Calibrand Limited

Calibrandtest

Calibrandtest is a powerful cloud tool that enables organisations to deliver tests, exams or assessments, to measure capabilities, skills and knowledge. It is used by candidates, students, and learners in a range of important business activities including certification, licensing, compliance testing, continuing professional development and lifelong learning.

Features

  • Multi-channel Assessment Delivery
  • Content & Assessment Management
  • Candidate & Student Management
  • Expert Marker
  • Compliance Assessment Management
  • On-Screen Script Marking
  • Workflow & Messaging

Benefits

  • Certify compliance of staff to regulatory requirements
  • Enables focused training & recruitment
  • Provides detailed reports and statistics on question, assessments and candidates
  • Ensures reliable and reproducible results
  • Handles complex marking processes so you don't have to

Pricing

£1.00 per unit per hour

  • Free trial available

Service documents

G-Cloud 10

486766700967406

Calibrand Limited

Simon Wynne

01332 222680

tenders@calibrand.com

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Calibrandtest provides assessment tools and can interchange data with other HR and Talent Management systems.

Calibrand ePortfolio is our own powerful cloud application which handles non-examination type assessments and aligns with the Trailblazer apprenticeship end-point assessment requirements. When integrated fully with Calibrandtest it offers a comprehensive one-stop shop.
Cloud deployment model Public cloud
Service constraints Calibrand provides a full Service Definition Document that details constraints.

Maintenance windows
Maintenance falls into three categories:
- Regular OS patching is done monthly, Calibrand operates at least two of each device that requires patching, and this enables staggered patching to ensure minimal impact on up-times;
- Application updates are applied on a customer by customer basis and (with the exception of critical patches) have a minimum of one-weeks’ notice; and
-Calibrand also performs a technology review, as a minimum, every three-years. This can result in weekend down time that will be notified at least one-month in advance.
System requirements
  • Client machine minimum 4GB RAM
  • 1 Mbps or higher bandwidth per client machine
  • Screen resolution minimum 1024 x 768
  • Audio output to headphones (If sound required)
  • Java Script, Pop-ups and Cookies Enabled
  • Do not support Extended Desktops for high stakes assessments
  • Client OS Microsoft Windows version 7 to 10 supported
  • Adobe or other PDF viewer (for onscreen and printed reports)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times The Service Desk operates:
Monday to Friday between 09:00 and 17:00 GMT or BST except weekends and public holidays.

The Service Desk will provide feedback to the customer as deemed appropriate but with the following minimum intervals for severities 1-4:
(Hours refer to normal business hours 09.00 to 17.00 GMT/BST).

Response Level
Informed 2.0 hours
Update 4.0 hours (refers to business working hours)

Please refer to full Service Definition Document for full details .
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Calibrand will maintain a team familiar with the service solution and its use to provide telephone support and make appropriate modifications to incorporate fault correction and enhancements.

SERVICES

The team will provide the following services:
- Advice on the routine operation of the solution;
- Fault diagnosis;
- Reporting to the customer the reason for the fault and recommendations
for fault correction;
- Estimates timescales and processes involved in rectification of the fault
if covered under Service Support;
- Quote for rectification of the issue if not covered under Service Support;
and
- Work around if available.

ADDITIONAL SERVICES

Standard
- User updates once a quarter
- Question Bank updates once a quarter
- Qualification Updates once a quarter

Premium
- User updates on demand – self service
- Question Bank updates on demand – self service
- Qualification Updates on demand – self service

Support pricing rate is included within license and usage fees. Calibrand offers all customers a named Account Manager as well as access to our Service Desk engineers.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Calibrand will create all the necessary initial user accounts, supplied in pre-defined electronic format by the customer, for the initial configuration of the cloud-based solution:
- Branding of the service with your colours and logos;
- Initial upload of Users, Courses and questions; and
- Extended webinar training.

This process will take approximately three weeks.
Calibrand offers a webinar training session for this configuration set-up.

Premium is designed for customers who require customisation to Calibrandtest. Calibrand will work with you to ensure we have the best plan to meet your requirements. A typical implementation includes:
- Project initiation (included in process);
- Planning;
- Requirements review;
- Tailoring;
- UAT;
- Implementation; and
- Training (included in setup).
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats MS Word
End-of-contract data extraction Calibrand offers clear termination terms and an EXIT Plan will be created as part of the initial implementation. Data is available in PDF or CSV format for customers as part of the agreed services fee.

If a more sophisticated data extraction and possible transfer to other format/systems is required this will be documented in the EXIT Plan and an estimate of charges pre-agreed.
End-of-contract process On notification of termination, the most appropriate off-boarding process will be agreed with a customer, but the key aspects include:
- Calibrand will continue to provide the service during the off-boarding period;
- Agree a single point of contact for both customer and Calibrand for the process;
- Agree a timescale for the service withdrawal (e.g. options include full service until termination date, limit of new registrants to ensure that existing run-down registrants have sufficient time to achieve exam or portfolio results before termination);
- Final shutdown of the solution and confirmation of the actions taken and confirmation of deletion of customer data (including all backups) in accordance with the Framework Agreements and Call-off Agreements.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Users can access and take simple assessments and tests through their tablet devices. We do not recommend mobiles for administration functions as these actions are more complex business activities and should be handled in a desktop environment.

