Traineasy Ltd

LMS-X

A modern, SCORM-compliant Learning Management System, LMS-X supports both digital (e-learning and video) and instructor-led training. Training compliance management is made easy with powerful, live reporting, and the platform includes a fully integrated Career Track module to drive employee skills development. Customers range from single departments to large NHS Trusts.

Features

• Modern AICC- / SCORM-compliant LMS with extensive reporting
• Bright, clean user interface with dashboards that users love
• Training compliance reports are Live (real-time) with automatic email schedular
• Optional certificate generation on completion of courses/obtaining training compliance
• Fully integrated Career Track (Skills Management) module
• Full support for instructor-led training event scheduling and self-service (booking/unbooking)
• Activity completion can be linked to CPD hours for tracking/reporting
• Video gallery for curating YouTube-style playlists of content
• Create video-based activities where the percentage watched is tracked
• Use quizzes and surveys for knowledge checks, declarations, opinion polls

Benefits

• UK-designed by a specialist team with extensive LMS experience
• Ever-expanding, rich LMS feature set offers incredible value for money
• Dashboards/reporting provide valuable, real-time training activity/compliance MI for the business
• Career Track reporting provides valuable MI for succession planning
• Users' ability to role match/identify skills gaps, supports employee retention
• Video-based activities reduce the need for SCORM e-learning
• Flexible rules provide users/the business with alternative training compliance routes
• User group forum for NHS customers meets regularly
• Clear development roadmap, informed by customers
• Designed to meet the needs of both users and organisations

£3,000 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@traineasy.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

933996658544237

Contact

Sarah Lambie
01908508777
sales@traineasy.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: None
• System requirements: Recent spec web browser with javascript allowed

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within a maximum of 4 hours elapsed business hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Admin users from our LMS customers are able to contact us between the hours of 9 and 5 on UK business days via the support@traineasy.com email address or by phone on 01908 508777. We aim to resolve all requests for support as quickly as possible but ultimately, they are triaged, with the more serious issues taking priority. 9 - 5 helpdesk support for administrator users is fully covered within the LMS licence fee. Onsite support and training are provided at additional cost. Support for end users of this service is not available.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Throughout the onboarding stage, we work closely with customers to ensure administrator users of the LMS receive the information, training and support they need at each stage. We pride ourselves in providing a smooth onboarding experience and customers are often surprised at how quickly they can launch their new LMS. Onboarding typically includes: The initial LMS build, including configuration of the user data structure and graphical theming; Creation of the course catalogue structure and uploading of content; Configuration of instructor led training activity (for example, lists of venues, rooms, etc. and the agreement of the booking/cancellation email text); Agreement of username convention and an initial upload of user data; Creation of the user groups (audiences) for training; Creation of the training compliance rules (known as the compliances in the system); Configuring the training compliance and instructor-led event email reminders; Uploading of the historical training records (records of prior learning – RPLs); Preparation for launch (system testing); Launch.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: All user data, training completion and training compliance data is extractable in CSV format via the front end UI.
• End-of-contract process: At the end of a contract, typically the customer will remove any training completion data they need by extracting it in CSV format. At 5pm on the last day, the LMS is taken off-line and becomes unavailable to users. A data extraction service remains available for one month (POA) should the customer need it. The LMS and all its data are completely overwritten after 12 months.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: LMS-X is built with a web application design framework, which enables users to log in whatever their device and be assured that screens will adjust as needed to ensure objects, such as menus, remain visible and usable. Users can log in, view their dashboards, complete training and so on, without any issue.
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: Yes
• What users can and can't do using the API: We currently support access to training records via an API. In 2024 we will be able to integrate with a growing list of HR systems via the StackOne API.
• API documentation: Yes
• API documentation formats: Other
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: We work with clients at the onboarding stage to make sure the platform is themed according to their corporate branding and style guidelines. This includes background images, logos, colours, etc. At this stage, customers can change certain onscreen text and menu labels, as well as choose the objects to be seen by end users on logging in.; ; We also support clients in ensuring their course and activity thumbnail images look amazing, as when they do, LMS-X comes to life!

Scaling

• Independence of resources: Customers are provided with a dedicated LMS and server, specified at the outset to support the contracted number of users and to ensure the service is not affected by other clients. The customer’s server is specified according to the numbers of user accounts and system features required, based on standard criteria. All servers are monitored and automatic warnings set to provide notification should a client’s system start to approach set limits, at which point system resources can be upgraded to ensure continuation of agreed service levels.

Analytics

• Service usage metrics: Yes
• Metrics types: The LMS-X usage dashboard includes a line graph (trace) of LMS sessions over the selected time period (week, month, year, etc) together with breakdown by browser, device type and operating system. The average duration of sessions and the total number of sessions in the chosen timeframe are also shown. The number of active accounts Vs the number permitted, and the number of inactive accounts are displayed and there is a leader-board of pages most recently visited. The usage dashboard is in addition to a full suite of training compliance, activity completion and MI reports/dashboards also available in LMS-X.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: All user data, training completion and training compliance data is extractable in CSV format via the front end UI.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Customer LMS will be hosted at the ISO-27001-compliant Amazon Web Services (AWS) facility in London, UK. All commercially reasonable efforts will be made by Amazon and Traineasy to make the service available with a Monthly Uptime Percentage of at least 99%.
• Approach to resilience: Available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: N/a
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Amazon Web Services use EY CertifyPoint
• ISO/IEC 27001 accreditation date: 22/11/2023
• What the ISO/IEC 27001 doesn’t cover: All covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: NHS Data Security and Protection Toolkit 2023-4

