Peritus Learning and Development

Blended learning solutions to meet your objectives, develop your people, get results

Tailored solutions to meet your business objectives. Develop your people, track results. Expert led courses, resources, tools from a team with over 20 years in learning and development. Easy to use online platform. Detailed automated reporting. Gamification for team engagement. Add learning plans. People strategy support available. Ongoing support included.

Features

  • Over 50 courses – for team development and compliance management
  • One customised platform for your business
  • Full automated real-time reporting
  • One system for everyone that’s easy to use
  • Access on any device from anywhere
  • Add your own content and career pathways
  • Gamification to add fun including certification
  • Automated/scheduled training refreshers
  • All online courses are a max of 20 mins long

Benefits

  • Learning solutions tailored to your business objectives
  • Develop your people with the skills they need
  • Blended learning with both online and face to face solutions
  • Save time, resource and reduce admin with automated reporting
  • Keep everything in one place by adding your own content
  • Simple for everyone to use
  • Engage your teams through gamification tools
  • Dedicated account manager to work with you/unlimited support
  • Strategic people strategy support available
  • Access to further learning

Pricing

£1 a person a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stevewalker@perituslearning.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

3 4 5 2 9 2 8 2 4 0 3 9 7 2 2

Contact

Peritus Learning and Development Steve Walker, Chief Executive
Telephone: 01162688727
Email: stevewalker@perituslearning.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
HR Management Systems
Employee Benefits Systems
Talent Management Systems
Other internal organisational systems
Cloud deployment model
Private cloud
Service constraints
Support service business hours 9-5 GMT, business day.
Infrastructure designed to support updates by the engineering and support teams without the need to interrupt the Software Services.
Peritus will use commercially reasonable efforts to perform routine scheduled maintenance during non-business hours.
Supports all major browsers and operating systems.
System requirements
  • Microsoft Edge: last 2 versions
  • Mozilla Firefox: last 2 versions
  • Google Chrome: last 2 versions
  • Safari: last 2 versions
  • Microsoft Windows 8 and or higher
  • OSX: Last two major releases
  • Most Linux distributions
  • IOS: Default browsers in version 10 and above
  • Android: Default browser in version 6.0 and above

User support

Email or online ticketing support
Email or online ticketing
Support response times
Serious Incident Response intervention within 2 business hours.
Standard Incident Response acknowledgement within 4 business hours.
Business hours is 9-5 GMT, Mon-Fri excluding bank holidays
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AAA
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
No
Support levels
Serious Incident
“Serious Incident” means a serious problem on production environments that involves all users. Severe degradation of performance that involves all users.
Serious Incident Response intervention within 2 business hours.
Standard Incident
“Standard Incident” means bugs that do not impact all users or requests for clarification.
Standard Incident Response acknowledgement within 4 business hours.
Incident Response Process
i. The Customer (or the Customer’s point of contact) sends a request to Peritus via email or telephone
ii. The request is handled as follows:
a. incident registration;
b. ticket number assignment to the Customer if applicable;
c. inclusion of the request in the helpdesk system;
d. ticket profiling; and
e. task prioritisation
iii. First dedicated interaction for diagnosis and identification of the reported issue within 16 hours via email or telephone call.
iv. ETA notification to the Customer, and update about any ETA changes.
v. The Customer is informed about the successful resolution of the problem (this message closes the support process).
Support available to third parties
No

Onboarding and offboarding

Getting started
We provide a full implementation and onboarding programme which includes an onsite meeting, remote training, user documentation and a full project plan.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
User data can be exported via CSV and uploaded to new system.
End-of-contract process
There is no additional cost the customer will simply renew their contract for an agreed term with Peritus, or move to another provider by transferring their data before the contract end date. Peritus will also delete all data at the end of the contract under our data retention policy.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Mobile is for users only, not for administration functionality purposes.
Service interface
No
API
Yes
What users can and can't do using the API
Users cannot make changes to API. For all API integration work this is to be managed by Peritus. We will provide an additional proposal as per the costs associated.
API documentation
No
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The platform can be customised and white labelled. Users cannot make these changes themselves, however as part of our on-boarding process this will be discussed and configured. Training is provided by Peritus to allocated power users.
Customisation:
Branding of the system to include;
Colour scheme
Course player background
Font configuration, requires a Google font
Logo
Favicon
URL
Footer text or image

Configuration of the system to include;
Home screen / log in screen picture and log in box position, background colour, image or video
Dashboard design and Widget selection (max 10 Widgets)
Onboarding of users inline with organisational structure
Customisation of the user menu
Automation of functionality and notifications

Scaling

Independence of resources
Peritus has established the Software Services such that it should be available at least 99.5% of the time on a 24/7/365 basis.

We provide full contract support to all customers with a range of suitably qualified employees; each customer is owned by designated individuals. Using a project plan each part of the process/contract is owned by an individual and manager. This ensures our customers have a designated person in the business to contact for their specific needs as well as a clear escalation route. Service levels are constantly reviewed with additional resources provisioned where necessary to maintain contracted KPIs/expectations.

