iWise2ebusiness Ltd

kokm End Point Assessment

kokm End Point Assessment platform (EPA) is a highly featured End Point Assessment system for End Point Assessment Organisations (EPAO) that want an online and blended assessment platform for Apprentices. kokm EPA is a fully tailorable eCommerce enabled website and EPA Platform for Apprentices, Assessors, Training Organisations, Employers, IQA, EQA.


  • Unified EPA digital workplace: all in one
  • Integrations to legacy applications
  • Workflows for Apprentices, Assessors, Training Company and Employers
  • Feedback processes, web-forms, portfolios, scoring and verification
  • Learning Management System and Assessments
  • Bookings and Events
  • Knowledge Library
  • Digital Asset Management
  • Real Time Reporting
  • eCommerce and Shops


  • Single digital interface improved productivity, engagement & collaboration
  • One place to work, learn, share and sell -tailored workflows
  • Assessment and feedback process
  • Instant Chat equivalent to leading stand alone tools
  • Advanced easy booking of resources and people
  • Multiple content types with any user editing and puiblishing
  • Easy and speedy access to all information
  • Advanced search and find Google like listing and power searching
  • Simple publishing of content to the website
  • Flexible workflows bending the SaaS to your needs


£3500 to £100000 per licence per year

Service documents


G-Cloud 11

Service ID

6 6 0 7 3 7 5 8 7 0 4 4 5 5 0


iWise2ebusiness Ltd

Martin Thomas

+ 44 (0) 7919408924


Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints The service does not have any constraints. The service is deployed with all its features and can then be tailored to the client workflows and needs.
System requirements No specific system requirements

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Monday to Friday UK Business Hours are standard. Extra support e.g. 24x7 can be purchased.

Support can be contacted via phone, email or chat systems.

Acknowledgements are instant and issues addressed according to priority.

Usual responses are:

Guidance <24 hours
Short response <2 hours
Minor <1hrs
Significant <30 mins
Critical <15 mins
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.1 AAA
Web chat accessibility testing None
Onsite support Yes, at extra cost
Support levels Support is provided to Client Senior 'Site wide' Administrators from the Client Service Manager as part of the contract at no extra cost.

The kokm platform is intuitive for users and they require no additional training or direct support.

A support site is available for Client Senior 'Site Wide' Administrators.

24 x7 or extended user support is at additional cost.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Kokm works closely with each client to define needs and set implementation plans.

kokm implements via a project that has detailed project controls and communications to meet the implementation plan requirements as agreed with the client.

kokm provides detailed support and training to key client users.

Training is often via web conference but can be provided on-site (additional costs may apply).

kokm is intuitive to users so no additional training is required. The kokm system provides at the point of use guidance.

kokm provides a support site for Client Site wide Administrators with a wealth of additional support information, videos etc.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats Via kokm support website
End-of-contract data extraction All data belongs to the user.

kokm will transfer data to the Clients nominated resource as required providing that transfer is technically feasible.
End-of-contract process Kokm provides data transfer and content transfer if required. This is achieved via either a system to system data transfer, making files and folders available for transfer or is achieved through downloads. This can attract day rate costs depending on the methods and mechanisms chosen. All content belongs to the client and is actioned according to the clients requests e.g. data destroyed. Post completion of any data/content transfers the site and all remaining items are destroyed.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Kokm is a fully responsive website and works across all devices.
Service interface Yes
Description of service interface Kokm is a fully responsive eCommerce enabled website/portal and platform.

It can be accessed as a website: external users seeing the website public content.

Members/staff/clients/suppliers/community/network (approved users) can log in from the website to use the internal features of kokm and/or access direct from integrations with or without the web presence via API's, OAuth, LDAP and SAML with Single Sign On (SSO).

Users can be synchronised with other identity management software such as Microsoft ADFS/AD, OKTA etc.

If integrated users access kokm's tailored landing page dependent on the integration configuration and the users permissions, groups and roles.
Accessibility standards WCAG 2.1 AA or EN 301 549
Accessibility testing None
What users can and can't do using the API Kokm has API's that enabled user integrations and also has SAML capability.

kokm has capability to integrate through RESTful APIs, OAuth, LDAP and SAML.

kokm can build/adapt API's as required or integrate to APIs.

kokm controls all aspects of its API and set up.
API documentation No
API sandbox or test environment No
Customisation available Yes
Description of customisation Kokm is a flex-SaaS.

kokm works with the buyer to customise:

Look and feel (fully eCommerce enabled website): Any design can be accommodated.

Branding, Workflows, Reporting, Integrations, User menus and navigation, Naming conventions and nomenclature, Languages and currencies, User journeys, User communications, Bespoke database additions and data collections, IOT (Internet of Things) inputs and graphical displays.

kokm is designed as a flexi-SaaS enabled high degrees of branding, tailoring and customization.

Some of these customisation are done at set up and in the hands of kokm ongoing others are in the hands of the buyer's nominated Client Sitewide Administrators.

kokm has the capacity to create and develop bespoke additions to the base kokm tailoring the platform to the client's exact needs. Legacy systems can be integrated and data transferred from retired systems e.g Filestores like Sharepoint.


