IBM Kenexa LCMS allows you to develop, manage, maintain and deliver modular and personalised training for your employees. With a complete solution for managing content from the moment of creation to the delivery of personalised, on-demand training modules, this system provides tools that can help you streamline the entire process.
- Rapidly develop content without programming, using built-in template-driven content development
- Integrates legacy and third-party content in virtually any form
- Use Adobe® Flash®, simulations, scenarios, built-in interactions, animations, other media
- Assemble courses from natively authored, integrated and third-party materials
- Develop assessments with built-in capabilities that exceed standalone assessment tools
- Support SME content contributions through PowerPoint Developer
- Extensive security features assign users and data to secure partitions
- Dynamically perform impact analysis on project cost and schedule
- Detailed reporting: discover the effectiveness of learning and content
- Dynamically delivers to mobile devices, smart phones and tablets
- Rapidly develop, integrate, reuse and assemble personalised eLearning
- Reduces development time/cost and maintenance time/errors
- Developers/SMEs can ask questions and share ideas, best practices
- Fosters collaboration and knowledge-sharing via social platform
- Highly interactive and engaging e-learning including animations, transitions, videos, Flash
- Collaborative development, streamlined workflow and review to facilitate team development
- Automatically determines and distributes the most recent version,
- Dynamically assembles and delivers – without complex rules or programming
- Leverage real-time, on-demand personalised learning
- Helps meet specific learning needs, standards and certifications
£3070.00 per user per year
- Free trial available
IBM United Kingdom Ltd
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||
IBM Kenexa Learn on Cloud is a platform that enables a customer to develop, provide, and track learning content. Customers may order any of the products listed below:
IBM Kenexa LCMS Premier on Cloud Author
IBM Kenexa LMS on Cloud
IBM Kenexa Hot Lava Mobile on Cloud.
|Cloud deployment model||Public cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Severity 1 issues may be logged 24 hours a day, 7 days a week. Our response time objective is to have an expert begin diagnosing your issue within 1 hour of receiving your initial report. Severity 1 issues are defined as: "A core software component is inoperable across all clients, or the service is down for all clients. This only applies to a production environment and indicates you are unable to use the program, resulting in a critical impact on operations."|
|User can manage status and priority of support tickets||No|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||Web chat|
|Web chat support availability||24 hours, 7 days a week|
|Web chat support accessibility standard||WCAG 2.0 AAA|
|Web chat accessibility testing||The IBM Talent Management solutions portfolio is required to adhere to accessibility requirements in accordance with our commitment to W3C WCAG AA requirements. Customers and prospects may request compliance reports on the accessibility status of individual products at this link: https://www-03.ibm.com/research/accessibility/requests/accvpat.nsf/bidxjs?OpenForm|
|Onsite support||Yes, at extra cost|
Standard Global Support Center Model – The Help Desk of our Global Support Center (GSC) provides the first line of technical support. Customers funnel support requests through a limited number of employees who serve as their designated contacts with our GSC. (No extra charge)
Outsourced Support Model – In our standard support model, customers funnel support requests through a small number of employees who serve as your designated contacts with the Global Support Center. In the outsourced support model, the GSC will serve as your internal help desk for all employees. (No extra charge)
(Optional) Named GSC Resource – If a client purchases a Named Resource, requests that require assistance beyond the initial support call will be handled by a named individual who will assist with all client escalations and will maintain proactive contact with client.
For larger contracts: In addition to the Help Desk, an IBM Client Success Manager (CSM) will serve as the main point of contact regarding ongoing satisfaction with the product (no extra charge). An optional arrangement may be scoped for a customer to have a dedicated CSM can work on site.
|Support available to third parties||No|
Onboarding and offboarding
As Learn clients transition from implementation to go-live, we complete a validation process that the system supports decisions made during implementation activities. In addition, we host a WebEx session to cover issues and questions that occur after completion of the implementation activities.
Training on the LCMS is provided during implementation and includes an onsite workshop for developers and administrators. Within LCMS Premier, content creation is reserved for a content developer user type. During implementation, we provide training for our clients’ assigned content developers on the Content Manager, which is the LCMS Premier authoring interface. Within the Content Manager, content developers can create new learning content from scratch, repurpose existing content, and import third-party content.
|End-of-contract data extraction||For LCMS, an SQL dump of the database and any files we store associated with the data will be made available to the customer.|
The term of the Cloud Service begins on the date IBM notifies the client of their access to the Cloud Service, as documented in the Proof of Entitlement Document (PoE). The PoE will specify whether the Cloud Service renews automatically, proceeds on a continuous use basis, or terminates at the end of the term. For automatic renewal, unless the client provides written notice not to renew at least 90 days prior to the term expiration date, the Cloud Service will automatically renew for the term specified in the PoE. For continuous use, the Cloud Service will continue to be available on a month to month basis until Client provides 90 days written notice of termination. The Cloud Service will remain available to the end of the calendar month after such 90-day period.
