COGNITAS GLOBAL LIMITED

View360Global. Immersive & Experiential Learning Platform (Multilingual)

View360global is a multilingual training platform using mixed reality to create immersive learning environments for in person or online delivery of facilitated training and exercising across all sectors. Scenarios can be customised to deliver unique training based on organisational and operational needs. Its also widely used for crisis management exercising

Features

• Facilitator-led training both in-person and remotely
• In built video functionality
• Instant monitoring & evalaution
• Engaging multimedia content formats: text, audio and video
• Multilingual participation (100+ languages)
• Downloadable reports in both native and translated languages
• Web browser access - no additional software required
• Facility to include observers to contribute to learning
• Intuitive interface and easy to use by all demographics
• Use on Laptop or Desktop only

Benefits

• Improves cognitative retention
• Immerses and engages participants
• Safe learning environment for critical decision making
• Ideal for training & exercising up to board level
• No geographical or linguistic barriers to delivery
• Enables agile debriefing and reduces training time
• Avoids traditional learning methods and brings learning to life
• Provides time and cost effective training options
• Benefits an organisation training home workers
• Government standard encryption provide reassurance

£14,995 a licence a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@cognitasglobal.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

429547238252949

Contact

Lawrie Day
01474 555507
hello@cognitasglobal.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No
• System requirements:
  • Windows Laptop / Desktop or Mac Laptop / Desktop
  • Video camera and microphone in hardware (preferably inbuilt)
  • Windows or Mac OS
  • Chrome / Firefox or Edge Browser Access
  • Internet Access - Minimum 5mbps+

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We can respond within 30 minutes if urgent with direct access to a support person. High priority is 1 hour, medium - 2 hours and Low - 4 hours. This is stated with our Service Level Agreement (SLA).; Response times are the same at weekends.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide either offsite or onsite support. The nature of the architecture of the platform means that resolution should be achieved by offsite support as we use no installed hardware for the user.; All offsite support of free of charge; On site support is charged at £100 +VAT per hour plus travel expenses (if beyond 50 miles) and will be provided by a cloud / platform Support Engineer
• Support available to third parties: No

Onboarding and offboarding

• Getting started: As part of our service we provided on or off site training for users with additional support programs that are negotiated within the licence fee, depending on organisational requirements. Training recipients receive user documentation which they retain. We are currently reviewing our online user documentation and media strategy but its use is not predicated on the existance of online user materials.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Users have the option of downloading data that they have uploaded to the platform.; We ensure that all data that is required by the organisation is supplied if requested then having given an appropriate notice period off no less than 1 month we will delete all data in accordance with GDPR provisions
• End-of-contract process: The Licensee agrees that the Licensor does not retain any content used or stored within the cloud-version of the Product and this is the responsibility of the Licensee to maintain backed-up copies at all times. At the conclusion of the contract (as specified in the EULA) the licensee shall ensure that prior to the termination date, all content has been downloaded from within the Product and safely saved or stored in a location of the Licensee’s election. ; The processing of data for the purposes of using the immersive learning platform is included in any licence fee or consultancy arrangement and there are no further or hidden charges for date retention, management or disposal. All data relating to the client is deleted at the end of any contract. There are no charges for the offboarding of a client

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: We offer a service to brand the interface and platform and provide a customised URL for each client. We provide these services, the client cannot do this themselves

Scaling

• Independence of resources: We are using AWS serverless technologies which enable limitless automatic scaling of resources and therefore this has no impact in terms of affecting other users performance

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users have a feature to download the media that they originally upload in to the platform and can download. The media is uploaded in JPEG, PDF, MP3 and MP4 files.; Following the running of a session, a session log is created within the platform that can be downloaded in Word format. If the user has participated in a native language then the log can be download as a verbatim version (capturing all languages used) and also downloaded into a translated version where Google Translate API has been used to translate the text. No other data is exportable
• Data export formats: Other
• Other data export formats:
  • PDF/A1
  • MS Word
• Data import formats: Other
• Other data import formats:
  • MP3
  • MP4
  • PDF/A

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We have an SLA that details our sets out the that the assumption that the platform is available 24 hours per day, 365 days per year, together with the service and support arrangements.; Licence holders and those using the platform under the provison of a consultancy services contract are protected by clauses written within the EULA and contracts relating to breaches of both.
• Approach to resilience: Available on request
• Outage reporting: In additon to our system being monitored by our development team, our system will provide alerts by email. Email alerts are a crucial component of our outage reporting mechanism. We configure automated alerts to notify designated stakeholders via email in the event of a service outage or performance degradation.; These email alerts include details such as the nature of the outage, affected components or services, estimated time to resolution (if available), and any mitigating actions being taken by the operations team.; Stakeholders receiving these alerts typically include members of the operations team, technical support staff, product managers, and other relevant personnel responsible for incident response and communication

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: All management interfaces and support channels are accessed using username and password controls. We are in the process of implementing 2 factor authentication. All users are regulalry referred to NCSC advice resources such as - https://www.ncsc.gov.uk/collection/passwords/updating-your-approach
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: Certificated NCSC CIE Provider (using platform)

