when possible, to move between four floors of our office. ; We provide the option to submit investment declarations and reimbursement bills online to control the use of paper.; ; LearningMate has also ensured that all of our digital infrastructure is on the cloud. Our cloud providers have a solid sustainability program. We understand that cloud infrastructure is 85% more energy efficient than on-premises data centers. ; ; LearningMate also has an e-waste policy to take care of the problem of hazardous e-waste and other waste generated from electric and electronic gadgets and Printer Cartridges.

  Covid-19 recovery

  LearningMate, an ISO27001-certified organization, upholds industry-standard practices to ensure uninterrupted service delivery and business continuity. Our Business Continuity Program (BCP) is overseen by a governance body comprising leaders from various departments, audited internally as part of our ISMS program. With a Risk Management and Governance Framework, we ensure readiness to handle disasters, benefiting customers, employees, and vendors alike.; ; Key components of our BCP include defining processes, forming teams, and conducting annual mock drills. In disaster recovery scenarios, our adaptable resource management practices enable swift scaling to manage crises effectively. We may collaborate with competitors or transfer projects to vendors, prioritizing client needs and expediting recovery. Notably, we ensure seamless project handover through cloud infrastructure utilization and meticulous documentation transfer.; ; From an IT perspective, we adhere to mutually agreed Recovery Time Objective (RTO), Recovery Point Objective (RPO), and Maximum Acceptable Outage (MAO) with clients. Our core business relies on leading cloud providers for high availability and security compliance. During the COVID-19 pandemic, we smoothly transitioned to remote work within seven days, sustaining 0% disruption in client deliverables.; ; Secure data transmission protocols and identity/access management ensure data safety, with encryption and role-based access controls. We maintain comprehensive documentation, including risk assessments, technical controls, and crisis management plans, shared with stakeholders and clients. Data backups are securely retained or removed as per agreements.; ; Amidst the pandemic, LearningMate adopts a hybrid work model, adhering to COVID protocols for office sanitation and promoting remote work where feasible. Employees receive guidance on adhering to safety measures, ensuring operational continuity while prioritizing health and safety.

  Tackling economic inequality

  Create employment and training opportunities, particularly for people in industries with known skills shortages or in high growth sectors.; ; LearningMate organises career drives in colleges and universities to provide young graduates with internships as well as job opportunities. We provide relevant functional and EdTech industry training to these recruits to help them develop key skills and learn as they explore the sector and its various facets.

  Equal opportunity

  At LearningMate, our employees are our most valuable asset. We are dedicated to fostering an environment where every team member can thrive, devoid of inhibitions, discrimination, or harassment. Embracing diversity within our workforce, encompassing a spectrum of skills, experiences, and perspectives, is integral to our prosperity. We are unwavering in our commitment to the principles of equal employment opportunity, inclusion, and mutual respect.; ; Our company staunchly opposes all forms of harassment, whether based on disability, race, religious beliefs, color, national origin, ancestry, or any other protected characteristic defined by central, state, or local laws.; ; As an equal-opportunity employer, LearningMate upholds a nondiscrimination policy for all employees and job applicants. We recruit and employ individuals based on their qualifications, without regard to race, color, religion, sex, gender identity, pregnancy, national origin, citizenship, age, disability, genetic information, marital status, sexual orientation, veteran status, or any other legally protected characteristic. Our employment practices align with federal, state, and local laws governing discrimination.; ; However, our commitment extends beyond legal requirements. Operating as a global entity with offices worldwide, diversity is intrinsic to our identity. Our core value of inclusivity underscores our dedication to creating a workplace that reflects the varied backgrounds of our global community. Our CEO prioritizes diversity, encouraging diverse representation within our leadership ranks. Annually, we assess our organizational structure, considering business objectives alongside the composition, capabilities, and potential of our team.; ; In essence, LearningMate is not merely satisfied with meeting legal obligations; we endeavor to exceed them. We strive to foster a workplace where diversity is celebrated, inclusion is practiced, and opportunities are accessible to all.

  Wellbeing

  LearningMate cares deeply about the health and well-being of our workforce. We organize wellness sessions focusing on physical and mental health on a regular basis. During the pandemic, we had many such sessions, including sessions on healthy living, eye care, yoga, meditation, work-life management and stress management. We rolled out a helpdesk for employees affected by Covid to provide support and advice, provided two-week paid leave to affected employees and one-week leave to those who were primary caretakers of their family members affected by the Covid. ; ; During the peak of the pandemic, we successfully arranged vaccination drives for our employees and their family. The drives were conducted in keeping with social distancing norms. When offices reopened partially after the complete lockdown was revoked in locations where our offices are based, we offered employees the choice to work from office on certain days and carried out thorough sanitisation of our premises on a daily basis.

Pricing

• Price: £8,750.00 to £1,202,500.00 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: We provide Sandbox access to the Frost environment for 30 business days. If customers wish to explore the product beyond 30 days, a minimal charge will be applicable.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@learningmate.com. Tell them what format you need. It will help if you say what assistive technology you use.