Allocate Software Ltd

Training Administration Management System

The ES Training Administration System (TAS) is a market leader for organisations with multiple external customers, multiple suppliers and multiple training resources. It is the software engine for many Training Companies and Training Departments. Training Management System.
Training Administration Software


  • Compliance, Training, Assessment,
  • Manages Face to face learning,web based and blended programmes
  • Customer and user login portals
  • Onsite, off-site and rollout training management
  • TNA and Level 3 evaluation analysis ensuring easy ROI calculaions
  • Internal and 3rd party supplier catalogue integration
  • Extended Enterprise, Staff, contractor and 3rd party delegate management
  • Training eCommerce, WorldPay API, brokering, invoicing, training P&L
  • Real time reporting, standard and build you own reports
  • Resource management and scheduler


  • Supports 70:20:10 learning model
  • Enables commercial training management
  • Full training centre or department management
  • Significant administration reduction by automation of communication, notifications, simple reporting
  • Enables better working practices, appropriate course fill rates.
  • Reaches the right people with targets views, catalogues, communication
  • Helps organisations meet regulatory requirements through Skill and assessment competencies
  • Integrates your learning, eLearning, 3rd party learning
  • Experienced integration with Finance, HR, CRM and ERP solutions
  • Supports organisational targets through evaluation, ROI and performance features.


£15000 per licence per year

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

1 8 0 4 2 4 9 5 3 9 9 8 7 9 1


Allocate Software Ltd

UK Health Sales

+44 (0)20 7355 5555

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints Support Hours are between GMT 0900hrs and 1730hrs Monday Friday.
System requirements
  • Support Hours are between GMT 0900hrs and 1730hrs Monday Friday.
  • A resolution of 1024x768 or higher is recommended.
  • PC - Minimum 1 GB of RAM, 1 GHz Processor.
  • Requires Adobe Acrobat Reader for reports that export to PDF
  • Microsoft Excel or Word 2003 or higher for some users

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Support response times

The Hosted Application Support Hours are between GMT 0900hrs and 1730hrs. Response Priority 1 Priority 2 Priority 3 The call will be addressed by support analyst within: 20 minutes 3 hours 24 hours Maximum target for provision of plan for resolution or circumvention 1 Day 3 Days As agreed Provision of Temporary Fix A.S.A.P. A.S.A.P. A.S.A.P. Provision of Permanent Fix A.S.A.P. A.S.A.P. A.S.A.P.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support No
Support levels Enterprise Study provide one level of premium support to all customers. This entails email and phone support. Our support team have received a 97% Net Recommender score from customers for the last 3 years. In addition to email and phone support we offer online system help via videos, pdf content and FAQ's. A dedicated Account Manager with twice yearly face to face meetings working in line with agreed KPI's with our customers. During implementation you are assigned a dedicated implementation manager and named support representative.
Monthly live webinars are scheduled to allow customers a forum to chat and provide feedback as well as yearly face to face forums.
We build a collaborative relationship with customers and are proactive in our support and account management processes.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Once contracts have been exchanged you will be introduced to your Implementation Manager.

They will guide you through the implementation process and will schedule regular calls in order to keep the implementation on track. The Implementation Manager will suggest the frequency of these calls based on the complexity of your implementation. It is essential that all parties engage with this communication. We have found that implementations that go over time or budget, or create dissatisfaction, are nearly always those where communication has been sporadic and not all the stakeholders have been involved in the process before go-live.
You will receive 3 full days of training for Administrators, held on your site.
You will be given access to user documentation and help guides.
Once your implementation is planned, we follow a tried and tested process to ensure you are supported throughout and beyond go-live. This is why our customers really love us. The process follows: Discover, Build, Verify, Rollout, Review.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction As we are ISO 9001 and 27001 accredited we follow a tried and tested process for customer decommissioning and subsequent data extraction. Prior to decommissioning notification will be sent to appropriate users (administrators) with a step by step process of anything they need to do or be aware of. We will send a copy of all the data in the same format as the Reporting Services Data Extract. This will be sent within 6 weeks of decommissioning.
The data is sent as an SQL database backup and can be sent via DVD or via the Internet, in all cases the data is encrypted.Three months after Decommission the remaining account data is deleted
Three months after Decommission the remaining account data is deleted.
End-of-contract process At the end of the contract we would look to provide a rolling contract status, re-contract under current terms, or decommission following the previous process.
If a rolling contract or re-contract is not agreed we would follow the decommissioning process. There is no cost for this.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The solution is suitable for access via tablets or desktop. These functions include authorisation workflow and viewing tasks and notifications. Complex admin functions are recommended to be undertaken on a PC or laptop.
Service interface No
What users can and can't do using the API The REST API allows you to embed training course information into another website. The API allows for either a blue-sky, simplified booking or by directly deep linking into the cloud system and its UI.
The API is set up during implementation.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation There are many customisable areas within the TMS.
Branding is customisable via support,
Invoicing and payment options (for ecommerce)
Administrators can customise:
Automated emails
Evaluations and evaluation settings
Drop-down menus
User settings, user levels.
Customer and external user portals


