GROUP ED LIMITED

GroupEd

GroupEd offers a cloud-based school management information system (MIS) designed for simplicity and efficiency. Streamline your administrative tasks, enhance communication, and access insights for improved decision-making.

Features

• Student data management and tracking
• Attendance monitoring and reporting
• Parent and student communication tools
• Behavior and safeguarding management
• Assessment and gradebook functionality
• Curriculum planning and timetabling
• Financial management and reporting
• Analytics and insights
• Mobile app for parents and students
• Integrations with other education tools

Benefits

• Saves time and reduces workload
• Improves data accuracy and accessibility
• Enhances communication and collaboration
• Provides insights for decision-making
• Cloud-based for anywhere, anytime access
• Integrated modules reduce need for multiple systems
• Streamlines administrative processes
• User-friendly interface for ease of use
• Supports regulatory compliance
• Customizable to school/MAT needs

£650.00 to £20,000 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cerys@grouped.org.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

992386117466132

Contact

Cerys Furlong
07825986177
cerys@grouped.org.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: SIMS 7 (Capita); Arbor; Bromcom; ScholarPack; Pupil Asset; iSAMS; Engage; RM Integris; Facility CMIS; SchoolPod; WCBS; And more (the list is regularly being expanded)
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements:
  • Web browsers- Microsoft Edge, Firefox, Chrome, Safari
  • Windows 7 and above
  • MacOS
  • Android OS
  • IOS
  • Recommended 4GB Ram

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our Knowledge Support is available 24/7/365; Our Webform/ email support and customer service phone line are available Monday- Friday 8am- 5pm; ; We categorise all support requests depending on number of users affected and disruption to customer, as detailed in our Service Delivery Document but summarised as:; ; High Priority- Response in 2 hrs; Medium Priority- Response in 12 hours; Low Priority- Response in 24 hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide a comprehensive support package that combines technical assistance with proactive guidance:; ; Included with our service:; Access to our extensive knowledge base, FAQs, and tutorials.; Support ticketing system with guaranteed response times within 24 hours during business days.; Direct email and phone support with experienced engineers.; Proactive system monitoring and alerts to identify potential issues before they cause disruptions.; Regular consultations to optimise your use of our platform and address emerging needs.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We provide a comprehensive onboarding experience to ensure users can quickly and successfully adopt our service. This includes:; ; User Documentation: A well-structured knowledge base with step-by-step guides, tutorials, and FAQs for self-paced learning.; ; Online Training: Webinars, live demos, and pre-recorded video courses to offer more interactive guidance.; ; Onsite Training (if applicable): Tailored training sessions at the client's location for larger implementations or complex setups.; ; Dedicated Support: Our support team is readily available to answer questions, provide assistance, and address any initial challenges.; ; Proactive Outreach: We may utilise personalised onboarding plans with check-ins for larger clients to ensure a smooth transition.; ; Our goal is to empower users to achieve their objectives with our service from day one.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats:
  • Word Doc
  • Video
  • Powerpoint
• End-of-contract data extraction: We ensure you retain full ownership of your data and provide flexible options for extraction at the end of the contract.; ; Preferred Method: Secure JSON API provides structured data for easy integration with other systems. We'll assist with API access and documentation.; ; Alternative Formats: If needed, we can export data in common formats like CSV upon request.; ; Data Retention: We'll clearly outline in the contract any data retention periods after the contract ends to ensure ample time for extraction.; ; Support: Our support team is available to guide you through the extraction process and answer any questions.
• End-of-contract process: Data Access and Export: We ensure you retain full ownership of your data after the contract ends. We provide options for easy export:; Secure download of your data in a common format (CSV, JSON).; Access to our API for programmatic data extraction (for developers).; Contract Renewal: We'll notify you well in advance of your contract expiration to discuss renewal options and ensure a smooth service continuation.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: We provide a full API access to all data assuming the school and relevant parties have provided permission to do so.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: We understand that every user has unique needs. Our service offers flexibility through the following customization options:; ; What Can Be Customised; ; Features Page: Our easy-to-use features page allows schools to enable or disable specific functionalities as needed. This might include things like:; Parent communication ; Attendance; Activities; School Shop; and so on; ; Self-Service: Designated school administrators can directly manage feature settings through the features page within the user interface.; ; Who Can Customise; ; Administrators: School administrators with the appropriate permissions have access to customization options to ensure they have control over their school's setup.; ; Additional Notes:; ; We may offer expanded customization capabilities for larger organizations or bespoke requirements – please contact our sales team to discuss individual needs.