Also, assessment managers should take note of fairness and usability across all candidates and students when setting assessments and offering different assessment devices.
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing Our applications have been used and tested with JAWS Screen Reader and tested by the Royal National Institute of Blind People (RNIB).
API Yes
What users can and can't do using the API Calibrand offers a limited API service designed for day-to-day management of activities rather than onboarding which is included within Calibrand's service to customers.

Users can manage (Create, Edit, Delete) Centres; Administrative Users; Candidates/Students; and Exam and Assessment allocations;
To return the results of candidate/student assessments.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation By default, all implementations allow for standard customisation this includes:
- Use of your logo;
- Choice of font;
- Choice of main and secondary colours; and
- Branding of results certificate

With our Premium option, the application functions may be modified to assist customers with a greater reflection of their own processes, forms, and reports. Customisation of static text and nomenclature can be handled through the application. System and process customisation is carried out in conjunction with Calibrand's consultants.

Scaling

Scaling
Independence of resources Calibrand's cloud platform utilises VM and cloud technologies. Service configuration resources that may be shared are monitored by Calibrand's Service Desk and have pro active alerts and capacity management processes in place to ensure scalability.

Analytics

Analytics
Service usage metrics Yes
Metrics types Calibrand's Monthly Service Report consists of the following:
Executive Summary;
Usage: registrations, assessments and capacity;
Server reports: response times; CPU; and memory usage;
Downtime;
Service Desk operation; and
Forward Planning.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Calibrand provides multiple options for users to export their data:
- Reporting: customers have access to a suite of reports where they can select specific data sets where they can then export to PDF, MS Excel, and/or CSV.
- APIs: Calibrand provides APIs that interface with other Customer software applications, such as CRMs, Learning Platforms etc.
- Content: Customers can export their content (e.g. Questions; Assessments) into text editors (such as MS Excel and MS Word).
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability The Service Desk response times are provided in detail in the Service Definition Document.

Standard/Premium Response Level
Informed 2 hours*
Update 4 hours*

Availability: 99% up-time
Severity 1: 4 hour solution target
Severity 2: 8 hour solution target
Severity 3: 16 hour solution target
Severity 4: as agreed

Service Credits do not apply
* Hours refer to standard working hours of incident call being logged.

Premium Response Level and Service Credit Trigger details please refer to the Service Definition Document. Service Credits are capped per month at total of monthly invoice amount.
Approach to resilience Calibrand's infrastructure is based on a resilient environment that incorporates multiple server redundancy and capacity, and the virtual platform enables additional servers to be brought online quickly. This is supported with our SLAs and our world renown platform provider. The detail design for a customer's implementation and our current/historic up-time reports are available on request.
Outage reporting We provide a customer Monthly Service report detailing a number of items including outages and downtime. We provide email alerts for real time outages and service availability.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Our Service Desk provision is based upon an agreed number of pre-authorised users with customers. We provide a dedicated Account Manager that has face to face meetings with customers and their support staff. Additionally, customers often visit our offices and meet with our Service Desk team as part of the go-live process. Email communication is from known email addresses and verbal instructions are confirmed in email.
Access restriction testing frequency At least once a year
Management access authentication Other

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards ISO 9001:2008 Certification and we have aligned our systems to and are currently preparing for ISO 27001 accreditation and ISO 9001:2015.
Information security policies and processes Calibrand's own Information Security Policy details the access rights, reporting lines, and authorities for individuals within the company.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All installations are delivered in a project format for customers in accordance with our ISO 9001 Certified quality management system. Requirements are documented and all changes are managed via a written project change control procedure. All changes are documented within Change Request designs; reviewed for appropriateness, security impact and agreed with customers before implementation. Project records are maintained throughout the term of the agreement in accordance with the terms and conditions.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Calibrand follows the OWASP best practices and undertakes vulnerability scans on a periodic basis to identify potential threats. Calibrand's development guidelines are updated regularly in line with OWASPs top 10 most critical application security list. Our vulnerability tools will assist in identifying the latest vulnerability/attacks and how to prevent them.
Calibrand will undertake a risk review based on severity, impact and likelihood. Any weaknesses are scheduled for fixing appropriately and released in a timely manner based on this risk approach.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Calibrand uses intrusion detection systems (hardware and software) to identify potential compromises. In addition, our engineers undertake a monthly review meeting that incorporates unusual activity analysis and - if required - put in place preventative actions (e.g. blocking offending IP addresses).
Incident management type Supplier-defined controls
Incident management approach Users are encouraged to report incidents either via the Service Desk or in their monthly Service Review Meeting.

The process for handling incidents of this nature are:
Contact the cloud platform provider to make them aware of the incident and ensure that their support processes are started;
Contact the customer affected to ensure that they are aware and that they can manage their system requirements appropriate during the incident and post-incident;
Where possible, use techniques such as IP blocking during both real time and post incident; and
Undertake a post-incident impact analysis & report in Service Review Meetings.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £1.00 per unit per hour
Discount for educational organisations No
Free trial available Yes
Description of free trial We offer potential customers a standard build 'sandbox' version of our system for a limited time period - usually 30 days.

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