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We adopt the principle of ISO27001.; We have also recently been scrutinised in respect of our governance by CREST on behalf of the NCSC as part of our successful application to become an NCSC Assured and Certified Provider of Cyber Incident Exercising (CIE) - https://www.ncsc.gov.uk/organisation/cognitas-global-ltd/about-cognitas-global-ltd
• Information security policies and processes: Our processes are supported by company policies that cover the following:; GDPR and the UK Data Protections Act 2018 and the processing and management of all data.; Access to sensitive data and systems is likely restricted based on job roles and responsibilities. This minimises the risk of unauthorised access or misuse of information and is adhered to as part of our Cyber Essentials criteria.; Employees are trained on information security best practices, including password management and phishing awareness. This empowers employees to identify and avoid security risks.; As part of our application become Assured NCSC CIE providers (https://www.ncsc.gov.uk/organisation/cognitas-global-ltd/cyber-incident-exercising) we were subject of scrutiny of all of our information security policies and demonstrated to a high standard that we have the necessary policies and processes in place. ; As an SME, our reporting procedure is simple and the CEO is informed directly of any incident or security matter. he will then deal with the matter in accordance with our company incident management plans and policies. He is also the Data Manager and will make any disclosures if required to the ICO

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We utilise a version control system like Git to track changes to our codebase. Each component of our services, including backend APIs, frontend interfaces, and databases, is stored in repositories. We use dependency management tools like npm to track and manage external dependencies for our codebase. This ensures that we can easily reproduce the environment and dependencies required for each component. All code changes are recorded. Any change to the platform goes through a formal change request process considering rationale and impact, implementing peer review and QA, testing and ensuring a rollback plan in the event of unforseen issues
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: The architecture does not invite many vulnerabilities. However, the application is hosted on the AWS platform which mitigates any potential vulnerabilities that. But, for third-party packages that we do install and use within our software, we use npm-audit to report any known vulnerabilities. If any vulnerabilities are found, then the impact and appropriate remediation will be calculated, and we can apply remediations accordingly. Our software, deployed to AWS, is regularly updated.; https://docs.npmjs.com/cli/v10/commands/npm-audit
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We use AWS GuardDuty which is capable of analysing over a trillion Amazon Simple Storage Service (Amazon S3) events per day to monitor and detect suspicious activities. We continuously monitor network activity, starting with VPC Flow Logs, from serverless workloads to detect threats such as AWS Lambda functions maliciously repurposed for unauthorised cryptocurrency mining or compromised Lambda functions that are communicating with known threat actor servers. In the extremely unlikely event of finding a potential compromise we would immediately lock down the service, triage the issue and prohibit access until it was resolved, ensuring to communicate with our stakeholders
• Incident management type: Supplier-defined controls
• Incident management approach: We have predefined processes for incidents (although not common to our operations in our experience) that include, system outages, performance issues, security incidents and content delivery issues. Potential issues such service downtime and resource overload is mitigated by the fact we are using AWS cloud services, such as DynamoDB and Lambda. Our licence holders can report issues directly to our team by email or phone or via our online ticketing system and where we use the platform for consultancy related delivery our staff are on site.We provide written feedback to our users and maintain our own case incident reports

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are committed to achieving Net Zero emissions and aligning with the UK Government's ambitious targets of 85% progress by 2035 and Net Zero by 2050.; ; In 2022 Cognitas Global Ltd commissioned a Carbon Footprint Report from Sustainability and Business Services Ltd. The carbon emissions data is based solely on electricity consumption as there is no gas supply to the shared business centre we operate from. The report calculated that Cognitas Global Ltd has a Scope 1 & 2 carbon footprint of 7.88 tCO2e for the year 01.01.21 to 31.12.21. Since this report Cognitas Global Ltd has consolidated its office usage from 3 to 2 offices which will have further reduced the carbon footprint. In addition, we can visit client sites using electric vehicles thanks to the company's salary sacrifice EV scheme.; ; We have also reviewed our working from home practice and have implemented a policy that provides for at least 30% of our staff to reduce their carbon footprint in terms of transportation by working more days from home.

  Tackling economic inequality

  We can combat economic inequality by focusing on our employees and business practices. We can ensure fair wages and competitive benefits that offer financial security. We can strive for a diverse and inclusive workforce through unbiased recruitment and equal opportunities for advancement. By investing in training and development programs, we empower employees to reach their full potential and increase their earning power. Offering flexible work arrangements can improve work-life balance, particularly for those with childcare needs or juggling multiple jobs.

  Equal opportunity

  Cognitas Global has a diverse workforce and fosters a continuous learning environment for its employees. This commitment is underscored by five core values: Security, Respect, Opportunity, Fulfilment, and Effective Voice. We are conscious, as a Small Medium Enterprise that retention of staff and operational effectiveness relies on a well-paid and valued workforce. Our company has a suite of polices that are designed to protect the rights of employees and support them. We do not engage anyone on zero hours contracts.

  Wellbeing

  We are a certified disability confident employer and have afforded both physical and metal wellness support through external programs to our staff. We employ a flexible working program for all our staff. We do not ‘fire and rehire’ people. Staff retention for a SME is critical to the business so we offer our staff programs of development, incentivisation and reward in addition to building team spirit through external events

Pricing

• Price: £14,995 a licence a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@cognitasglobal.com. Tell them what format you need. It will help if you say what assistive technology you use.