Independence of resources Kokm is hosted in Amazon Web Services (AWS) and utilises scaling technology across its infrastructure. kokm also provides discrete environments for its clients ensuring the key compute elements are isolated to a particular client. kokm also load balances and duplicates key components of its architecture.


Service usage metrics Yes
Metrics types Kokm provides reports and usage information across a broad range of site activity, user transactions and content usage.

Report metrics come from the database and from kokm's Learning Record Store which is tracking activity via xAPI (Experience API).
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Data can be exported in a number of ways depending on the need within the system. Some data may be exported via integrations/VPN links or downloaded by users or administrators in csv/excel files. kokm has the ability to download many tables and attachments so files may also be downloaded. kokm can also bulk export data if requested or set up automated processes to do the export.
Data export formats
  • CSV
  • Other
Other data export formats
  • Users can download to PDF or Print versions of pages
  • Users can download documents made available for them to download
Data import formats
  • CSV
  • Other
Other data import formats
  • PDF, Open Office, Microsoft Office Word Powerpoint Excel etc
  • Zip files for SCORM xAPI from third party tools
  • Video files: avi, mp4, WMV etc
  • Audio files: mp3, eav etc
  • Images/Pictures: jpg, png, gif, PSD, etc
  • Other file types can be supported

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Kokm's data sits in a Virtual Private Cloud behind Web Application Firewalls inside security subnets and data can be encrypted at rest if required.

Availability and resilience

Availability and resilience
Guaranteed availability Kokm provides dupliacted load balanced architecture to provide the highest levels of business continuity.

kokm as a Saas over the internet aims for 99.9% available and has an SLA fo 99.5%.

kokm immediately addresses any outage should it occur and would work with you on restoration should such an event occur.
Approach to resilience Kokm provides a resilient architecture and more detailed information is available on request.
Outage reporting Kokm immediately advises key personnel directly if an outage occurs,

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication Kokm is a fully eCommerce enabled website so when is use to the piblic as well as signed in authenticated users kokm is used by the public and these users are not authenticated.

Authentication takes place when a user transacts and communicates with the kokm database (e.g. purchases an item) or is logged in.

kokm can authenticate users via a number of methods and provide Single Sign On (SSO). kokm can use Identity Management capabilities such as ADFS and Active Directory and third party services for example OKTA.
Access restrictions in management interfaces and support channels Kokm is built as one product and management and support access the site as normal users enabling them to use the capability of kokm. They will however be presented with additional options, menus and navigation controls because they carry a support of management role.

Access to capabilities in kokm is driven by your roles, permissions and team membership along with the hierarchy.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Description of management access authentication All users access kokm in the same way but are restricted in what they can do based on their roles, permissions and team membership and their position in the organisation hierarchy.

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 E-Zest Ltd and AWS
ISO/IEC 27001 accreditation date 31/12/2018
What the ISO/IEC 27001 doesn’t cover Note: Our software supplier/developers and hosting environments meet these requirements.
ISO 28000:2007 certification Yes
Who accredited the ISO 28000:2007 E-Zest Ltd and AWS
ISO 28000:2007 accreditation date 31/12/2018
What the ISO 28000:2007 doesn’t cover Note: Our software supplier/developers and hosting environments meet these requirements.
CSA STAR certification Yes
CSA STAR accreditation date 31/12/2018
CSA STAR certification level Level 3: CSA STAR Certification
What the CSA STAR doesn’t cover Note: This is notifying that our Hosting environment AWS meets these requirements and will certify its data centre on an ongoing basis. The date in nominal.
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Kokm utilises hosting and other service providers that meet ISO27000 and other significant standards. We require evidence of these standards and their maintenance.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Kokm utilises a ticketing system using well known proprietary ticketing and code release applications. All changes go through this controlled process accompanied by a staged development through testing to production process.

All changes are approved through this process and testing.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Threat assessment is undertaken in several ways:

1. CTO and Executive level constant scanning of environment
2. Alerts from providers of any element of the kokm architecture
3. Software deployed in the kokm architecture to alert, detect and prevent

Changes are deployed based on severity and any safety patches required are immediately deployed.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Kokm deploys management software to identify potential compromises
kokm also deploys its servers and other elements of its architecture to provide maximum prevention of exposure.
A potential compromise will be addressed immediately using the ticketing and controls system.
Incident management type Supplier-defined controls
Incident management approach Kokm has a pre-defined process for reporting and management of issues.
Incidents will be detected by kokm and immediately ticketing into its incident control.
A user identifying an issue has direct contact into a Client Services Manager and will report direct either through phone, email or chat.
Incident reports are documented and manged through to conclusion.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £3500 to £100000 per licence per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial A free trial includes all aspects of kokm apart from enabled eCommerce.
There is a time limit of 1 month unless otherwise agreed.
Link to free trial Www.kokm.com

Service documents

Return to top ↑