FFT Education Ltd

FFT Aspire

FFT Aspire is a comprehensive online reporting and data analysis tool which is widely used by schools, LAs, academy trusts, diocese and government to analyse performance and improve educational outcomes. It encompasses self-evaluation, pupil tracking and collaboration and makes use of statistical models developed by researchers in FFT's Education Datalab

Features

  • Reports and dashboard for schools, academy trusts and LAs
  • Estimates and predictions of future performance for pupils
  • Set challenging and aspirational targets for pupils
  • Identify strengths and areas for improvement
  • Direct link to school MIS to synchronise data
  • Benchmark school, LA and academy trust performance
  • Monitor and track progress for current pupils
  • Match and process pupil data
  • Compare performance to other schools
  • Measure value-added pupil progress in all subjects

Benefits

  • Dashboard reports analysing school performance and education data
  • Analyse data for pupil, school, academy trust and LA
  • Aggregate reports analysing performance for local area or region
  • Value-added analysis of education performance (results and pupil progress)
  • Estimates (predictions) of future performance to help set challenging targets
  • Improve school performance
  • Raise pupil achievement
  • Data processing: collect, match and process pupil data
  • Data is synchronised from school MIS with FFT's national datasets

Pricing

£50 to £150000 per licence per year

Service documents

G-Cloud 11

209512968507857

FFT Education Ltd

Helen Robinson

01446 776 262

helen.robinson@fft.org.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints There are no constraints that buyers need be aware of
System requirements
  • Aspire requires a computer or tablet (Microsoft, Apple or Android/Chrome)
  • Aspire requires a compatible browsers: IE, Chrome, Safari or Firefox

User support

User support
Email or online ticketing support Email or online ticketing
Support response times FFT responds to 80% of queries within one business day and all queries receive a response within 3 business days.

The time taken to resolve a query is dependent upon its complexity. In 2018, 80% of enquiries were fully resolved within one business day of receipt and 90% of enquiries were fully resolved within 3 business days of receipt.

There is no email or phone service outside of normal business hours (8.30am to 5.30pm Mondays to Thursdays, 8.30am to 5pm on Fridays).
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Support is provided by FFT as part of the Aspire subscription with no additional charge. FFT treats all calls as important and does not offer different support levels.

Some local authorities prefer to support their schools themselves (where the schools are being provided access to Aspire through the local authority) and this is catered for.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Users have access to help guides and online training videos covering different aspects of FFT Aspire functionality.

FFT also offers a wide range of introductory and advanced training modules which allow users to focus on different areas of Aspire and the use of educational data to help to improve of pupil outcomes.

Training is provided to users at venues across the country and it is possible to commission in-school training for individual schools, or groups of schools. The majority of training provided is hands-on, enabling users to gain direct experience of the insights and benefits that Aspire can provide through using their own data.

FFT also offers webinars for school governors on the use of the Aspire governor dashboard and more advanced workshops and events covering the impact of changes in education and recent educational research.

Training resources are made available to local authority trainers.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Users are provided with facilities to take copies of their data at any point during the course of the project. FFT will delete user data, other than that which provides an audit trail of activity, at the end of the project on request.
End-of-contract process The contract grants customers a license to access the Aspire portal for any number of staff. It also covers the provision of help guides and email and phone support.

FFT runs free training courses for some users from time to time, but for the most part training courses are not covered by the contract.

For local authorities, LA events covering developments in education and the most recent research using educational data are provided as part of the contract.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service All system functionality is available from mobile devices.

The service operates within a responsive layout. The navigation when accessing the service through a mobile device collapses at smaller screen sizes and content reflows to fit available space. On-screen tools maintain a persistent position where space is available. Typography and spacing adjusts to take advantage of available space.
API No
Customisation available Yes
Description of customisation Aspire is a flexible service which provides customers and users a range of areas where they can customise the service to meet their particular needs. Administrators can create unique accounts for each user, and each user can be assigned a role and privileges. This makes it possible, for example, to limit the level of access to only allow aggregate data to be viewed. Administrators can also decide the default level of challenge at which a schools wants to work. Users can customise the reports they view with an array of settings: set persistent Key Stage settings and apply filters that are carried from report to report. Uses can set email preferences about whether to receive email updates. Each user can save to a list of reports through a bookmarking system and assign descriptions to each report. LA-level administrators can create groups of child organisations, to share data. Certain users can achieve custom interfaces by accessing the system through a BI interface.

