SkillGate Complete Learning Management System (LMS) with eCommerce
This solution supports organisations such as local authorities delivering learning to internal colleagues and sell courses to external partner organisations through eCommerce. System offers separate linked LMSs with the ability to advertise face-to-face and virtual/webinar courses to the public collecting payment, offering discounts and refunds, generating invoices and supporting reconciliation.
Features
- Public facing and private platforms for external and internal learners
- Option for eCommerce, payment by card or invoice to employer
- Authorisation processes and workflows for booking requests
- Voucher system for partner organisations to purchase multiple places
- Compliance management and face-to-face/classroom booking system
- Access to all SkillGate’s eLearning course libraries
- Integrated cloud-based eLearning course authoring tool
- Customisable design, look and feel with configurable homepage
- Comprehensive reporting dashboards with data visualisation
- Synchronize user profiles with HR system and Single Sign On
Benefits
- Deliver eLearning to large audiences with comprehensive reporting capability
- Generate revenue by offering courses to external partner organisations
- Create and structure content by building programmes and learning pathways
- Improve efficiencies in managing training events for large audiences
- Achieve higher attendance rates through authorisation and workflows
- Host all your organisation’s training activity on a single platform
- Combine eLearning and face-to-face into blended programmes and pathways
- Record certificate evidence for training delivered outside of the platform
- Deliver meaningful insights through comprehensive reporting suite
- Manage complex regulatory training environments with little administration
Pricing
£7 to £15 a licence a year
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
5 4 4 4 7 1 2 8 8 2 2 2 9 9 0
Contact
SkillGate Limited
James Page
Telephone: 01730815670
Email: James.page@skillgate.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- SkillGate Learning Management System (LMS)
- Cloud deployment model
- Private cloud
- Service constraints
- No
- System requirements
- Modern, up-to-date browser, with internet access required
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- 24 hours
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Onsite support
- Support levels
- Please refer to SkillGate's full service level agreement, but in summary SkillGate offers four levels of service subject to different pricing, which depends on the number of users and the products in use. Bronze - Level 1. This is the basic level and covers system maintenance and errors; essential training for administrators; and assisting administrators adding and remove users from the system. Silver - Level 2. As per Bronze plus full service support for administrators via telephone and work order system. Gold - Level 3. As per Silver plus telephone based help service for Users. Content. Support for content development and management.comprehensive system manual.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- SkillGate has delivered learning management systems to hundreds of organisations over the last 20 years, and as such have developed a tried-and-tested approach to a smooth implementation. Communication between the client and their dedicated SkillGate account manager is key to a successful implementation and as such is at the forefront of our approach. Regular conversations to discuss progress and configuration decisions are essential and would be scheduled. Another key element is user acceptance testing (UAT), providing the client with an environment where they can familiarise themselves with the system and ensure that the system serves its purpose in a real-world scenario. A typical SkillGate implementation plan consists of three branches: 1. System Setup 2. Testing and Training 3. Launch SkillGate begins the process with an introductory conversation with your account manager who then provides a checklist outlining the optional elements of the SkillGate LMS, which your account manager will go through with you.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- Data would typically be transferred as an encrypted data file. SkillGate will hold client data for as long as the migration phase requires. SkillGate handles all client data in accordance with its data protection policies. The SkillGate LMS can export data reports in CSV format. There is an exhaustive selection of reports that can be created to give comprehensive export data. Manual Export The administrator can log into the system and following the links into “Activity Reports” can select the type of report required, then specify both the date range and the data that is needed in the final CSV. The report settings can be saved for future use and either an html or CSV report is generated. Automated Export The same steps are taken for the automated report but at the end of the process is the option of how often the report is to be generated and where it will be stored for the user to recover when required. Options to generate and save the CSV are as follows 1. Generate as a unique URL for simple web access 2. Store on the SkillGate SFTP server for retrieval 3. Transfer over to the customers own SFTP server.
- End-of-contract process
- SkillGate offers full support with migration to facilitate contract exit at no additional charge. Data would typically be transferred as an encrypted data file. SkillGate will hold client data for as long as the migration phase requires. SkillGate handles all client data in accordance with it’s data protection policies. SkillGate will save personal data for as long as required by the Data Controller subject to duration specified in the contract. Without specific instructions, data is held for a minimum of five years after the User is archived on the system. Permanent deletion may be completed after that time, or at any time, on instruction from the Data Controller. The designated account manager would be the responsible person for all aspects of the migration from SkillGate.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- There is an app for Android and Apple devices, but the service will work with a mobile browser, the service will reformat for the mobile device screen, but the functionality of the service is the same.
- Service interface
- No
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- API
- Yes
- What users can and can't do using the API
- Retrieve user info, add new users, update user information, retrieve training status, return training activity reports.
- API documentation
- Yes
- API documentation formats
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- The service can be branded to the clients requirements (subject to review), this includes the look and feel, branded courses, custom URLs and email addresses. Customisation is discussed as part of the service purchasing process and carried out by SkillGate.
Scaling
- Independence of resources
- We use system monitoring and capacity planning along with data segregation to ensure users are not impacted by the action of others on the service.
Analytics
- Service usage metrics
- Yes
- Metrics types
- SkillGate includes a suite of reporting functions covering User activity; intelligence gathered; and administration activity logs. Reports can be saved and distributed. Reports are typically provided in online dashboard formats and in HTML, CSV and Excel formats for download.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- The SkillGate LMS can export data reports in CSV format for interpretation by external systems such as HR or Reporting tools. From the Activity Reports option there is an exhaustive selection of reports that can be created to give comprehensive export data. Currently there are 2 methods to retrieving this data; manual or automated.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- SKILLGATE aims to ensure that the System is available to Users for at least 99% of the Business Hours, aggregated over any calendar month. Refunds for failure to attain this level are subject to agreement on performance targets which may vary and can be subject to client specification.