Numerous factors are taken into consideration when determining IBM Talent Management software and implementation pricing fees and annual subscription fees. The software subscription fee and implementation fee is primarily determined by overall employee size and scope of the project. Discount levels are provided for term of contract and for customers purchasing multiple solutions.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||The features and functions of IBM Talent Management solutions can be rendered for mobile platforms (iOS, Android, Blackberry) and do not require an app for access.|
|Accessibility standards||WCAG 2.0 AA or EN 301 549|
The IBM Talent Management portfolio is required to adhere to accessibility requirements in accordance with our commitment to W3C WCAG AA requirements.
Accessibility features vary by product. Customers and prospects may request compliance reports on the accessibility status of individual products at this link on IBM’s public website: https://www-03.ibm.com/research/accessibility/requests/accvpat.nsf/bidxjs?OpenForm
|What users can and can't do using the API||LCMS has APIs that are used for user data integration and HRIS solution integrations specifically focused on member resources, organization resources, and authentication resources. These APIs are used under the supervision of IBM Kenexa Hosting and Professional Services.|
|API documentation formats|
|API sandbox or test environment||No|
|Description of customisation||LCMS Premier is designed to support basic and advanced configuration. Multiple GUIs can be created, and content viewers and templates can be configured and even created from scratch without customization to the application. Security and workflow can be configured, and all text within the application can be modified.|
|Independence of resources||As a Cloud Service provider, IBM actively scales the system according to client demand. Through software- and hardware-based load balancing as well as database clustering, LMS and LCMS can grow to accommodate a client’s needs.|
|Service usage metrics||Yes|
The system is continuously monitored and tested regularly by the Performance Testing team in a dedicated test environment.
Cloud Operations uses a combination of third-party and internal monitoring to ensure the integrity of production sites. The production site undergoes continuous monitoring of performance through the use of tools that provide real-time monitoring of response times and issue alerts when important performance thresholds are reached. Members of the product team use tools to continuously watch performance in real time.
The Quality Assurance and Performance Engineering teams evaluate the performance of each application suite build. Performance testing focuses on evaluating response times.
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||‘IT Health Check’ performed by a CHECK service provider|
|Protecting data at rest||
|Other data at rest protection approach||Learn offers no field-level encryption. For LCMS, passwords are hashed in the database with PBKDF2 with salt. All data in the database for LMS and LCMS is encrypted using AES-256. All backups for all IBM Talent Management solutions is encrypted.|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||For LCMS Premier, content – which can be of virtually any file type – is stored in a basic simple text/editable or WYSIWYG format. When the content needs to be published, the content is exported to your desired outputs (such as SCORM, print, CD, and mobile) based upon the outputs selected mapped to the content by your content developers and the selected export generators (such as SCORM, static HTML, print, and mobile).|
|Data export formats||Other|
|Other data export formats||
|Data import formats||Other|
|Other data import formats||
|Data protection between buyer and supplier networks||Legacy SSL and TLS (under version 1.2)|
|Data protection within supplier network||Other|
|Other protection within supplier network||
While all data is encrypted in public transit, not all internal traffic between tiers is encrypted. Where interfaces between tiers are not encrypted, internal traffic is secured using firewalled networks.
Logical segregation: IBM segregates customer data logically using unique client IDs that prevent other customers from accessing a client’s data.
Field-level encryption: Learn offers no field-level encryption.
Database encryption: For LCMS, passwords are hashed in the database with PBKDF2 with salt.
All data in the database for LMS and LCMS is encrypted using AES-256.
