MyKnowledgeMap

Justdigitalskills

Justdigitalskills enables individuals to assess and evidence their digital skills, and enables employers to assess the scope and nature of digital skills of their workforce. Standard skill frameworks such as Digital Skills Literacy and SFIA can be loaded for use. As an employer you can view actual evidence of competency.

Features

  • Self assess digital skills against a set of standards
  • Gather and attach evidence from a wide range of sources
  • Curate personal evidence to enable discovery and add context
  • Map to standards, competency and other frameworks
  • Supports multiple presentation templates including resume and book formats
  • Supports task management, open badges and micro-credentials
  • Supports grading, marking, commentary and feedback
  • Supports deadlines, reflections and organisation authored forms
  • Provides a digital skills portfolio for the individual

Benefits

  • Employer can set standards to be assessed
  • Employer can monitor and assess digital skills of workforce
  • Employer can see actual evidence of achievements and capability
  • User builds an eportfolio of achievement against a standard
  • Supports marking and feedback
  • Monitors progress of users against targets and standards
  • Support Communities of Practice
  • Support employees self assessment and self development
  • Search and discover availability of specific skills

Pricing

£4.00 to £12.00 per user per year

  • Education pricing available

Service documents

G-Cloud 9

271096236337142

MyKnowledgeMap

Rob Arntsen

01904 659465

rob.arntsen@myknowledgemap.com

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Myshowcase.me which is another service we offer.
Cloud deployment model Public cloud
Service constraints No known constraints.
System requirements Fully responsive for mobile device usage

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Working Hours are Monday to Friday between 9am and 5pm excluding English bank holidays: For Urgent incidents we start work on the issue within one Working Hour. If software and/or database correction is required, the response will be dependent on the complexity of the correction but we have a target response time of twelve Working Hours.
Response outside Working Hours are best efforts. The ticketing system is 24x7.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 AA or EN 301 549
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Our standard support is 24x7 ticketing system supported by manned helpdesk 9am to 5pm Monday to Friday. Published SLA specifies response times based on severity level of incident which is set by the customer.

Extended hours coverage can be provided at extra cost, and on-site support can also be provided at extra cost. We have both a cloud support engineer and a technical product manager allocated to the service.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide a mixture of onsite training, online training, Skype/webex conference training and user documentation.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction We can export data in an agreed format such as a CSV file.
End-of-contract process Continued online archive and access to data would be an additional cost.
Standard export to CSV file in supported formats/layout is included. Non-standard formats and tailored export formats would be an extra cost.

Individuals can elect to continue using their own free personal account at the end of contract.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Some functions on mobile work within their own offline App specifically designed to enable capture video, photo and audio evidence with added commentary.

Most functions are designed as "responsive" to handle the difference in screen sizes for different mobile devices. Where a specific function does not effectively suit a small smartphone screen the system elegantly informs the user.
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing None completed.
API Yes
What users can and can't do using the API There are various APIs available including linkage to customer specialist sources of information feeds and external "backpacks".
API documentation Yes
API documentation formats PDF
API sandbox or test environment No
Customisation available Yes
Description of customisation Customer designated system administrators can customise their organisation structures;

Customers can also customise the services mobile Apps to be customer branded and stored in customer specific appstore - at additional cost.
Customer specific template designs can be added - at additional cost.
Customers can also use the Forms authoring system to design and allocate their own internal forms to users.
Customers can add their required standards or frameworks for digital skills.

Scaling

Scaling
Independence of resources Most customers use a shared service on Microsoft Azure but we can provide customers with dedicated Azure servers if required.

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency Less than once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Various online reports are also provided with options to export the report content into Excel and other formats.
Data export formats
  • CSV
  • Other
Other data export formats
  • Word
  • PDF
  • XML
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • Video directly or links to YouTube, Vimeo and Daily Motion
  • Photos directly or links to Flickr
  • Automated feeds from user's Evernote account
  • Links from a wide range of social media tools
  • Upload of any file format

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Our target system availability is 99.9% using the Microsoft Azure service. We do not guarantee this availability and have no refund policy if this target is not met.
Approach to resilience We use Microsoft Azure datacentres. Further information is available on request.
Outage reporting Email alerts and a public dashboard.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels All access to the application is via user name and password and this can be further locked down to specific IP addresses. Access to the database and website is located down to specific MyKnowledgeMap personal only via Active Directly username and password and 2 factor authentication.
Access restriction testing frequency At least once a year
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 6 months and 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 6 months and 12 months
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification We use Stripe which is certified.
PCI DSS accreditation date Refer to Stripe
What the PCI DSS doesn’t cover Refer to Stripe
Other security accreditations Yes
Any other security accreditations Pen tested by NCC

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach Our approach to security governance is based on the following principles
• Tier 1 data centre hosting
• Out of the box / industry standard development tools
• Development best practice
Information security policies and processes We have a defined information security policy that includes the following area;
• Personnel
• Third parties
• Physical security
• Information assets
• Network security
• Security of operations and systems
• Access right management
• Continuity management
• Management of service disruptions
The Development Manager, IT Services Manager and QA Manager all report directly to the Managing Director, each with defined responsibility for information security policy conformance.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All application components changes are managed and tracked using a Continuous Integration solutions approach. All releases are assessed by the product and IT services manager in terms of test coverage and risk. Any new technical components , version upgrade etc are assessed by the development manager and IT services manager prior to being included within any release.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We use the Microsoft Trust Centre https://www.microsoft.com/en-us/TrustCenter/Compliance/default.aspx and a number of information subscript services to obtain the latest information on potential threats. And we regularly review situations that would or could impact our application and services.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach All application hosting is on Microsoft Windows Azure which is audited to SSAE 16 and ISAE 3402 standards. All service are protected by the Microsoft Azure Security Services that monitor and communicate potential security threats. Dependent on the nature of the threat these are actioned immediately or resolution action scheduled and any impacted customers informed. In additional several security setting have been enabled within the application website to automatically close the web site down if, for example, there is a brute force attack.
Incident management type Supplier-defined controls
Incident management approach The actual datacentre is managed by Microsoft Azure which conforms to ISO/IEC 27035. We manage the application directly and for any information security incident we follow this process..
1. Stop and contain 2. Eradicate 3. Analyse and report and 4. Follow up. This internal process broadly follows ISO/IEC 27035 guidelines.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £4.00 to £12.00 per user per year
Discount for educational organisations Yes
Free trial available No

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