- Approach to resilience
- Available on request
- Outage reporting
- The primary method for communicating outages is that the client account managers will email or phone the list of emergency contacts that are held on file. Other methods that are available, include: A Public Dashboard, Email/Phone Communication, Alert email subscription
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- Clients have the ability to manage their own service, this is controlled via user rights and user access control systems. SkillGate staff have separate accounts for system management and support, that they do for normal line of business work. There is an established process for enabling staff management access to any client service and minimum rights approach is taken, along with dual authorisation and regular reviews.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- QAS International
- ISO/IEC 27001 accreditation date
- 15-04-24
- What the ISO/IEC 27001 doesn’t cover
- Anything that is excluded from our statement of applicability version 1.4, dated 29/3/22
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- ELAVON
- PCI DSS accreditation date
- 31/08/2023
- What the PCI DSS doesn’t cover
- SkillGate is compliant with the requirements of the PCI DSS Version 3.2.1
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- ISO/IEC 27001
- Other
- Other security governance standards
- Cyber Essentials Plus
- Information security policies and processes
- Supplier Security Policy, Mobile Computing Policy, Acceptable Use of Assets Policy, Clear desk and clear screen policy, Password Security policy, Data protection Policy, Secure Systems Engineering Principles, Change Management Policy, Access Control Policy, Physical Security Policy, Business Continuity Policy, Backup and Restore Policy, Software development policy, and Patch Management Policy. Each policy details responsibilities and reporting procedure for non compliance. There is an internal audit procedure that is followed to ensure that the policies are being followed, along with an external audit to ensure compliant with ISO 27001
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- A Director is responsible for the authorisation of changes. A changes impact is risk assessed. Any changes are planned, reviewed and carried out in a manner that would not present a security failure and all concerned personnel should be informed of the nature of the change. Version control logs are maintained. A recovery process is developed and approved to be used in the event of change failure. Where possible the environment for the change should be isolated from day to day operating systems. Where version upgrades through patches or software changes are involved, they are be fully tested before release.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- Any new threats or vulnerabilities that are identified or SkillGate are alerted to, go through a risk assessment process. During this process, the risk to the solution is discussed and assed by the risk assessment team. Dependant upon the risk to the solution a priority is assigned and depending on this, a solution to minimise or remove the risk is worked upon. Once the solution is complete it goes through a testing and change control process before being implemented into the live system. A number of sources for security and threat intelligence, including updates from vendors and 3rd party suppliers.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- SkillGate uses specialist software and it’s own developed systems to carry out analysis and reporting on malicious activity. Our hosting provider also monitors for malicious activity and alerts SkilGate of any identified possible activity. Once a potential compromise is identified, it is assessed and classified and responded to accordingly.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- As part of our ISO 27001 documentation there is an Incident Management procedure that all staff are required to read. All users of the information services are required to note and report any observed or suspected security weakness in systems or services. Reporting should be to the Information Security Management Representative as quickly as possible, then awaiting a management decision on appropriate action. An Incident log is maintained for all incidents and detailed report for an incident is produced
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Equal opportunity
- Wellbeing
Fighting climate change
In 2023 we made a company-wide commitment to improve the sustainability practices of our business. As such we developed a sustainability mission for the business with input sought from all members of the team to ensure buy in from all the staff.
Mission statement for our green business practices is as follows:
Go Green Wherever Possible.
In response to this, so far, we have introduced:
Recycling bins in every room with signage to encourage staff to use them. We have invested in energy-efficient computers and use energy-efficient lightbulbs throughout the premises and outside
We have introduced a car-pooling scheme to reduce the number of cars driving to and from the office and encourage hybrid working so that staff don't have to drive to the office every day. We are seeking ISO 14001 certification.Equal opportunity
SkillGate is an organisation that depends on a diverse workforce with a wide range of skills and experience. It is in our interest to ensure we recruit and retain this type of workforce for our business to succeed. A key part of this is ensuring that the way we work doesn’t deter, hold anyone back or affect their ability to deliver their potential.
We recognise that our personal lives can throw challenges at us, whether it be caring commitments, health issues or mental wellbeing. These challenges affect different people in different ways and to different degrees, but they do not need to affect the person’s value to SkillGate as an organisation.
As an internet business we are lucky to be able to offer our staff home/office/hybrid roles, and the choice of where employees work and when is almost entirely at their discretion. This also means that we can recruit talent from all over the country and indeed we employ full time personnel from all corners of the UK.
We offer flexible working to all staff with core hours between 10 and 4 and core days for full time staff being Tuesday - Thursday. All staff are given six days compassionate caring leave per year for those inevitable emergencies. SkillGate offers a generous maternity/paternity package to help those who are starting families not be disadvantaged for doing so.
SkillGate is aware of the risk of unconscious bias affecting our recruitment processes. One initiative we’ve implemented to address this is blind CV filtering, ensuring that no personal information about candidates is revealed to the selection panel prior to interview.Wellbeing
We understand how important health and wellbeing are to everyone and our courses cover essential topics such as stress, work-life balance, mindfulness, digital detox, reframing and SAD.
Within our organization we support a healthy work life balance. This includes offering flexible working to staff where this is feasible, a 'family friendly policy' for staff with young children regarding flexible and remote working, giving our staff space to connect and socialise with regular team lunches and socials. In the summer months we run outdoor mindfulness sessions and organise team walks.
We encourage staff to leave their laptops in the office out of hours (unless working remotely) and do not provide them with mobile devices so that when they are not at work, they can switch off from work entirely.
Pricing
- Price
- £7 to £15 a licence a year
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- Access to explore the LMS, view courses, run simple reports.