Skip to main content

Help us improve the Digital Marketplace - send your feedback

Think Learning

Think Learning Record Store (LRS) xAPI Platform

Store, manage and display learning data from multiple platforms and sources with our Learning Record Store (LRS). Can be integrated with client learning architectures and configured for xAPI tracking, reporting, xAPI statements and metrics. Also available with our Totara TXP product range. Healthcare, NHS, and Government specialist experience.

Features

  • Store and display learning data from multiple platforms and sources
  • Process and store xAPI statements and learning results
  • Define the metrics and outcomes that your learners achieve
  • Highly configurable learning reporting and tracking
  • Can integrate with multiple LMS, LXP and learning platforms
  • Any content or application can use the Experience API
  • Organise learning data from multiple different sources
  • Improve learner engagement and outcomes with the xAPI standard
  • Securely hosted and maintained

Benefits

  • Capture learning interactions from mobile apps and webpages
  • Store learning experiences flexibly with the xAPI format
  • Track real-world experiences as well as formal learning
  • Collate multiple sources of learning data for rich analytics
  • Significant scalability compared to an LMS
  • Real-time data access and updates
  • Sophisticated catalogue search and browse
  • Skills Passport and transfer between organisations
  • Badges and micro-credentials

Pricing

£8,308 to £26,153 an instance a year

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@think-learning.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

8 7 8 8 1 5 6 5 5 8 9 2 3 8 7

Contact

Think Learning Think Learning Commercial Team
Telephone: 01273 025078
Email: hello@think-learning.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Totara TXP Learn LMS (Learning Management System), Totara TXP Performance (Talent Management Platform), Totara Engage LXP (Learning Experience Platform)
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
Planned downtime for scheduled updates/upgrades, pre-agreed with clients for maximum convenience/efficiency, and minimum disruption to end-users.
System requirements
  • PC or Mac: Windows 7+, Mac OS X 10.5+
  • Client-side JavaScript required
  • Tablet or Smartphone: Android, iOS

User support

Email or online ticketing support
Email or online ticketing
Support response times
Our standard response time within UK business hours:
- Critical: 1 hour
- High: 4 hours
- Medium: 8 hours
- Low: 16 hours
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Standard online 2nd and 3rd line support to client administrators (£90-£110/hr dependent on issue complexity). This covers off-site support, helpdesk responses, booked webinar appointments, and other activities requested by client (e.g. site configuration, user guide creation, etc). We track time used against the Support budget in our timesheet system at our standard rates of £110/hr (£825/day) for problem-solving and consultancy, or £90/hr for administration tasks, explanations, and straightforward configuration work via our helpdesk. 20% of the overall support budget is not formally tracked by our teams, and is accounted for by quick, adhoc query responses, access to our online Helpdesk, and further Support-based reporting and analysis. We take a proactive, collaborative approach to Support, working hard to ensure that support queries receive long-term solutions (with detailed responses designed to prevent issue recurrence). We track/report Support budget usage for clients, so that you can make informed, timely decisions about whether or not extra budget is required during the contract. You do NOT pay anything for us to fix confirmed bugs with the system or confirmed technical issues with our hosting services. We offer client portal/forum access, and involve clients with roadmap development and platform strategy. Premium support services are available.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Prior to launch, as part of our robust Implementation Service, system administrators go through rigorous training and hands-on familiarisation programmes which are delivered via live, interactive online training sessions (which can be recorded for refresher training purposes). Additional cost where onsite training/workshops are specifically required. In business-as-usual, system administrators have ongoing support via the Think Learning Helpdesk (utilising their Client Services & Support budgets), and via optional further training and consultancy from our Operations and Development Services teams. We also facilitate client networks (sector- and topic-specific), events, and forums to promote networking, sharing and collaboration.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Administrators are able to run and export a range of reports in order to extract user/activity data. In addition, we provide you with a copy of all site user data and records. We not provide copies of code created by Think Learning for/with our clients, which is for use by our client community only. We can provide additional help in migration, either using remaining support budget or for an additional support fee.
We purge all client data from servers and all historic backups.
End-of-contract process
The off-boarding process is included in the price of the contract (provide client/new supplier with all data, purge client data at agreed timescale), any additional actions would be at additional cost.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Applications are written in-line with industry web standards including XHTML, HTML5, and ECMAScript 5.1 (commonly referred to as JavaScript). Application displays in the latest browsers that supports these standards. We aim to ensure that the product is equally usable both on desktop and mobile devices. Areas such as navigation, expandable/collapsible sections, and actions should all work with both desktop and mobile controls.
Service interface
No
User support accessibility
WCAG 2.1 AA or EN 301 549
API
Yes
What users can and can't do using the API
Application relies on xAPI statements. Others APIs created by Think Learning on request (scoped and costed individually)
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Our user interface provides administrator options to configure platform features, elements, reports, settings, theming, user journeys and permissions. Users with the appropriate level of permission can make the customisations.

