CIRRUS SOFTWARE

Academy Point - Learning Management System (LMS) online learning platform

Academy Point - We provide a custom/bespoke learning platform that fits a client brands and business sector. Our brilliantly simple learning management system makes it easy to deliver joyful training to everyone in your team. Wherever they are on any device.

Features

• Blended learning (Classroom, Face to Face and Online)
• Manager dashboard, keep informed with staff training progress
• Real time reporting across the system (Logins, Completions etc)
• User profiling content and structure (including job based profiling)
• Scorm Compliant (1.2 and 2004)
• Built in Quiz engine
• Multi-language and Timezone support
• Gamification (Points, Achievements, Certificates)
• Leaderboards
• Catalogue of content, browse content for learning

Benefits

• Access anytime on any device
• API Integration (with other LMS and Learning content providers
• Seamless login via SSO - Single sign-on or manual login
• Deep linking to learning content
• Administrate the system and make real time changes
• Full branding of the system (colours, logos, text, banner images)
• Datafeed of users from your HR system
• Real time exporting of data to external systems (automated)
• Quick usage stats and dashboards
• Real human support when you need it

£15,000.00 to £60,000.00 an instance a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sbower@cirrussoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

288756733181618

Contact

Stuart Bower
07984530348
sbower@cirrussoftware.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: We have a planned maintenance window on the last Sunday of every month
• System requirements:
  • Must have access to the internet to access the software
  • Can be used on all modern PC, Tablets, Mobiles

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We will respond to questions within the hour, support tickets are handled by an agreed SLA
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: We provide Client support, Technical support and Development support; There is a flat fee fr support regardless of the level, our day rate is £850 per day based on an 8 hour day ( so a 1 hour support request would be £106.25); ; Note: For bugs with our software these are fixed FOC ; ; The support we provide is Cloud based support, we can attend onsite if requested but typically as we provide Cloud based software this is not required; ; Our support levels:; ; CRITICAL ; System non-operational or task is urgently required to be resolved.; ; HIGH; May be affecting business operations or is a serious problem that could block progress.; ; MEDIUM ; Is affecting system usage, or has the potential to affect progress.; ; LOW ; Minor problem, or request, or is easily worked around. No work is required for these issues, ideally should be closed after initial investigations or discussions with the customer.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide both onsite and virtual training of the Academy Point system and consultancy is included to setup the system to fit the Clients exacting learning needs and criteria.; ; If the new Client is migrating over from another Learning system then we would assist them with a Data migration so that they can seamlessly transfer user training history and learning assets over to Academy Point.; ; The Client would also be provided with access to our Service desk whereby they can digital access user guides and 'how to' videos (User guides are provided for Core features and functions, along with Client specific custom features that have been developed)
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Users have full access to their data within the Platform and can extract it at any time they require it.; ; If a Client would like a full data extract of all Learning data then this would be provided securely within a maximum of 1 week from the contract ending
• End-of-contract process: All learning assets, images, files and data will be returned to the Client, there is no additional cost for this service it is included within the price of the contract.; ; Once the above has been completed then the system will be turned off and all data fully deleted from our Cloud and Backup servers

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There is no difference, we have built Academy Point to be Mobile first (that is both the UI and the Administration)
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: The whole UI can be customised to a Clients specific brand/identity, including fonts, text, colour, images, layout, language.; ; Specific features can also be customised to a specific Client requirement i.e. Feature does X but needs to do Y then we can code it to do Y; ; The customisation work would be completed by our UX and Development team

Scaling

• Independence of resources: We have automated monitoring on our software to manage any spikes in high demand activity and auto ramp up the resources to ensure there is no end user impact.; ; We also run regular stress-tests on our software to ensure it is performing against the bench marks defined.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide metrics on Logins, Completions, Usage, Exam responses, User Progress, Escalations and Revisits.; ; Along with Survey responses and General feedback submitted by users.; ; Metrics are accessible by the Client at anytime using our in-built reporting suite that is provided
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Profiled users can have access to generate (specific reports that align to their profile permission) and run the data from the Reporting tool built into the Academy Point software and then download to Excel for any deeper analysis.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Excel - XSLX
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Excel - XLSX
  • XML
  • Excel - XLS

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee a 99.99% level of availability of the Academy Point software.; ; We have standard SLA terms, these can be customised to fit a Clients exacting business requirement.; ; If we fail to meet our agreed SLA terms then we provide compensation in the form of additional 'Free' support hours.
• Approach to resilience: This information is available on request.
• Outage reporting: We send out email alerts to the list of contacts provided by our Client, informing them of the outage and remedial steps that are being taken to resolve the outage ASAP.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: We have custom developed security profiling within our Software to ensure that restrictions of management interfaces and support channels are not able to view/access content or areas outside of their permitted path.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: ICO Data Protection

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We follow the ISO/IEC 27001 security policies and we meet as a Security team on a monthly basis to ensure we are aligned and take any remedial action as required.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We are an Agile software development company and we work on 2 week sprints, every change we make to the software goes through our Agile change management process (Standard, Urgent and Normal) then filtered through three instances of the system DEV, UAT and then PROD to ensure any potential risk is identified and rectified (each instance is fully regression tested and if required penetration tested based on the level of change)
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We have security monitoring software constantly running to identify any vulnerabilities, we also take council from Microsoft as we are a certified partner and our hosting provider for any server based vulnerabilities.; ; Depending on the severity of the vulnerability would determine the speed of deployment - we have capability to patch an issue at the moment it is found (so there is no/limited exposure to the vulnerability)
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Depending on the compromise, this could be from the Client informing us or us detecting the compromise, we would react with immediate effect to mitigate the compromise.; ; This could be to disable the service (put up a maintenance page) to inform the Client/Users of an issue and prevent the compromise continuing.; ; Any compromises would be communicated with the Client and depending on the severity we would discuss it in more detail over a conference call and work out a mitigation plan with all parties involved.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents can be reported by our Clients via the Service desk we provide (this is available 24/7).; ; We will respond to any incidents inline with the agreed SLA terms (dependant on the severity of the incident).; ; The service desk ticket will provide the Client with a full audit of what the incident was, any remedial action we took, how the incident was resolved and what we are doing to mitigate the incident happening again in the future.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Covid-19 recovery:

  Covid-19 recovery

  We have supported the COVID-19 recovery effort by enabling remote working for all our team members,

Pricing

• Price: £15,000.00 to £60,000.00 an instance a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We provide access to a Demo system so you can have a try before you buy

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sbower@cirrussoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.