Learning Portal
An Aurion learning portal is a centralised online platform that provides learners with access to a variety of educational resources. A learning portal provides flexibility, scalability and a tailored space to present, empower and promote your learning initiative. Our learning portals use a component-based architecture built using the Umbraco CMS.
Features
- Content manageable using the leading Umbraco CMS.
- Brand configurable design to align with your brand guidelines.
- Component-based: components can be switched on/off to meet your needs.
- Dedicated learning spaces to consolidate content for specific topics/roles.
- Learner profiles drive access to relevant learning spaces/courses.
- Secure, authenticated login.
- Mobile responsive for use across a range of devices.
- Meets WCAG 2.1 Level AA accessibility standards.
- Analytics and visual reporting, including Google Analytics.
- No per-user licence costs.
Benefits
- Provides a dedicated online presence for your content initiative.
- Offers more flexibility in content layout/presentation than other platforms.
- Learning design consultancy aligns portal configuration with your learning need.
- Content-managed components allow key messages/resources to evolve over time.
- Consolidate multiple sources of learning into a single place.
- Deliver a modern learning experience.
- Report on completion and engagement with your learning initiatives.
- Analytics enable you to refine content to meet learner preferences/usage.
- Transparent pricing model is ideal for large-scale/public initiatives.
- Create a structured and engaging environment for your learning initiative.
Pricing
£26,250 a licence a year
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
9 2 2 7 6 0 0 9 3 6 3 6 4 3 1
Contact
Aurion Learning
Rebecca McClarty
Telephone: 028 9064 3211
Email: rebecca.mcclarty@aurionlearning.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Umbraco 13
- Cloud deployment model
- Private cloud
- Service constraints
- We maintain an agreed and documented Service Level Agreement (SLA) for ongoing maintenance.
- System requirements
- Up to date web browser
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
- Response tracking using the online Aurion Support tool, where clients can raise and track tickets. All bugs fixed free of charge. Change controls prepared for any work over 0.5 day in duration. We offer email and telephone support (9:30am – 5pm, Monday to Friday). Response times depend on the assigned severity level and will be agreed and documented in a signed Service Level Agreement. Typical response time is 1-4 working days. depending on priority of the request.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
- Our web chat uses easy to read text, supports keyboard shortcuts and screen readers and is usable across multiple resolutions, browsers and platforms. Our web chat is AA accessibility certified and we have QA testing using accessibility criteria, which we apply to any web chat experience we build for a client.
- Onsite support
- No
- Support levels
-
Aurion enters into a tailored Service Level Agreement (SLA) for every portal project. The SLA will be agreed, documented and signed off by the client team. The SLA documents the scope of the support services to be provided, severity levels and associated response times, along with any exclusions and our exit management plan. We offer three tiers of support package:
Standard: Up to 25 hours’ support per annum.
Enhanced: Up to 50 hours’ support per annum. Up to 10 hours of unused support can be carried into the next year if an additional year of support is purchased.
Custom: Number of hours agreed with client. Up to 20% of unused support can be carried into the next year if an additional year of support is purchased.
The scope of our support service covers reactive front-line support for key client personnel and end users (end user support included in custom tier only), account management (including regular review meetings - included in enhanced and custom tiers) and system maintenance.
For portal projects, we also provide a maintenance package, renewable annually, which allows for ongoing updates/enhancements to the solution.
Associated costs are included in our pricing document. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Aurion's learning portals are developed in line with our 5-stage technical development methodology, which incorporates detailed requirements gathering activities to ensure that the portal is configured in line with identified business goals and learning needs.
For client admin teams, we provide full back office training (delivered virtually) and training documentation. Training and documentation are customised to meet the specific needs and solution of each client.
For end users, we minimise support queries through the design of a highly intuitive web-based solution. We also include access to a 'Help' area with accompanying support FAQs on the portal. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- An exit management plan is triggered which would include the export of data from any Aurion managed systems. Upon confirmation that the portal is to be decommissioned at the end of a contract, we agree the next steps to ensure that you have time to review and advise us on what data you require from the portal to be saved before the portal is deleted. We then give you time to download your data, or ask you to provide permission for us to do so on your behalf to share with you. We then delete any personal data and the portal will be officially closes. The learner will also have the opportunity at any point to download their own training history.
- End-of-contract process
-
An exit management plan is triggered which details the processes that are followed to ensure a smooth handover to the client and, where necessary, a decommissioning of the service. The Exit Management Plan activities include:
• The Client Account Manager facilitates a meeting with key stakeholders from Aurion and client representatives.