Scaling

• Independence of resources: Data Replication: We replicate data in at least three geographically distinct areas for redundancy and high availability. This ensures data safety and helps balance read traffic.; ; Load Balancing: We utilise load balancers to distribute traffic intelligently across our infrastructure, ensuring that no single server or resource becomes overwhelmed.; ; Resource Allocation and Scaling: We implement dynamic resource allocation and autoscaling mechanisms that adjust capacity based on demand, ensuring that each user has the resources they need.; ; Performance Monitoring: Proactive monitoring helps us identify bottlenecks early, allowing for timely adjustments to maintain optimal performance.

Analytics

• Service usage metrics: Yes
• Metrics types: Feature usage:; ; Supports training needs assessment.; Informs feature adoption and usability improvements (Product Managers).; ; Parent/Guardian usage:; ; Provides adoption metrics to schools, aiding identification of engaged parents and targeted follow-ups.; ; Staff usage:; ; Offers login history and permission data for security monitoring.; Tracks individual service usage for each staff member.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: This can be done via a button to export to excel where available or via an API.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • Excel
  • JSON
  • PDF
  • WONDE
  • CTF
  • ATF
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • WONDE migration tool
  • CTF
  • ATF
  • XML
  • GroupEd API

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We target a 99.999% uptime. We currently don't guarantee this, nor offer a refund if it is not met. ; ; We unsure that our failover mechanisms are in place to be able to deliver 99.999%.
• Approach to resilience: Data is automatically replicated across at least three locations. This safeguards data even if an entire location fails. ; ; Point in time recovery is supported.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Management access has password and MFA and where data is more secure, we will restrict access to only certain IP addresses.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Barclays Bank
• PCI DSS accreditation date: 01/02/2018
• What the PCI DSS doesn’t cover: PCI DSS Compliance Level 4; ; Applies to: Any merchant processing fewer than 20,000 e-commerce transactions per year, and all other merchants — regardless of acceptance channel — processing up to 1 million Visa transactions per year. For example, a small local business.; ; Unlike higher levels of PCI compliance, PCI DSS Level 4 merchants do not require audits, do not submit ROC, and may not need AOC forms.; ; Organizations at this level are mainly faced with meeting the PCI requirements of their bank. Their requirements typically include:; ; Using only Qualified Integrators and Resellers (QIRs) to install, integrate, and service point-of-sale (POS) equipment and applications; Perform an annual Self Assessment Questionnaire (SAQ); Perform quarterly network scans with an ASV
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We have a robust security governance framework that aligns with industry best practices . This includes:; ; Risk-Based Approach: We regularly assess risks to our software and customer data. This informs our security policies, controls, and priorities.; ; Secure Development Lifecycle (SDLC): Security is integrated throughout our development process, from design to deployment. We use code reviews, security testing, and vulnerability scanning.; ; Access Controls: We implement the principle of least privilege with role-based access controls and regular permission reviews; ; Incident Response: We have a defined incident response plan for rapid detection, containment, and remediation of potential security breaches.
• Information security policies and processes: We prioritise information security practices in our daily work. Key policies and processes we follow include:; ; Acceptable Use Policy (AUP): We strictly adhere to the company's AUP, ensuring responsible use of technology and data.; Password Security: We implement robust password practices, including strong, unique passwords, secure storage via a password manager, and regular updates.; Data Classification and Handling: We classify data based on sensitivity and apply encryption, access controls, and secure transfer methods accordingly.; Access Controls: We operate on the principle of least privilege, accessing only necessary systems and data for our roles.; Incident Reporting: We have a clear understanding of the incident reporting process, ensuring prompt communication of any suspected security breaches.; Security Awareness: We actively participate in security training and stay informed about evolving threats to maintain a strong security posture.; We recognise information security as a continuous process and remain committed to protecting the company's assets.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: While we have relatively infrequent infrastructure changes, we maintain a software-centric approach to configuration management. We track software versions, dependencies, and deployment configurations for both our API and front-end applications. Changes to these components undergo a thorough risk assessment, specifically evaluating security impacts. This includes potential vulnerabilities, threats to data integrity, and implications for compliance with security standards. We leverage AWS tools as needed to gain visibility into our infrastructure and aid in the change assessment process.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We identify potential threats through AWS security bulletins, trusted sources, and by monitoring AWS WAF and Shield events. We assess and prioritise vulnerabilities based on risk. Patches are deployed swiftly, often using automation, with testing prior to production rollout. Scans verify effectiveness. Automated emails notify stakeholders about critical vulnerabilities, and regular status reporting is provided.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our protective monitoring processes center on real-time analysis of system logs, network traffic, and security events. We use a combination of automated tools and manual review to identify potential compromises, suspicious activity, or policy violations. Upon detecting a potential compromise, our incident response protocol activates. This includes immediate containment to limit impact, followed by investigation, root cause analysis, and remediation. Our target response time for critical incidents is within one hour to ensure swift mitigation.
• Incident management type: Supplier-defined controls
• Incident management approach: Our incident management process follows a structured framework with pre-defined procedures for common incident types, ensuring consistency and efficiency. Users report incidents via a designated helpdesk, phone line, or online portal. Incident reports are logged, triaged, and escalated based on severity. Throughout the process, we provide regular updates to impacted stakeholders and generate a detailed post-incident report. This report includes root cause analysis and recommendations to prevent future occurrences.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are ambitious about reducing our impact on the climate and committed to reducing our carbon emissions to as close to zero as possible. We do this through working with AWS, who have committed to reaching net zero by 2040, a decade ahead of the Paris commitment. We do not rely on legacy servers which are energy inefficient. We also regularly review our working practices to minimise our impact on the environment, for example our sustainable transport and active travel policies.

