Elastic Case Limited

Assessment and Exam Solutions

We provide a suite of end-to-end tools targeting Assessments & Exams with Assessor and Secure Content and Case Management with the Flexible Case Platform (FCP).
Full list of services and components available at www.quickcase.app. From exam setup and administration through to candidate participation, scoring and results.

Features

  • Design and plan exams and assessments
  • Set up questions or question sets, randomised or timed
  • Online registration and recruitment
  • End-to-end assessments
  • Run online/remote exams
  • Automated scoring and marking
  • Generate and send feedback reports to candidates
  • Take exams on tablets and mobile devices
  • Set up delivery teams for on-day running
  • Online, video assessments

Benefits

  • Easy end-to-end exam and assessment management
  • Fast and easy setup of exams and assessments
  • Native support for reasonable adjustments
  • Cloud platform agnostic (Azure, AWS and Google Cloud)
  • Device-agnostic, browser based exams and assessments
  • Full assessment and exam type coverage
  • Secure, multi-party collaboration events, exams or assessments
  • Powerful search and reporting capability
  • Multi-user access control (fine grained)
  • Low cost of change, low cost of ownership

Pricing

£650 to £1,500 a person a day

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jon.sharpe@quickcase.app. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

1 5 0 1 6 3 1 3 1 8 0 4 3 0 2

Contact

Elastic Case Limited Jonathan Sharpe
Telephone: 07500988810
Email: jon.sharpe@quickcase.app

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints
N/A
System requirements
  • All modern web browsers (IE11+)
  • Tablet, mobile device, desktop, laptop

User support

Email or online ticketing support
Yes, at extra cost
Support response times
4 hours during the day (9-5)
Overnight, next morning at 10am
Weekend - 24 hours
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
No
Web chat support
Yes, at an extra cost
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Via the client portal provided by our support solution.
Web chat accessibility testing
Web chat provided by 3rd party, freshdesk.
Onsite support
Yes, at extra cost
Support levels
We provide an account manager on all GCloud engagements with responsibility for ensuring customer objectives are met, and for addressing any issues with service delivery. Our account managers act as an escalation point, and can be reached via email, to respond to issues beyond the control of the team providing the service. Account management is included within our service pricing.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Documentation and training are provided to clients where required.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
A ticket can be raised in the support system, with the usual SLA applying. Data will be provided as a database export in .csv format
End-of-contract process
If you wish to terminate your contract, there are no additional costs. All data is removed from our system and a data export is provided, assuming you are hosted on our infrastructure.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The product provides an administrative interface primarily intended to be used on desktops/laptops. However, the UI is built on top of a responsive grid system, which makes it compatible with phones and tablets.
The solution used by exam candidates is browser-based and device agnostic.
Service interface
Yes
Description of service interface
The assessment management interface (for exam admins) is dynamically generated based on the specific configuration for that assessment/exam type. The UI is used for assessment management and candidate tracking. Exam admins are initially presented with a list of candidates, exams or assessments, depending on their preferences. From there they can select and manage individual candidates and exams.
Exam admins can also use the search capability to find candidates.
Accessibility standards
WCAG 2.1 A
Accessibility testing
Tested with JAWS screen reader and Pa11y.
API
Yes
What users can and can't do using the API
Candidate and exam creation and progression
Candidate and exam retrieval and search
Document upload and retrieval
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The assessment management system is a highly-configurable service. Exams and assessments can be customised as well as most data fields and permissions.

The business/client (or nominated 3rd parties) can customise the tool through the use of a dedicated administration portal.

Scaling

Independence of resources
Auto-scaling
Auto-remediation

Analytics

Service usage metrics
Yes
Metrics types
Candidate and exams created
Candidate and exam progression events
Candidate and exam activity
Error reports
Active users
System metrics (CPU, Memory, network)
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data is exported via .csv files and JSON
Data export formats
  • CSV
  • Other
Other data export formats
JSON
Data import formats
Other
Other data import formats
JSON

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Service Availability Percentage
- Less than 99.95% but equal to or greater than 99.0% 10%
- Less than 99.0% but equal to or greater than 95.0% 25%
- Less than 95.0% 100%
Approach to resilience
Multi-availability zone replication (for networks, cluster, database)
Self-healing
Auto-scaling
Outage reporting
Public service status page

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Role based access only
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Security governance is a high priority and our co-founder and director, who is also the primary Solution Architect, provides assurance that our security governance protocols are fit for purpose.
QuickCase will be working on formal ISO/IEC accreditations in due course, when a new project requires these specifically.
Information security policies and processes
Security governance is a high priority and our co-founder and director, who is also the primary Solution Architect, provides assurance that our security governance protocols are fit for purpose.
QuickCase will be working on formal ISO/IEC accreditations in due course, when a new project requires these specifically.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
HLD submitted to architectural governance for approval.
Iteration of components are associated to versioned HLDs.
API iteration is tracked through semantic versioning.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Dependencies and vulnerability detection built as part of continuous integration pipeline.
Highest priority as no further integration can happen.
CVE & NVD databases.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Alarms/alerts based on aggregated system metrics.
Assess threat, prioritise and fix.
Based on priority (within hours to days).
Incident management type
Supplier-defined controls
Incident management approach
Pattern-recognition as part of monitoring to automatically create incidents.
Users can raise incidents directly through our (or the clients) incident management system.
System-generated reports (daily, weekly, monthly).

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£650 to £1,500 a person a day
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jon.sharpe@quickcase.app. Tell them what format you need. It will help if you say what assistive technology you use.