• A detailed execution plan, roles and responsibilities, time required and timeline is drafted by Aurion, agreed and signed by the client.
If the System is to be retained by the Client:
• The client will be responsible for the payment of any relevant hosting, software and/or hardware fees required to maintain the System.
• The client will delete any Aurion administration accounts on the System.
If the System is to be decommissioned:
• Aurion will download system/user and training data and provide this to the client, or will provide assistance to enable the client to extract the required data.
• Upon confirmation of execution of the Exit Management Plan by the Client access is denied to all users and administrators to the System and the System is officially decommissioned and Aurion will destruct the live System data.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Aurion's learning portals are a responsive, browser-based web solution. The portal solution uses modern frameworks to ensure all content is available on mobile, tablet and desktop devices.
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- Aurion's learning portals are designed with a number of configurable components to meet individual client requirements, including logo and brand colours. In a learning portal, the learner journey begins with a pre-login homepage, where the learner can read more about the initiative and what is contained in the portal. The learner can then register, log in, view related news and information, be signposted to and complete relevant learning modules. Page types on a learning portal include pre-login, registration, post-login dashboard, search, module landing pages, learning spaces, help pages and admin reporting pages.
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
-
Umbraco has a community team working with the sole purpose of making the Umbraco Backoffice comply with WCAG 2.0 Level AA. This team has been hard at work on implementing these accessibility features to allow developers with disabilities to work with Umbraco.
Umbraco already provides a high level of accessibility and accessibility is thought into all things we do going forward. With an increased focus on accessibility in general, an ever-expanding test-suite for anything from color contrast to readability, and a vigilant community (and dedicated community team) keeping an eye on this, Umbraco can be confident in delivering a high standard of accessibility. - API
- No
- Customisation available
- Yes
- Description of customisation
- The solution is brandable on behalf of the client during configuration. This includes inclusion of client logo, fonts, colours and other brand assets. The solution uses a component-level architecture which means each component used will be themed inline with client brand guidelines. Administrator training means that all content is fully customisable by the client, for example, page content, news articles and topic areas. Personalisation within the portal can also be included, with different user profiles gaining access to specific content recommendations and topic areas. This will be agreed with the client prior to configuration to ensure all requirements are met.
Scaling
- Independence of resources
- We perform regular reviews of server capability in relation to user demand to ensure that the solution operates effectively. In addition, Aurion's learning portals are built upon the leading Umbraco CMS, which in turn is underpinned by Microsoft Azure, ensuring the best of infrastructure, performance and security.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Aurion provides service metrics in the form of reports as part of our Enhanced and Custom support packages. Enhanced Support: • One six-month online support review call between the Aurion Client Account Manager and client representatives to review and feedback on the overall management of the project. • Quarterly progress report / support ticket report to highlight trends and identify opportunities for improvement or new features. Custom Support: • As above plus one Steering Group meeting between the Aurion Client Account Manager and client representatives to review and feedback on service provision and the overall management of the project.
- Reporting types
- Regular reports
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Umbraco
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Reporting dashboards in our services allow for export to Excel format.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- For every Aurion learning portal project, we agree and document a tailored Service Level Agreement (SLA) based on specific client requirements. This SLA documents the scope of support to be provided and details agreed response times.
- Approach to resilience
- Aurion's learning portals are built upon the Umbraco content management system and typically hosted in Umbraco Cloud, which runs on Microsoft Azure. Our adoption of these proven service providers provides reassurance that you learning portal is underpinned by robust security, privacy and data collection practices. Microsoft Azure is resilient to attack, user access is controlled and data is secure and encrypted.
- Outage reporting
- Aurion provides email notification to system administrators for certain unplanned outages. The schedule of planned maintenance of the System will be published on the Aurion Learning password protected Project Management website. The real-time status of Umbraco Cloud can be reviewed online: https://status.umbraco.io/
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Public key authentication (including by TLS client certificate)
- Other
- Other user authentication
- Users use either a user ID or email address in combination with a password.
- Access restrictions in management interfaces and support channels
- Aurion creates specific administrator accounts using a pre-approved list from the client. The management interface and support channel can also be restricted to an IP range.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- Aurion holds ISO9001 accreditation and our security policies and processes are bound by our Quality Management System. We also hold Cyber Essentials certification and are working towards ISO27001 . Aurion maintains a Business Continuity Plan and Disaster Recovery Plan. These plans are reviewed annually and itemised on the agenda of the Annual Quality Management Review Meeting. Additional interim reviews are undertaken at Monthly Management meetings, which follow on from External ISO Quality audits at 9 months and a twice-yearly internal ISO Quality Audit. Any updates/improvements to these plans are approved by our Board of Directors prior to implementation.
