Alchemist Learning and Development

Alchemist Learning Journey

The Learning Journey Website/App is a one-touch solution for accessing observations, reports, commentary and feedback, as well as live access to scheduling coaching sessions with internal stakeholders or with Coaches/Executive Coaches.

The app supports the utilisation and embedding of a commercial capability solution by explicitly communicating specific behaviours expected.

Features

• Custom Learning Journeys for Users (Courses/e-Learning/Tasks/Coaching)
• Online Video Coaching and Scheduling
• e-Learning Section with Dedicated Scorm Player that Records Attempts/Results
• Training Needs Analysis based on clients competency frameworks
• Resource Center
• Real Time Reporting
• Multi-Language and custom text
• Online via Desktop (Web) and Mobile Apps (Android and iPhone)
• Manager Support Section for Line of Sight
• Follows 70:20:10 Learning Methodology

Benefits

• Easy for users to use and navigate
• Can be used wherever there is an internet connection

£20 to £95 a user a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Brandonvb@thisisalchemist.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

859327126864163

Contact

Brandon Van Blerk
(0)1752 848725
Brandonvb@thisisalchemist.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No, although there will be planned/scheduled maintenance from time to time.
• System requirements: An internet connection with any Web Browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: For users we provide first line email support same day but not at weekends.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: As the system is totally online and hosted by us we provide email and phone support for users at no additional costs. We have multiple Cloud Engineers who will respond to anything that is not working for users. If there is a technical issue then a ticket will be raised.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide light online training due to the structure of the Website/App. We can also provide a video to watch and basic manual/user guide to read.; ; For Administrators who setup use of the service we provide a full manual/user guide and training.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: This is dealt with via client administrators for companies who have users on the system and we can generate a variety of reports and we can provide support when contract ends to provide any other information.
• End-of-contract process: We work with clients to establish any data that is required from our systems along with secure deletion of all information as per GDPR at no cost. There may be additional costs based on other clients requirements.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: We have dedicated Apps for Android and iPhone that are available on the respective Stores. Website and App versions work exactly the same.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Users can use the API to link the common elements of our system with theirs, so they can pull information for reporting, push users. Full customisation is available via our professional services team
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The look and feel of the system along the user experience can be customised by clients administrators or our professional services team. Customisation is via an administration portal. Further customisation is available from our professional services team. We recognise that our product out the box is enough for most clients however we can customise so it fits clients needs exactly.

Scaling

• Independence of resources: We have servers to cope with large numbers of concurrent users and this is regularly monitored and servers update when required based on client contracts.

Analytics

• Service usage metrics: Yes
• Metrics types: We can provide useage reports.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users cannot export data as everthing is held in the system. Client Admistrators are able to do this. There is only limited personal data which includes name, job title, company and email address (usually Work).
• Data export formats: Other
• Other data export formats: On screen reports - there is no export feature
• Data import formats: Other
• Other data import formats:
  • There is no import feature for users
  • Excel for client administrators

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee an uptime of 98%
• Approach to resilience: It's designed by having multiple servers, in more than one datacentre, along with 5 minute snap shots to allow of an instant reinstatement if required.
• Outage reporting: Email alerts to our system administrator team.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: We can disable and or remove accounts.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Standards Institution
• ISO/IEC 27001 accreditation date: 6/10/2021
• What the ISO/IEC 27001 doesn’t cover: We abide by all controls and objectives as laid out in certification requirements
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: As a business we are ISO27001 Certified and abide by all appropriate standards and requirements. We maintain multiple Information Security policies which are reviewed and signed off annually by the appropriate member of the Senior Leadership Team. These policies are also viewed by the BSI auditor each year. When Information Security Risks or Non-Conformities are reported, each instance is logged and a corrective action plan is put in place. The results of which are discussed at dedicated quarterly Info Sec Meetings which are attended by the Senior Leadership Team. Our Info Sec policies are free to view for our staff on our intranet site and they are instructed to read them.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Each change is approved by a system architect before it's implemented, all changes are tracked and logged.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Threats are graded low - medium - high - critical; ; Patches are deployed within 24 hours of being available; ; Security threat information comes from Cyber Risk Intelligence as-a-Service that we subscribe to.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Automatic detection in our secure cloud.; ; Implement procedures defined in our quality manual; ; Within one hour
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Users can email or phone a named contact or raise a ticket using a dedicated service.; ; We log all incidents and track these in a dedicated spreadsheet.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Online courses and online materials reduce our carbon footprint.
• Covid-19 recovery:

  Covid-19 recovery

  This platform is allowing us to assist businesses with online programmes that would otherwise be face-to-face events.
• Wellbeing:

  Wellbeing

  As a learning and development company, we help to promote wellbeing in a number of ways. One of the most important is by helping to develop people's skills and abilities. This can lead to increased confidence and self-esteem, which can have a positive impact on mental health. In addition, we help to create workplace cohesion and support networks. This is especially important for vulnerable groups such as those with mental health problems or disabilities. By working with Alchemist we can help local authorities and other public sector bodies to ensure that everyone has the opportunity to learn new skills and improve their wellbeing.

Pricing

• Price: £20 to £95 a user a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Setup of a demonstration with 14 day access to key stakeholders. Structures would match as closely as possible what client requires.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Brandonvb@thisisalchemist.com. Tell them what format you need. It will help if you say what assistive technology you use.