THRIVE LEARNING LIMITED

THRIVE - Learning Experience Platform (LXP) / Learning Management System (LMS)

The ultimate learning and communication platform that
helps teams innovate training, improve communication and increase employee engagement. We use next-gen technology to empower busy businesses to continuously learn, stay ahead of digital transformation and thrive at work.

Micro learning, social learning, digital learning, online learning, elearning. We do it all.

Features

  • Easy migration - Free LMS Migration Service (including Totara)
  • CPD module - log and track learners professional development
  • Social learning - Connect users through sharing and user-generated content.
  • Fully mobile responsive - Accessible anywhere and on any device
  • Full event management capabilities - mark and track attendance
  • Machine-learning - Using behavioural data, THRIVE personalises recommendations
  • Advanced Data analytics - track and report on every interaction
  • Learning management - Ensure compliance and manage face2face training.
  • Rewards & recognition - Meaningful gamification keeps learners motivated
  • Personalisation - Unique UX and UI driven experience for learners

Benefits

  • Utilise a next-gen platform to meet your learning needs
  • Deliver a consumer grade, modern experience to your learners
  • Encourage your employees to make learning an enjoyable habit
  • Manage compliance requirements easily and simply
  • Utilise automation to reduce your admins time managing a platform
  • Harness the expertise and knowledge across your business for free
  • Deliver blended micro learning programmes
  • Increase engagement of your learners

Pricing

£15,000 to £90,000 an instance

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@thrivelearning.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

3 8 0 4 2 7 6 9 3 6 8 6 5 4 6

Contact

THRIVE LEARNING LIMITED THRIVE Learning
Telephone: 07429312007
Email: gcloud@thrivelearning.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
We are committed to delivering a service with as little interruption as possible, and in fact we’ve designed our whole solution around this. This means that we can offer zero-downtime updates for the vast majority of enhancements we release to the platform.

As a result we can offer an availability commitment without any caveats - that’s 99.9% availability of the platform, measured quarterly, with no hidden maintenance time clauses.
System requirements
  • SaaS solution requires a supported we browser for access
  • Supported browsers - All
  • Internet connection

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response time is based on the severity of the issue in accordance with our SLA:

Critical (Platform inaccessible to majority of users) - 1 hour
High (Technical issues which prevent majority of users from completing learning) - 2 hours
Medium (Technical issues which impact majority of users) - 4 hours
Low (General questions or configuration requests) - 8 hours

Response times based on working hours of 9-5, Monday to Friday.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
No
Support levels
There is no additional charge for our support offering. We include Unlimited Admin Support in our per annum subscription cost and covers the following:

2nd Line - Support for customer’s named site administrators if they are unable to resolve an issue is handled by the THRIVE Support Team
3rd Line - Additional diagnosis and fixing issues raised by our Support Team is handled by the THRIVE Technical Team

The response time is based on the severity of the issue in accordance with our SLA:

Critical (Platform inaccessible to majority of users) - 1 hour
High (Technical issues which prevent majority of users from completing learning) - 2 hours
Medium (Technical issues which impact majority of users) - 4 hours
Low (General questions or configuration requests) - 8 hours

Response times based on working hours of 9-5, Monday to Friday.
Support available to third parties
No

Onboarding and offboarding

Getting started
You will be assigned a Customer Success Manager (CSM) who will work closely with your team to lead the implementation. Your CSM will be responsible for the success of your solution and holding your hand throughout the whole journey. They will scope the solution initially, ensuring you get off to a great start and then help you keep up the momentum and ensuring you get great engagement on your platform as well as sharing examples with you from other clients and injecting ideas.

We will produce a project plan with all key dates, milestones and go-live dates which will steer the project, deliver access to all training and onboarding materials online and we will begin the project with a kick off meeting with all key stakeholders.

For the implementation project, we would look to host a number of collaborative workshops with key project stakeholders require your key project team to attend. Each section of onboarding will generally consist of some training/pre-learning for your team and then a f2f or webinar (your preference) to focus on that subject.

We really hold your hand throughout this process and are the experts here to help you along the way.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
Video
End-of-contract data extraction
Thrive will, upon request, provide you with access to all available data and information needed to complete this process as efficiently and effectively as possible.

Data can be fully deleted from the live databases and file stores within 3 days of request. As part of this process we would also purge your data from most backup locations, however some information may remain within backups for up to 6 months.
End-of-contract process
We would work with our clients and liaise to support you to move.

We would look to understand the data you required and the future plans for that data in order to suggest a recommended format to transfer the information to you in.

After agreeing this, an initial dump of data and assets would be provided to you securely via SFTP, against which a test migration can be performed.

Once the migration process has been realised and tested, we would liaise with you to agree a final date for the system to be suspended and for the final data to be transferred as per the previous routine.

This information would be transferred if required utilising a secure SFTP method as described above should you choose to migrate to an alternate solution.

There is no additional cost for this service.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The THRIVE LXP Web App is fully responsive, allowing users to experience the full platform and all it's features through a mobile browser in the same way they can on a desktop device.

We have a mobile app which is optimised to make it as simple as possible for the user to consume content while on the move. As part of the first phase we focused on the content types which we could easily deliver a great user experience design for, which includes the displaying of Articles, Links, Files, videos and questions.
Service interface
Yes
Description of service interface
THRIVE is a cloud service built around a micro-service architecture. We utilise Node.JS with Restify.JS to implement a number of logical services, each of which will be made up of one containerised application.

Each micro-service offers a number of GraphQL endpoints and mutations which can then be utilised by the front end applications - usually either written in React.JS or React native.