Scaling

Independence of resources
Our platforms are hosted on scalable cloud servers that are monitored 24/7 using performance monitoring software.

Analytics

Service usage metrics
Yes
Metrics types
The platform includes an audit trail for site-wide user activity logging. This system data can be displayed on a page or downloaded in text, ODS, Excel. We also provide free site activity tracking reports (from a web analytics application) to provide rich data around platform in-page time spent, bounces, geographical access and device/browser intelligence.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach
Encryption at rest for virtual environments is available on request.
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Site users (with appropriate permissions) are able to run and export report data based on their activity and site records. We can, on request, create user report export/extract features, at additional cost.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
PDF
Data import formats
  • CSV
  • Other
Other data import formats
External system or database integration

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
We work to make your System available for use over the internet 24 hours per day, 7 days per week. We commit to no more than 0.1% of the year of unscheduled downtime (total inaccessibility to your production site), with service credits if we don’t meet this commitment (based on additional free weeks of hosting/maintenance service). Planned maintenance is excluded from the calculation. At least 5 working days of notice will be provided for any maintenance taking place between 5pm and 8am. At least 10 working days of notice will be provided, for any maintenance taking place between 8am and 5pm (or as agreed with clients). Your site will be monitored via health checks at the server and application layers.
Approach to resilience
We provide clients with access to high performance, secure, entirely UK-based platform services (with ISO27001, ISO9001, ISO27017 certification). A tier 3 data centre in London, and 100% network uptime guarantees. Includes a hot spare blade, so that in the event of a blade failure, a fresh blade is provided and restored. Daily backups are provided and stored on a separate SAN located on a separate physical location. Firewalls are provisioned in a High Availability (HA) pair and are fully managed. The DDoS defence system is based on detection/diversion/verification/forwarding, and inspections are performed in real time, including the provision of IDS server monitoring for any malicious activity.
Outage reporting
We report outages through Think Learning Helpdesk notifications, email alerts, and by phone, as relevant.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Platforms utilise role-based access control for named system administrators, and all other role types (i.e. managers, employees, trainers, etc). The individuals, system administration and management roles, and specific configuration access are specified and agreed as part of the Implementation process. The named system administrators also have access to technical support via the Think Learning Helpdesk. This is routinely audited, as part of ISO27001 accreditation.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
ISO Quality Services Ltd
ISO/IEC 27001 accreditation date
04/03/2022
What the ISO/IEC 27001 doesn’t cover
Our data centre partners have separate ISO27001 certification for the UK data centre. Certificate available on request.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
IT Governance Ltd
PCI DSS accreditation date
24/04/2023
What the PCI DSS doesn’t cover
N/A
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
ISO9001

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials Plus
ISO9001
Information security policies and processes
Information Security Management System policies and processes, certificated and audited bi-annually by ISO Quality Services Ltd. Audit reports available on request. The Information Security Manager is a board level Director.
Our Cyber Security and Information Security policies are communicated to, and signed by, all Think Learning employees. Staff training around GDPR is a key element of our onboarding process. We have regular audits of the controls listed above in terms of ensuring that all devices used by staff are fully compliant. All staff are updated at internal company meetings about ongoing cyber and information security requirements of personal devices and internal systems. As consultants, they can also advise on the Infosec capabilities of our cloud-hosted platforms.
Think Learning also has an ICO registered Data Protection Officer (DPO).

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Code is managed by the Technical Services team utilising Git. Service and feature changes follow secure software development practices, and risk reviews prior to launch, including pen test processing. Access to production environments is limited. All changes are reviewed and tested before approval and promotion. Stages include design, documentation, implementation and/or rollback, testing in staging and dev sites, peer review, and approval by authorised parties. Exceptions to change management processes are documented and reviewed. All changes and upgrades are tested within a client specific development environment to ensure functionality and security before moving to the live environment.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability management is a control within our Information Security Management System (12.6.1). We monitor for vulnerabilities, and where vulnerabilities are identified, system asset lists are examined to assess the impact of the vulnerabilities on the security of the system. Where a software update is deemed necessary, then the change control process is initiated. Critical patches are deployed as soon as reasonably possible.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Our cloud-hosted platforms are monitored 24/7 at the application layer via health checks and performance monitoring. In the event of a potential compromise the technical team are alerted by text to resolve the issue within the stated SLA. Our security suite and defence system is based on detection/ diversion/ verification/ forwarding.
Incident management type
Supplier-defined controls
Incident management approach
Users report incidents via the Think Learning Helpdesk, which triggers the internal incident management process, involving Classification and initial support; Investigation and analysis; Resolution recording, closure and reporting via the Helpdesk.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