Independence of resources For a standard shared service it comes down to continuous improvement, the right hosting environment and good up front design. Performance is monitored continuously using a comprehensive service called NewRelic ( and if that identifies any bottle necks we respond to them.
For those that want high levels of assurance we offer a different hosting solution where you can be the only tenant. The down side is that you lose the benefit of cost savings through sharing the hosting costs.


Service usage metrics Yes
Metrics types We provide data on the number of users accessing the system over a set period (annum).
Administrators can run their own reports on usage data. This includes how many users have accessed the system, how many have accessed elearning, how many have attended courses, how many have failed elearning, how many have cancelled/transferred learning dates, how many have never accessed the system. Compliance statistics, team and departmental statistics. There an many other usage reports available.
Reporting types
  • Real-time dashboards
  • Regular reports


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Other
Other data at rest protection approach Database backups are compressed and encrypted at source.
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Standard report data is easily extracted from the system. Users can export their data via csv or excel formats for reports available on the system. Users can export their training records in the same manner.
The customer can choose whether to have a Reporting Service extract of all their data in SQL format to integrate with their BI tools. This extract would be set up in Implementation and run's daily.
Data export formats CSV
Data import formats
  • CSV
  • Other
Other data import formats
  • .doc
  • .pdf

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks Private network - you can self host, but we're not on the public sector network.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability This is determined by the individual requirements of the client.
Approach to resilience We do this by taking a layered approach. Our hosting provider, Secura, provide the virtual servers (Using VMWare vSphere) and the DR for the applications on those servers. That, in turn, is housed in dual Virtus data centres which provide the physical, power and environmental support.

We look after our part, the application at the top level, and leave the rest to the experts.
Outage reporting Our support team report outages directly to clients. We monitor our services using a number of tools, notably NewRelic.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels We use a role and permissions model.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date 01/09/2016 - audited yearly thereafter
What the ISO/IEC 27001 doesn’t cover All areas of our system and internal processes are covered by 27001
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • ISO 27001
  • Cyber Security Fundamentals

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We use the ISO 27001 framework for this (merged with ISO9001).
To ensure our policies are followed all employees undertake refresher training on the policies on a yearly or twice yearly basis. Access to certain systems are not enabled unless policies are read and confirmed as understood. We audit our processes every 6 months.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We use Microsoft Team Foundation Services for our version control and its integrated ticketing.

The deployment process is staged with automated unit testing and integration testing, together with some manual testing and integration steps.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We have these defined in our ISO 9001 processes during the design and development and ISO 27001 feeds back into ISO 9001 and manages the defects.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We have detailed error monitoring and this trips whenever a black hat attempts to fuzz the system or they probe for known vulnerabilities in other platforms (eg high levels of 404). NewRelic is also monitoring this. Between that and other controls we are able to detect, assess and respond quickly.
Incident management type Supplier-defined controls
Incident management approach We have processes in ISO 27001 and ISO 9001.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £15000 per licence per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial A "sandbox" version of the system is available to prospective clients for a month during the buying process. Buyers have access to all areas of the system. Items not included could include, but is not limited to, bespoke email templates, bespoke reports, connectors to 3rd party software.

Service documents

Return to top ↑