  Covid-19 recovery

  A key impact of Covid 19 on schools and young people has been a reduction in attendance levels across the UK and all age groups. We have designed innovative ways to support schools to improve attendance-ensuring that more young people attend school and can address impact of covid 19

  Tackling economic inequality

  We are committed to delivering innovative and disruptive technologies throughout the ongoing development of GroupEd so that we can deliver lower cost and higher quality goods and services to schools.; ; Our use of cloud based software, and modern database infrastructure ensures our business is scalable

  Equal opportunity

  Centralised, Accessible Data: GroupEd's MIS consolidates information about students, including demographics, protected characteristics, academic progress, and other relevant data. This allows schools to have a clear overview of their whole school community, improved data analysis so that they can address the inequalities that occur for different pupils across schools, local authorities and multi academy trusts.; ; Monitoring and Analysis: The reporting and analytics features in GroupEd help schools track and analyze data related to protected characteristics (e.g., gender, ethnicity, special educational needs). This enables identification of potential disparities or areas where greater focus on equal opportunity is needed.; ; Fair Processes: GroupEd's tools for admissions, attendance, behavior management, and assessments create a structured system. This helps promote consistency and reduces the potential for bias in decision-making.; ; Communication: GroupEd's communication features facilitate engagement with parents and students from diverse backgrounds. This promotes inclusivity and helps ensure everyone has an equal voice.; ; Company Ethos: GroupEd itself is committed to equal opportunity within its own workforce. This commitment should ideally be reflected in their dedication to providing tools that aid schools in doing the same.

  Wellbeing

  The MIS brings together student information such as attendance, behavior, academic performance, and safeguarding concerns. This provides a holistic view of each student, empowering staff to identify potential wellbeing issues early.; ; Effective behavior management is crucial for student wellbeing. GroupEd's tools help track behavior patterns, both positive and negative, allowing for targeted interventions and support.; ; Communication tools facilitate open dialogue between schools, parents, and students. This fosters a sense of community and allows for concerns to be raised and addressed quickly.; ; By automating administrative tasks and streamlining processes, GroupEd helps to reduce teacher workload, a significant factor influencing wellbeing in schools.; ; GroupEd's analytics can reveal trends in attendance, behavior, and academic data that might signal potential wellbeing concerns. This allows schools to take proactive measures.

Pricing

• Price: £650.00 to £20,000 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Everything is included for 60 days.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cerys@grouped.org.uk. Tell them what format you need. It will help if you say what assistive technology you use.