REGISTER DYNAMICS LIMITED

Data Groundwork - Data Literacy Platform

Data Groundwork is an online learning platform designed to improve data literacy in non-technical and technical staff. It offers a wealth of easy-to-access training tools that empower users to build essential data literacy skills at their own pace.

Features

• Customisable digital platform that can be tailored for specific needs
• 24/7 access to an extensive and ever-growing resource
• Wealth of expert-driven learning materials: videos, courses, apps, digital library
• Diagnostic tools to assess level of data literacy and progress
• Personalised training modules to support individual learning preferences
• Interactive data literacy games to practice skills and enhance learning
• Real-time data and reporting for managers and team leaders
• Regular updates and refreshing of content to ensure market relevance

Benefits

• Empower staff to take ownership of their own learning
• Up-skill both technical and non-technical staff
• Improved understanding of data, interpreting visualisations and presenting of data
• Greater appreciation of the value in data and data-based problems
• Increase data maturity and data literacy across the organisation
• Help staff extract valuable insights and use data more effectively
• Encourage improved data sharing and data-driven decision making
• Bridge skills gaps across teams and departments
• Increase awareness of the latest developments in data and industry

£50 to £375 a user

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@register-dynamics.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

605240140226186

Contact

Andy Bennett
+447788695181
hello@register-dynamics.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: N/A
• System requirements: Modern web browser (see below)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: For all customers, we provide support within standard business hours (Mon-Fri 8:00am-6:00pm, excluding English public holidays). We respond to P1 (loss of service) and P2 (loss of update) incidents within 2 hours. We respond to P3 (degraded experience) incidents within 4 hours. We respond to P4 (manual configuration or training) requests within 1 business day. Support outside of standard business hours or with agreed shorter resolution time is available as a paid add-on.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: For all customers, we provide support within standard business hours (Mon-Fri 8:00am-6:00pm, excluding English public holidays). We provide agreed response and resolution times depending on the priority of the support request.; ; • For P1 (loss of service) incidents, we will respond within 2 hours and resolve within 4 hours.; • For P2 (loss of update) incidents, we will respond within 2 hours and resolve within 8 hours.; • For P3 (degraded experience) incidents, we will respond within 4 hours and resolve within 2 business days.; • For P4 (manual configuration or training) requsts, we will respond within 1 business day and resolve within 4 business days.; Please see our service definition document for our description of these standard support tiers.; ; For Pro tier customers, support requests are limited to P3 or P4 levels. For customers of Business tier or higher, support outside of standard business hours or with agreed shorter response or resolutions times is available as a paid add-on.; ; All customers of Business tier or higher are assigned a Technical Account Manager.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: For all customers, online training is available from within the service to provide users with information on how to use the application. This includes basic "getting started" guides and step-by-step "how-tos" covering the main functionality of the service.; ; For Business tier customers, onsite training is available as a paid add-on.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: • All user data is available via API or user interface at all times, so users can export all their data before the contract ends as desired.; ; • If requested, Business tier customers can also have their data e-mailed to a named account e-mail address free of charge at the end of the contract.
• End-of-contract process: At the end of the contract, if users previously authenticated via a SSO mechanism, the users are emailed a link to create a new password the first time they attempt to sign in and any free resources continue to be available to them. All private data and environments become read-only to their owner and are deleted after 90 days.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The service uses a reactive layout that scales to all mobile screen sizes. All functionality is available. Some user interface elements are optimised for mobile users.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Users can specify new configuration, access read-only information such as results or statistics, and modify user profile information (such as desired setup for new users).
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customers of Business tier or higher can fully customise the logo, branding and livery of all app pages served from their custom domain by sending their custom CSS documents from one of their account e-mail addresses.

Scaling

• Independence of resources: • We operate in a cloud environment and scale our resource usage in real-time to meet demand.; • For customers with an on-site installation, each instance is run in a separate cloud environment to ensure complete isolation from other users.

Analytics

• Service usage metrics: Yes
• Metrics types: Contract owners are able to see the usage of the platform by their users.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users can export all data and environments from the system via API calls or from the user interface.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • XML
  • XLSX
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • JSON
  • XML

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: For SaaS usage, we guarantee 98% availability Mon-Fri 8am-6pm, excluding English public holidays. Account owners are automatically notified by e-mail if delivered availability drops outside this limit, Please see our service definition document for full details of our SLAs and refund policy.
• Approach to resilience: We make use of cloud hosting with multiple availability zones and distributed database technology to provide resilience of our service. Details of our specific design are available on request.
• Outage reporting: Outages are communicated via a human and machine-readable status page and are distributed via e-mail.