Scaling

Scaling
Independence of resources Service capacity, scalability, availability and performance is managed automatically using Auto Scaling Groups. Server scale-in and scale-out is automatic based on per minute active monitoring of server availability, performance and load. Servers are Load Balanced to evenly distribute load and where additional capacity is needed, this is managed automatically. Capacity is distributed across different UK availability zones for additional resilience. Database server capacity is over provisioned ahead of time to ensure capacity requirements are met.

Analytics

Analytics
Service usage metrics Yes
Metrics types FFT provides metrics to Local Authorities and multi-academy trusts with information about how the service is being used by schools. Metrics include information about number of users, user logins, pageviews and functional areas of service used.
Reporting types Regular reports

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Users can export pupil and school data from FFT Aspire for use by the organisation in other management information systems, including FFT's estimates of future performance. Dashboard reports can be exported for use offline and printing (PDF or Excel).
Data export formats Other
Other data export formats TSV (tab separated values)
Data import formats Other
Other data import formats MS Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability 99.5% available during Normal Business Hours, excluding any planned maintenance and loss of internet connectivity between the FFT Portal and the Customer.
Approach to resilience Information available on request
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels FFT Aspire uses role-based permissions to grant users access to the relevant areas of service. Customers are responsible for granting access to users based on the standard roles available.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information No audit information available
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 UKAS accredited
ISO/IEC 27001 accreditation date 13/4/2010, latest recertification 1/3/2018
What the ISO/IEC 27001 doesn’t cover The complete Aspire service is covered by FFT's ISO/IEC 27001 certification.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials Plus

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes FFT adopts all the information security controls identified under ISO27001:2013 (with the exception of A.14.1.3 - protecting application service transactions and A.14.2.7 - outsourced development, which are not applicable). Policies are reviewed and updated to a defined schedule. Training for staff on information security is given to staff on induction and through frequent workshops and training sessions. FFT has put in place a governance structure which includes responsibilities for SMT, SIRO, DPO, Information Security Officer and a wider Information Security Forum. Internal and external audits are carried out to a defined schedule. Surveillance and recertification audits are carried out annually / every 3 years respectively.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach A risk assessment covering information security is carried out before embarking on any new developments or significant changes. Team Foundation Server (TFS) is used for source control of code and for managing development and change/configuration. Requirements are logged and tracked through user stories, product backlog items and tasks. All changes are assessed against the FFT change management policy and the FFT Secure development policy with consideration being given to scale, scope, security and testing requirements of code and components before release to a production environment.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Potential threats are monitored and assess through a range of processes including vulnerability testing, external penetration testing and third party vulnerability management systems. The service undergoes an annual IT Health Check (ITHC) by a Crest Approved Security Tester. This includes a code review. In addition, up to date information on potential threats is obtained through security forums and from information provide by technical bodies. Patches are deployed as a matter of course on a monthly basis with more frequent patching when required.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Industry standard vulnerability management, threat management and antivirus solutions are used to monitor the infrastructure from which Aspire is delivered. In addition, regular analyses of firewall and system logs is carried out. Any alerts or risks identified are managed through an internal helpdesk system with processes to escalate serious threats and ensure prompt resolution.
Incident management type Supplier-defined controls
Incident management approach FFT has a defined process for managing security events as defined in its security event policies. Events are reported and managed through a help desk system. Prioritisation and escalation of events is established by FFT's information security manager with escalation to SMT as needed. All events are reported internal to FFT's information security forum. The classification of information security incidents is defined by FFT's information security policies. In the event of a breach, processes are in place to inform affected users, the relevant Data Controllers and the ICO.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £50 to £150000 per licence per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Schools interested in purchasing a subscription to Aspire can request access to a free trial version of the FFT Aspire dashboards and pupil tracking tool for a time limited period.
Link to free trial Www.fft.org.uk

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