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Traineasy maintains a written Information Security policy that defines employee’s responsibilities and acceptable use of information system resources. The organisation receives signed acknowledgement from users indicating that they have read, understand, and agree to abide by the rules of behaviour, before providing authorised access to Traineasy information systems. This policy is periodically reviewed and updated as necessary. Our security policies cover a wide array of security related topics ranging from general standards with which every employee must comply, such as account, data, and physical security, to more specialised security standards covering internal applications and information systems.
• Information security policies and processes: The Information Governance Steering Group is the primary vehicle for managing information Security policies and processes. Within Traineasy the Dev Ops Manager is the Chief Information Security Officer and is responsible for the day-to-day operational effectiveness of the IS policy, and its associated policies and processes. Traineasy's Data Protection Officer is responsible for ensuring that the company and its constituent business areas remain compliant at all times with Data Protection, Privacy & Electronic Communications Regulations, Freedom of Information Act and the Environmental Information Regulations. Both report to the IG Steering Group. Traineasy follows the information security model comprising three main components: confidentiality, integrity and availability. These components are all reviewed on an ongoing basis as part of our Risk Assessment process. The types of data, location and access levels are constantly reviewed and monitored as part of this process. Staff education and training is integral to this process, and all staff are required to be compliant in mandatory Information and Cyber Security training, carried out at least annually. The CIO reports annually to the Traineasy Board that all security policies are up-to-date and training and Cyber Essentials accreditation have been completed.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Traineasy maintains a change management process to ensure that all changes made to the production environment are applied in a deliberate manner. Changes to information systems, network devices, and other system components, and physical and environment changes are monitored and controlled through a formal change control process. Changes are reviewed, approved, tested and monitored post-implementation to ensure that the expected changes are operating as intended.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Security assessments are done to identify vulnerabilities and to determine the effectiveness of the patch management program. Each vulnerability is reviewed to determine if it is applicable, ranked based on risk, and assigned to the appropriate team for remediation.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Traineasy deploys Avast endpoint monitoring software. The dashboard shows status across all devices. Alerts are sent to our team and vulnerabilities are regularly reviewed. MyNCSC provides early warning service to our public URL's. Statuscake monitors uptime.
• Incident management type: Supplier-defined controls
• Incident management approach: Traineasy has a formalised incident response plan (Incident Response Plan) and associated procedures in case of an information security incident. The Incident Response Plan defines the responsibilities of key personnel and identifies processes and procedures for notification. Incident response personnel are trained, and execution of the incident response plan is tested periodically. An incident response team is responsible for providing an incident handling capability for security incidents that includes preparation, detection and analysis, containment, eradication, and recovery.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  In recognition of the climate crisis and the threat - particularly to vulnerable communities this poses, Traineasy has pledged to become a Carbon Literate organisation by the end of 2024 and Net Zero by 2030. We have developed a suite of five climate change knowledge e-learning modules aligned with the Carbon Literacy Project's 'Carbon Literacy Knowledge (CLK) Framework', which are now available for customers as well as Traineasy staff, to work though as part of their Carbon Literacy training. To complement these, we have produced 12 additional e-learning modules that discuss ESG, sustainability and the circular economy. This 'Green Skills Curriculum' supports the UK governments Intervention E39: "Green skills courses targeted around ensuring we have the skilled workforce to achieve the government’s net zero and wider environmental ambitions." We will be adding further modules to our Green Skills library of e-learning courses throughout 2024 and 2025, all of which will be available for customers as well as Traineasy staff as a resource to help them develop the skills we will all need for a greener future.

  Equal opportunity

  E-learning can help overcome employment inequality by providing equal access to education and training opportunities. For instance, online learning platforms can offer courses and training programs that can be accessed by anyone, regardless of their location or socioeconomic status. This can help individuals from disadvantaged backgrounds gain the skills they need to secure better employment opportunities.; ; E-learning can help bridge the skills gap by providing affordable and accessible training options. Online learning platforms can offer a wide range of courses that allow workers to continually acquire, retain, and revise in-demand skills throughout their careers. This can help workers stay competitive in the job market and meet the evolving demands of the workforce.; ; E-learning can also help address pay gaps in the workforce. For example, providing equal access to training and development opportunities can help ensure that all employees, regardless of gender or race, have the opportunity to develop the skills needed to advance in their careers and earn higher wages. Additionally, e-learning can provide training on diversity, equity, and inclusion, which can help organizations understand and address systemic pay inequalities.

  Wellbeing

  The mental, physical and emotional wellbeing of our staff and customers is fundamental to our success. One of the ways we seek to promote this is by including a suite of seven short animated videos covering 'the five ways to wellbeing' in the video gallery of every LMS we supply to customers, and in the LMS used by Traineasy staff when completing their induction or annual training.

Pricing

• Price: £3,000 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Traineasy can create a sandboxed demonstration site for testing using the standard product. We don't impose a time-limit on access but this is not commercial and with limited user accounts and is part of a proof of concept approach to show you the features.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@traineasy.com. Tell them what format you need. It will help if you say what assistive technology you use.