Availability and resilience
|Guaranteed availability||IBM provides SLAs for availability in our standard agreement. For most IBM Talent Management applications, we agree to deliver 99.2% or better system uptime within each calendar month, excluding scheduled downtime for regular maintenance. Should availability fall below the 99.2% threshold in a calendar month, we offer prorated credits of the applicable service fee for that month as the sole remedy. The Service Description for each offering details whether this standard SLA for availability is provided.|
|Approach to resilience||Cloud Operations support personnel are on call to maintain availability. Critical components are protected against failure through redundancy where available. Failover-capable components are used where available. Non failover-capable components are provisioned with stand-by equipment where possible. Cloud Operations deploys tools to monitor network, system, and application components. Components are monitored with alerts of failed components being issued to Cloud Operations support personnel. Under normal operating conditions, response is usually within 15 minutes of the failure alert.|
|Outage reporting||We will provide notification to clients of any planned and unplanned system outages through your named contacts. Additionally, during system outages, we post notifications on the LMS and LCMS Premier landing pages to notify users of the outage and its anticipated duration.|
Identity and authentication
|User authentication needed||Yes|
|Other user authentication||Single sign-on is an option for all IBM Talent Management SaaS solutions.|
|Access restrictions in management interfaces and support channels||
IBM limits access to customer data to personnel with a business need to know. Various security mechanisms control access to those authorized, with application access controlled through our centralized “gatekeeper” process. Access requests are tracked through the IBM Control Desk. Anyone who has access to customer data is either an employee who signs a confidentiality agreement or, rarely, a consultant or third party who has agreed contractually to protect the privacy of our data.
System access is controlled at the server, database, application, and network levels. The Cloud Operations, Database Administration, and Software Configuration Management teams have standing access.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||Between 1 month and 6 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||Bureau Veritas Certification Holding SAS – UK Branch|
|ISO/IEC 27001 accreditation date||IBM’s ISO 27001 certificate for the IBM Talent Management SaaS applications was renewed in Q4 2015.|
|What the ISO/IEC 27001 doesn’t cover||
The following ISO 27001 controls were deemed not applicable because they are managed by our data centres.
- Section A.11 Secure Areas
- Section A.11.2 Equipment
All other ISO controls in sections 5 through 18 were covered in the IBM Talent Management SaaS applications audit. The controls under the two sections referenced above are covered in the ISO 27001 certification for the data centres in question and are addressed through data centre management controls rather than application controls.
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
IBM has an information technology (IT) security policy that establishes the requirements for the protection of IBM's worldwide IT systems and the information assets they contain, including networks and computing devices such as servers, workstations, host computers, application programs, web services, and telephone systems within the IBM infrastructure.
IBM’s IT security policy is supplemented by standards and guidelines, such as the Security Standards for IBM's Infrastructure, the Security and Use Standards for IBM Employees and the Security Guidelines for Outsourced Business Services. Our security policies and standards/guidelines are reviewed by a cross-company team led by the IT Risk organization at least annually.
The offices of the Chief Privacy Officer (CPO) and Vice President of IT Security collaborate regarding protection of data. The information security policy is enforced through protocols, regularly scheduled certification processes, technological controls, and management and staff dedication.
Our “Data Security and Privacy Principles for IBM Cloud Services” is available on IBM’s public website at https://ibm.biz/BdHtui. In addition, IBM provides clients with product-specific information systems security overviews.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||
The development and security of SaaS applications follows industry standards. Standards-based processes are built into every step of the SDLC for products. Product teams use OWASP guidelines, SANS and IBM standards for web application security and review source code using a reputable standardized tool. Applications undergo annual security assessments and periodic independent application and infrastructure penetration and vulnerability testing.
Products are upgraded with new functionality on a regular release cycle. Major releases includes functionality added in minor builds and projects timed specifically for the release.
Notification for any visible change is completed before each build, and client enablement is provided.
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||
IBM conducts regular internal application and network scans and have engaged a third party to perform regular application scans. All critical findings are remediated to close.
The installation of patches and updates to the operating system is controlled and centrally managed. Patches are deployed either during regularly scheduled downtime or, for serious threats, fast tracked to prevent exploitation of the vulnerability. All patches and updates undergo QA testing prior to general installation.
All IBM systems and workstations are protected by antivirus software that performs real-time scans. Updates to virus definitions are checked and installed automatically on a daily basis.
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||The Hosting Environment has redundant firewalls at its perimeter. Inbound firewall security policy limits access to essential services necessary to access application functionality and to remotely manage the systems. All other types of traffic are denied. A network-based intrusion detection system is enabled and a reputable managed service provider provides monitoring, correlation, and notification to the Cloud Information Security and Cloud Operations teams.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
The IBM data incident response process serves to properly report and retain documentation for events, begin remediation, discover root causes, learn lessons, and prevent similar occurrences.
IBM has a Computer Emergency Response Team (CERT) which encompasses each department’s role based on the incident. The team is composed of specifically trained and equipped employees who, working with the software business teams and other subject matter experts manage an incident until resolution.
Should an incident occur while a client’s information is in IBM's possession, the client is notified of security breaches of customer data within two business days.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£3070.00 per user per year|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||A Sandbox environment can be provided as a free trial. This has most features enabled but is not configured to meet client specific workflows. It is to demonstrate the features and functionality of the tools. The time limit is usually 2 weeks|
|Pricing document||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|