Analytics

Service usage metrics
Yes
Metrics types
Volume Metrics
User Statistics (active users per month)
Training Time (hrs in total / hrs average / average per course)

Users’ Behaviour Metrics
Sign-Up Rate (users signing up to courses)
Users’ Course Status (average number of course enrolled on / status of the course)
Course Completion Rate (enrolled vs completed courses)

Testing Metrics
Pass/Fail Rate
Average Test Score

Gamification Metrics
Points / Badges
Competitions

Engagement Metrics
Employee engagement (through impact on EOS / retention figures)
Course Ratings

Cost Saving Metrics
Time Saved (travel time / study time)
Training Delivery (online training replacing traditional training)
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Peritus (white-labelled solution)

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
By CSV file, or Excel from within the system.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Peritus has established the Software Services such that it should be available at least 99.5% of the time on a 24/7/365 basis.

If Peritus fails to achieve the Availability Percentage for two consecutive calendar months, then, as the Customer’s sole remedy for such failure, the Customer may elect to terminate this Agreement within 30 days after the end of the second month’s measurement period by delivering Peritus written notice of such termination. If the Customer fails to deliver such notice within such 30-day period, the Customer’s right to terminate for such failure is waived, without prejudice to any rights to terminate under this section for future failures to achieve the Availability Percentage.

Any fees paid by the customer for that year's subscription would be repaid pro-rata.
Approach to resilience
The platform architecture is deployed by leveraging AWS features. Critical platform components are replicated across multiple AWS Availability Zones, each of them designed as an independent failure zone. All data centres are online and serving customers. No datacentre is "cold". In case of failure, automated processes move customer data traffic away from the affected area. Each availability zone is designed as an independent failure zone.
This capability is leveraged by balancing the architecture components between two Availability Zones to keep the system operational even if one stops working.
In case of a failure, the DNS is configured to exclude the unhealthy services from the pool of available services and redirect the traffic to the operational Availability Zone. To cover the increase of traffic in the new zone, the automatic scalability process will begin creating the extra resources needed to keep the service at an acceptable response level. Once the original Zone is back online, the operation team follow a standard procedure to remove the old services that are out of sync. They will then recreate the needed system and link this with the other Zone. The traffic will then start flowing into the original datacentre.
Outage reporting
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
The organisational structure provides a framework for planning, executing and controlling business operations. Special responsibility is designated to different roles to manage aspects of the internal controls over security, availability and confidentiality.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
ACN Limited
ISO/IEC 27001 accreditation date
13/06/2018
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials
  • IASME
  • SOC 2 & SOC 3
  • ISO 9001

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
IASME and Cyber Essentials
Information security policies and processes
Docebo maintains an Information Security Management System (ISMS). Within this framework Docebo have defined an information security program implementing policies, procedures, administrative and technical safeguards to help ensure customer security, availability and confidentiality commitments can be met.
Policies are reviewed on at least an annual basis.
Procedures have been established in order to set basic rules for building security into the entire HR process to ensure that policies and procedures are in place to address security issues.
Personnel are required to complete security awareness training.
Peritus staff are required to undertake compliance training on an annual basis.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
A systematic approach is applied to managing change and ensure that changes to customer-impacting aspects of any LMS functionality are reviewed tested and approved. Change management standards are based on established guidelines and tailored to the specifics of each change request. Program change documents and security best practices are documented on the Docebo content and collaboration system.
The development environments are accessed only by authorised developers and the testing environments are separated from the production environments.
Changes are tested according to established Change Management standards prior to migration to production.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
To obtain information about vulnerabilities the following are regularly reviewed:
Vulnerability Risk Management Program,
Simulated Event Testing Program,
Bug Bounty Program,
The results of the assessments are monitored and worked in order to evaluate the associated risks along with the remediation actions to be taken. In the event that a potential or actual breach is detected the task to identify the cause and remediate the breach is worked immediately. In such action involve patching, patches are tested and evaluated before they are installed to ensure they are effective and do not result in side effects that cannot be tolerated.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Continuous monitoring is performed for recommended critical patches and upgrades in order to mitigate risks resulting from exploitation of published vulnerabilities. Any detected security vulnerability is triaged and remediations are prioritised above and beyond to CVSS score depending on several other factors such as exploit availability, malware availability, social media activity, affected assets value etc.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Documented policies and procedures for reporting security, availability and confidentiality incidents are in place for identifying, acting upon and reporting failures, incidents and other security concerns. Incidents are logged within a ticketing system, assigned severity rating and tracked to resolution. An Information Security Incident Response Team (ISIRT) is in charge for the response and mitigation activities and escalation of incidents.
Users are responsible for reviewing incident and service level reports provided where applicable and reporting any issues based on terms of the service agreement.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£1 a person a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
We provide comprehensive online demonstrations to key contacts and stakeholders. We also provide a login for key contacts to review the online learning solution in more detail and review some of our courses. This provides the customer with more than enough understanding to base a decision on.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stevewalker@perituslearning.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.