Think Learning is a Carbon Audited Organisation, to support ours, and our customers', social and environmental objectives as we move towards a net-zero carbon economy. Audited by https://carbonmanagers.com/. We are committed to carbon reduction in light of the global climate emergency. Through an annual carbon audit we understand the impact of our operations and we minimise this through a long-term investment into carbon offsetting using a combination of ethical carbon removal methods and annually achieving less than 'net zero'. We apply our environmental policies to the activities of all our offices and wherever possible to our consultants when operating on client sites. We will support our clients’ environmental policies when we are operating on their sites. The company applies the principles in a number of ways:
• Our hosting partner is fully ISO14001 compliant at their London data centres, and are very committed to environmental sustainability. They work to actively reduce the impact of all of their data centres on the environment, through energy efficiency programmes.
• We undertake an annual company carbon audit.
• We encourage consultants to work from home whenever possible to reduce impact on the environment.
• We encourage our consultants to use public transport when travelling, and we operate a car hire scheme which reduces the need for employees to own cars.
• We conserve natural resources by reusing and recycling materials such as paper and printer cartridges, purchasing recycled materials or with a high recycled content, and using recyclable packaging and other materials wherever possible.
• We use electronic communication such as email, intranets, voice over IP and P2P software to reduce the amount of paper used.
• We undertake regular internal audits to ensure ongoing compliance with this policy, including where they impact our Cyber Essentials Plus, ISO9001 and ISO27001 accreditations.
Covid-19 recovery

Covid-19 recovery

During the pandemic, we've strengthened and improved our technological and service infrastructure, and we are able to offer a very robust, entirely virtual service. We’ve responded quickly to pandemic-related pressures, helping Healthcare clients to schedule mass-staff vaccination appointments, creating a Risk Assessment solution, and configuring PPE-related workflows and e-Forms. We've built increased resilience and capacity so that we can continue to provide high quality, uninterrupted services to our (predominantly Healthcare) client base. We're privileged to have been able to support a wide range of public sector organisations during the pandemic, but especially a large NHS Healthcare client base, who have achieved incredible results in very difficult circumstances, and who have been pushed to deliver more, faster, better, with learning technology. Our platforms have allowed the NHS to rapidly onboard thousands of volunteers and medical staff returning to work to deliver the vaccination program during the pandemic. This was achieved not only by the flexibility of the platform, but also with Totara’s waiver of subscription threshold charges to support NHS efforts in the fight against COVID-19. Throughout the pandemic, Totara was adopted by an additional 44 healthcare customers (in 2020 alone) as organisations sought agility in their learning platforms to rise to the challenges posed by COVID-19.
Tackling economic inequality

Tackling economic inequality

The majority of our clients are not-for-profit organisations in the public and tertiary sectors. With extensive experience in Non-profit and Health sectors (25% of England’s NHS staff use our Totara Learn platform), we place a high priority on values-based working, and aim to engender a professional culture which recognises and supports the public-spirited ethos of our range of clients.
The company applies the principles in a number of ways:
• We donate to NHS Charities Together, in order to recognise the extraordinary work of healthcare workers.
• We donate to (and sponsor) NHS employee award ceremonies and presentations, to recognise their contribution to society and their communities.
• We support our employees to volunteer in their local community, as part of their Think Learning salaried time. This enables them to donate paid time to charities/community projects up to 8 hours per year.
Equal opportunity

Equal opportunity

Think Learning is committed to building an organisation that makes full use of the talents, skills, experience, and different cultural perspectives available in a diverse community, and where people feel they are respected and valued, and can achieve their potential regardless of age, gender, sexuality, disability, religion, race, colour, nationality, national or ethnic origins. We follow the recommendations of the CRE’s statutory Code of Practice on Racial Equality in Employment in all its employment policies, procedures and practices. The aims of our published Equal Opportunity Policy are to ensure that:
• no one receives less favourable treatment, on grounds of age, gender, sexuality, disability, religion, race, colour, nationality, or ethnic or national origins, or victimised for taking action against discrimination or harassment, or instructed or put under pressure to discriminate against, or harass, someone;
• the organisation is free of unwanted conduct that violates the dignity of workers or creates an intimidating, hostile, degrading, offensive or humiliating environment;
• opportunities for employment, training and promotion are equally open to all candidates; and
• selection for employment, promotion, transfer and training, and access to benefits, facilities and services, will be fair and equitable, and based solely on merit.
Wellbeing

Wellbeing

We provide integrated health cover for all staff including an Employee Assistance Programme and a trained Mental Health First Aider. To help relieve pressure on NHS services, we provide health insurance to employees, which includes benefits such as: Fast track GP appointments, Counselling through 'Stronger Minds', and the 'Be Supported' EAP portal.

Pricing

Price
£8,308 to £26,153 an instance a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
The free trial site enables you to explore Platform functionality and try out features. Contact hello@think-learning.com for access. Site configuration and data is refreshed periodically.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@think-learning.com. Tell them what format you need. It will help if you say what assistive technology you use.