- Information security policies and processes
-
Aurion Learning implements an Information Security Policy that aims to protect the company’s information assets from all threats, whether internal or external, deliberate or accidental, to ensure business continuity and minimise business damage. The policy helps us to: • Reduce the risk of IT related problems • Plan for problems and deal with them as they arise • Provide continuity of work if a problem occurs • Keep safe valuable company information • Fulfil professional obligations to clients • Comply with legal statutory requirements of GDPR and other legislative requirements. The policy outlines the responsibilities of our Data Compliance Manager, IT Manager and the wider Aurion team in relation to information security, including measures relating to hardware and software security, data transfer, email, remote working, etc. New starts are required to read and accept the Information Security Policy, with regular GDPR training provided to all staff. Data Processing Agreements and a Data Destruction register with associated processes are in place for each client. Aurion holds Cyber Essentials certification and is working towards ISO27001 accreditation.
For more information on information security processes from Umbraco, whose CMS underpins our learning portals, see: https://umbraco.com/trust-center/compliance-faq/
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Components of our services (versions, technologies, dates deployed) are stored in a Product Register held within our MIS. When changes or updates are applied, this register is updated accordingly. We utilise the MIS data to build a maintenance roadmap for software updates and bug fixes. Security updates are reviewed and applied as soon as released by the vendor. Our services then undergo Quality Assurance to ensure no issues are discovered.
Changes to services are governed by a Change Control process, in which we undertake a technical review of the proposed changes to determine impact on security, performance and data integrity. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Security updates are reviewed and deployed as soon as they are released by the vendor as part of a rapid response, typically on the same day as release. Our services then pass through Quality Assurance to ensure no new issues have been discovered. We perform automated testing of deployments in order to proactively detect issues.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Aurion maintains an incident management plan tailored to the specific needs of each client project. This plan includes a Service Level Agreement with documented response times to investigate and resolve potential compromises.
- Incident management type
- Supplier-defined controls
- Incident management approach
-
Aurion has pre-defined processes for each client depending on incident type. We automatically notify the relevant stakeholder group and adopt mitigation protocols. Users can report incidents via email, chat or by submitting a ticket on the Aurion Support tool. Incidents are automatically escalated based on "Incident" problem type to Level 3 support. Incident reports are sent to client stakeholders once the incident has been mitigated and a fix is in place. We also offer a follow-up analysis meeting to propose security enhancements.
Details of Umbraco's processes can be found at: https://umbraco.com/trust-center/compliance-faq/
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
Fighting climate changeFighting climate change
Aurion is committed to implementing strategies that promote protection of the environment, avoid waste and support sustainable business activities. Our commitment to the local community and environment has been recognised through awards including a commendation from Business in the Community Northern Ireland for Most Responsible Small Business.
Aurion maintains an Environmental Policy, which is reviewed and updated annually by our Board. The policy is aligned with our Business Plan, which focuses on 5 of the UN Sustainable Development Goals, including Infrastructure and Climate Action. Our annual Action Plan documents and tracks progress against each of the 5 Goals per annum. All new staff are required to review our Environmental Policy in their induction, and annual carbon literacy and environmental awareness refresher training is provided to all staff.
Aurion has signed up to the Climate Action Pledge in association with Business in the Community Northern Ireland. This helps us to benchmark our sustainability initiatives and provides verifiable measures for reductions in greenhouse gas emissions, energy use, resource consumption and waste.
We have a number of internal initiatives in the area of sustainability that are incorporated into our business policies as part of our ISO 9001:2015 accreditation. These include a cycle to work scheme for all staff with tax incentives, and regular CSR activities targeted at supporting the local environment and community, including volunteering with local charity, Storehouse Belfast.
Additional initiatives to improve the sustainability of our business include turning off lights/equipment when not in use, installing smart monitoring in our heating system, using energy-efficient hardware, etc. We design our solutions to minimise excess data usage/storage, thereby reducing energy consumption, e.g. compression of images/video, commissioning hosting plans that scale up/down to minimise over-capacity, etc. We reduce paper usage by adopting digital tools/documents as standard. We recycle obsolete hardware/furniture with local charities.
Pricing
- Price
- £26,250 a licence a year
- Discount for educational organisations
- No
- Free trial available
- No