The solution includes a number of user interfaces: two web applications written in React.JS with Redux back ends, and a native mobile application for iOS and Android written in React native and again using Redux for state management.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
In December 2019 Thrive commissioned a 3rd party accessibility audit which was conducted by Zounou.

The audit used the key user journeys of consuming and uploading content in the Learner App. Testing was conducted on the following assistive technologies:
● JAWS
● NVDA
● Zoomtext
● Dragon Naturally Speaking

As part of this process THRIVE has also recognised the need to embed accessibility considerations into its design, development and implementation process going forward. The following processess/actions has also been put in place

● An accessibility statement will be produced and this will be reviewed and updated every 6 months.
● The Customer Success and Product teams will be trained and made aware of their role and responsibilities in terms of accessibility and training will be provided. This will ensure an understanding of inclusive design and accessibility is developed and applied to implementation, design and development work going forward.
● An audit of the LXP against the latest WCAG guidelines will be carried out at least annually by a 3rd party, and where possible remedial action will be taken to address any issues raised within 3 months.
API
Yes
What users can and can't do using the API
Support for identity management using SCIM2.

Activity tracking supported by xAPI.

We also offer access to system data for reporting purposes via REST.
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
THRIVE is highly customisable. This is easily managed via the admin panel, and does not require any expert skills or knowledge to do so. THRIVE has purposely been designed to mirror consumer-grade experiences so that it is simple, intuitive to use and most importantly familiar to users and how they consume content regularly in their personal lives.

We will upload your chosen logo upon site creation and set your primary brand colours to match your brand guidelines. Updating the colour theme can be done by admins at anytime, as well as allowing the front page to be configured in a way that recommends and pushes content to learners based on what the organisation would like to encourage.

The campaigns banner located on the front page is controlled by the admins and can be configured in a way so that it is brand/aimed at different audiences or for all users.

The Discover page is also controlled by the admins and offers a highly flexible way for categorising content and allowing users to explore topics of content that are important for the customer on a bespoke basis. All of this can be done through simple configurable forms without need to technical expertise.

Scaling

Independence of resources
Most traffic to the platform is handled through Amazons Cloudfront CDN system. This allows users to access the web application and any assets (including video) from local servers, greatly speeding up the responsiveness of the tool compared to traditional monolithic applications.

We stress test our services, including all commonly accessed endpoints, using a load testing tool called "Seige". These tests are conducted on 21 individual services in order to test scaling rules and response times and have been used to handle an equivalent load of 50,000 concurrent users.

Analytics

Service usage metrics
Yes
Metrics types
KPI Dashboard

Detailed info based upon activity logging, system usage and professional development logs.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data available in JSON format via REST API.
Data export formats
  • CSV
  • Other
Other data export formats
JSON
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
We are committed to delivering a service with as little interruption as possible, and in fact we’ve designed our whole solution around this. This means that we can offer zero-downtime updates for the vast majority of enhancements we release to the platform.

As a result we can offer an availability commitment without any caveats - that’s 99.9% availability of the platform, measured quarterly, with no hidden maintenance time clauses.
Approach to resilience
We use a microservice architecture which has the huge benefit of being able to scale to handle additional load. At any time a minimum of two instances are running for each service, and as additional load is detected this can be very quickly ramped up to deal with increased workload.
Outage reporting
A public dashboard and email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Access to support is offered to privileged individuals within the customer's designated project team.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Approachable Certification Ltd
ISO/IEC 27001 accreditation date
30/09/2019
What the ISO/IEC 27001 doesn’t cover
The scope of our ISO 27001 certification is as follows: "Information security for processes based from Nottingham office in the development, provision, maintenance, support and protection of hosted digital learning platforms, content and tools, mobile application, customer and company data and associated infrastructure." This covers all services offered to customer which involve any form of data processing.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
We have an internal ISMS which is ISO 27001 certified by a UCAS registered auditor.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We maintain a strong change control procedure in accordance with the ISO 27001 standard. These controls cover changes to process, enhancements to the application and maintenance of infrastructure.

An independent auditor reviews these measures and internal compliance with them on an annual basis.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We maintain a vulnerability manage procedure which covers the key areas of Software & Dependencies and Infrastructure & Configuration.

Software & Dependency vulnerabilities are mitigated using controls around: manual auditing, peer review, automated checks and application penetration testing.

Infrastructure & Configuration vulnerabilities are mitigated using controls around: data loss prevention, configuration management, container scanning and infrastructure review.

Patches are deployed within 30 days.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Hosted environment protected with AWS Web Application Firewall and GuardDuty. All administrative activities and authentication attempts logged in independent store.
Incident management type
Supplier-defined controls
Incident management approach
Managed in accordance with our pre-defined and documented Security Incident Management procedure which ensures that all security incidents are reported promptly so that:

Any adverse effects can be minimised;
The root causes can be identified and corrective and preventive action taken to prevent future security incidents occurring;
Thrive and its employees comply with legal, customer and other third-party requirements with regards to information security, in particular the Data Protection Act 2018 and the General Data Protection Regulation (EU 2016/679).
Thrive can achieve the aims of its Information Security Policy.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£15,000 to £90,000 an instance
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
THRIVE can, upon request, provide access to a branded sandbox site.

This will include light branding (client colours and logo) and a basic, generic set of content. All features and functionality will be made available for testing.

The sandbox site can be made available for up to 28 days.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@thrivelearning.com. Tell them what format you need. It will help if you say what assistive technology you use.