Identity and authentication

• User authentication needed: Yes
• User authentication: Identity federation with existing provider (for example Google Apps)
• Access restrictions in management interfaces and support channels: Access to support channels and admin role modification is limited to a set of named account email addresses. Only emails that are received with domain verification and from an account email address are able to manage support tickets and request admin role changes.; ; Only users given an admin role via an account email address are able to access management interfaces and grant access to other lower capability users.
• Access restriction testing frequency: At least once a year
• Management access authentication: Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We have assessed ourselves to be compliant with CCM CSA v3.0. We have security policies that outline the governance requirements on all our systems, infrastructure and staff, and we can share these on request.
• Information security policies and processes: Our Security Policy requires that change management, vulnerability assessment, data security and incident management processes are followed, and governs how we undertake datacentre security, key and encryption management, access management and audit. We designate a named Director who is responsible for ensuring that processes are sufficiently rigorous and are being implemented fully. Governance is delegated to an Operational Security Group (OSG) who have responsibility for implementing and reviewing our security governance processes, and for undertaking review of our deployed systems and infrastructure. All staff with access to sensitive information report how they are meeting the requirements of the policy to OSG.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Our change management approach complies with CSA CCM v3.0. Any new development or acquisition of application, operational resource or development tool is approved and tracked. Access to security keys or passwords for any accounts through which these resources are acquired is limited to named individuals. Releases of software or infrastructure components are assessed for risks, possible impacts, and possible vulnerabilities and require approval. Backout plans are defined. All changes are tested and validated in a test environment prior to being pushed to production. Appropriate software and hardware protection is utilised to protect devices and infrastructure with access to sensitive information.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our vulnerability management approach complies with CSA CCM v3.0. New resources and changes are assessed for vulnerability and potential compromise as above. Infrastructure and devices have platform-appropriate malware and mobile code protection installed or deployed. Best-practice user authentication to infrastructure (e.g. public key, 2FA) is used where available. Use of third-party dependencies is limited to trusted sources. Changes to third-party dependencies are applied regularly are assessed, approved, tested and released as above. External vulnerability announcements for all third-party dependencies are monitored and corrective action taken if appropriate. Penetration assessments are carried out at least annually by an external accredited organisation.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our protective monitoring approach complies with CSA CCM v3.0. Systems and infrastructure are analysed thoroughly to ensure potential compromises are understood and all vectors have sufficient audit information collected and stored using platform-appropriate technology. Access to sensitive audit information is limited to a named list. Regular and frequent analysis of audit information occurs automatically or manually as appropriate to the nature of the potential compromise. Potential compromises have an incident management process defined (as outlined below) that ensures timely communication with customers and resolution of incidents. Protective monitoring approaches are reviewed regularly both internally and externally by an independent body.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our incident management approach complies with CSA CCM v3.0. Possible security incidents have a defined incident management process (including steps for triaging the potential impact of the incident, identifying and communicating with affected stakeholders in a timely and regular manner, identifying affected information, and taking immediate steps to resolve the incident and secure any affected systems). Possible and past incidents are reviewed regularly to identify where implementing additional security controls would prevent the incident from occurring. Points of contact (email and phone) are actively maintained and made available for customers to report potential incidents and for liaison with external enforcement.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Register Dynamics Ltd is committed to achieving Net Zero emissions by 2030. ; ; In 2021 we performed a Baseline Emissions Footprint calculation which showed that the majority of our carbon footprint comes from home office electricity usage, plus a minor contribution from commuting travel. ; ; Scope 1 emissions are zero, Scope 2 are at 1.64tCO2e, and Scope 3 are at 0.08tCO2e. This creates a total of 1.72tCO2e total emissions per year.; ; The following environmental management measures and carbon reduction projects have been implemented since then to ensure we are able to reduce carbon emissions to net zero by 2030:; - Encouraging staff to work from home and to adopt carbon neutral energy from renewable sources.; - Encouraging staff to commute using mass transit or where possible, net zero transport.; - Where possible with our customers, to aim for complete remote working to avoid business travel.; - Encouraging and supporting clients to adopt technology and tools which reduce carbon emissions wherever possible.

  Equal opportunity

  Register Dynamics is an equal opportunities employer and we believe in the benefits in having a diverse workforce. We aim to create a supportive company culture by:; - Encouraging open, honest and transparent communication.; - Maintaining a flat hierarchy where everyone’s ideas and input is valued equally.; - Creating a weekly ‘Dealer’s choice’ - which is a time and space for any staff member to talk about anything they want to (i.e. work related or not). This acts as a learning, sharing and discussions platform.; - Working in a fully flexible and adaptive way to take into account different locations, time zones and other family, health or complex life commitments. ; - Having regular feedback sessions in retrospectives and acting on the output of these.; - Creating a budget along with the time and space for all staff to access training opportunities including classroom-based courses, attending conferences and for self-directed learning.

  Wellbeing

  At Register Dynamics, we place a strong emphasis on staff wellbeing and work life balance. It is at the heart of our core values. We aim to create a supportive and positive working environment by:; - Enabling and championing remote and asynchronous working so that our team can work flexibility in terms of location, when and how they want; - Offering each team member a budget for equipment so that they can tailor their work stations and working environment to their specific needs.; - Encouraging people to take regular breaks away from their desks, to take and to enjoy their weekends and holidays and to have the space they need for their interests both inside and outside of work; - Meeting together flexibility and holding social events to enable staff to come together in a non-work related environment.; - Supporting new parents with one of the best maternity packages available in the industry along with flexible keeping in touch days, a return to work bonus and discretionary leave for child-related health appointments.; - Being sensitive to each other's cultures, ethical boundaries and personal challenges, and nurturing a team that respects and harnesses these differences and supports each other through challenging times.

Pricing

• Price: £50 to £375 a user
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@register-dynamics.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.