Dynamic Business Services Limited

Learning Management System

Provision of Hosting for our bespoke Learning Management System

Features

• Real time reporting
• Appraisal Functionality
• 360 degree feedback functionality
• CPD recording
• Link to existing HR Systems
• Single sign on compatible
• Can record medical device competencies

Benefits

• Application can be accessed on multiple devices
• Mobile responsive
• Can host existing and third party content
• SCORM and xAPI compatible
• Can link to other platforms

£1 to £80 a user a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jim.lawrence@dynamicbusiness.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

278709563005803

Contact

Jim Lawrence
0113 323 0760
jim.lawrence@dynamicbusiness.co.uk

Service scope

• Service constraints: Support is for administrators only and is linked to both the application and server
• System requirements:
  • No specific software required.
  • Accessed through all modern browsers

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We have a dedicated SLA for each of our clients with documented response times. For urgent queries this is 1 hour. Our helpdesk is available Monday - Friday 9am - 5pm.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Support is provided to administrators of the application
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Onsite training is provided during a single day training session
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: This is provided as a secure csv extract
• End-of-contract process: At the end of contract we will provide a data extract but no additional support

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: Each application is on a separate private cloud
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: The application data only
• Backup controls: This is discussed during the implementation phase
• Datacentre setup: Single datacentre
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: 99.9% uptime apart from scheduled maintenance
• Approach to resilience: Available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication: Username or password
• Access restrictions in management interfaces and support channels: These are managed by our systems manager
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: This is according to our security policy
• Information security policies and processes: We have our own internal policy

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All processes are managed by our systems manager who keeps a log of all changes
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All services are audited by our systems manager. Patches are deployed weekly but also immediately if a vulnerability is identified. Potential threats are flagged up via alerts.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: This is managed by our systems manager and incidents are responded to accordingly to individual service level agreements
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents are reported via email to and from our systems manager

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: No Clients share the same infrastructure

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: The next generation data centre in Reading has next generation 'energy efficient' technology and equipment throughout. It's built for efficiency in power usage, cooling and monitoring and maintenance.

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  We are committed to always being an equal opportunities employer

Pricing

• Price: £1 to £80 a user a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jim.lawrence@dynamicbusiness.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.