kokm End Point Assessment
kokm End Point Assessment platform (EPA) is a highly featured End Point Assessment system for End Point Assessment Organisations (EPAO) that want an online and blended assessment platform for Apprentices. kokm EPA is a fully tailorable eCommerce enabled website and EPA Platform for Apprentices, Assessors, Training Organisations, Employers, IQA, EQA.
Features
- Unified EPA digital workplace: all in one
- Integrations to legacy applications
- Workflows for Apprentices, Assessors, Training Company and Employers
- Feedback processes, web-forms, portfolios, scoring and verification
- Learning Management System and Assessments
- Bookings and Events
- Knowledge Library
- Digital Asset Management
- Real Time Reporting
- eCommerce and Shops
Benefits
- Single digital interface improved productivity, engagement & collaboration
- One place to work, learn, share and sell -tailored workflows
- Assessment and feedback process
- Instant Chat equivalent to leading stand alone tools
- Advanced easy booking of resources and people
- Multiple content types with any user editing and puiblishing
- Easy and speedy access to all information
- Advanced search and find Google like listing and power searching
- Simple publishing of content to the website
- Flexible workflows bending the SaaS to your needs
Pricing
£3,500 to £100,000 a licence a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 11
Service ID
6 6 0 7 3 7 5 8 7 0 4 4 5 5 0
Contact
iWise2ebusiness Ltd
<removed>
Telephone: <removed>
Email: <removed>@fe92ea53-8c59-43b9-904d-761fefb322eb.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
- The service does not have any constraints. The service is deployed with all its features and can then be tailored to the client workflows and needs.
- System requirements
- No specific system requirements
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Monday to Friday UK Business Hours are standard. Extra support e.g. 24x7 can be purchased.
Support can be contacted via phone, email or chat systems.
Acknowledgements are instant and issues addressed according to priority.
Usual responses are:
Guidance <24 hours
Short response <2 hours
Minor <1hrs
Significant <30 mins
Critical <15 mins - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 AAA
- Web chat accessibility testing
- None
- Onsite support
- Yes, at extra cost
- Support levels
-
Support is provided to Client Senior 'Site wide' Administrators from the Client Service Manager as part of the contract at no extra cost.
The kokm platform is intuitive for users and they require no additional training or direct support.
A support site is available for Client Senior 'Site Wide' Administrators.
24 x7 or extended user support is at additional cost. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Kokm works closely with each client to define needs and set implementation plans.
kokm implements via a project that has detailed project controls and communications to meet the implementation plan requirements as agreed with the client.
kokm provides detailed support and training to key client users.
Training is often via web conference but can be provided on-site (additional costs may apply).
kokm is intuitive to users so no additional training is required. The kokm system provides at the point of use guidance.
kokm provides a support site for Client Site wide Administrators with a wealth of additional support information, videos etc. - Service documentation
- Yes
- Documentation formats
-
- HTML
- Other
- Other documentation formats
- Via kokm support website
- End-of-contract data extraction
-
All data belongs to the user.
kokm will transfer data to the Clients nominated resource as required providing that transfer is technically feasible. - End-of-contract process
- Kokm provides data transfer and content transfer if required. This is achieved via either a system to system data transfer, making files and folders available for transfer or is achieved through downloads. This can attract day rate costs depending on the methods and mechanisms chosen. All content belongs to the client and is actioned according to the clients requests e.g. data destroyed. Post completion of any data/content transfers the site and all remaining items are destroyed.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Kokm is a fully responsive website and works across all devices.
- Service interface
- Yes
- Description of service interface
-
Kokm is a fully responsive eCommerce enabled website/portal and platform.
It can be accessed as a website: external users seeing the website public content.
Members/staff/clients/suppliers/community/network (approved users) can log in from the website to use the internal features of kokm and/or access direct from integrations with or without the web presence via API's, OAuth, LDAP and SAML with Single Sign On (SSO).
Users can be synchronised with other identity management software such as Microsoft ADFS/AD, OKTA etc.
If integrated users access kokm's tailored landing page dependent on the integration configuration and the users permissions, groups and roles. - Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- None
- API
- Yes
- What users can and can't do using the API
-
Kokm has API's that enabled user integrations and also has SAML capability.
kokm has capability to integrate through RESTful APIs, OAuth, LDAP and SAML.
kokm can build/adapt API's as required or integrate to APIs.
kokm controls all aspects of its API and set up. - API documentation
- No
- API sandbox or test environment
- No
- Customisation available
- Yes
- Description of customisation
-
Kokm is a flex-SaaS.
kokm works with the buyer to customise:
Look and feel (fully eCommerce enabled website): Any design can be accommodated.
Branding, Workflows, Reporting, Integrations, User menus and navigation, Naming conventions and nomenclature, Languages and currencies, User journeys, User communications, Bespoke database additions and data collections, IOT (Internet of Things) inputs and graphical displays.
kokm is designed as a flexi-SaaS enabled high degrees of branding, tailoring and customization.
Some of these customisation are done at set up and in the hands of kokm ongoing others are in the hands of the buyer's nominated Client Sitewide Administrators.
kokm has the capacity to create and develop bespoke additions to the base kokm tailoring the platform to the client's exact needs. Legacy systems can be integrated and data transferred from retired systems e.g Filestores like Sharepoint.
Scaling
- Independence of resources
- Kokm is hosted in Amazon Web Services (AWS) and utilises scaling technology across its infrastructure. kokm also provides discrete environments for its clients ensuring the key compute elements are isolated to a particular client. kokm also load balances and duplicates key components of its architecture.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Kokm provides reports and usage information across a broad range of site activity, user transactions and content usage.
Report metrics come from the database and from kokm's Learning Record Store which is tracking activity via xAPI (Experience API). - Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Data can be exported in a number of ways depending on the need within the system. Some data may be exported via integrations/VPN links or downloaded by users or administrators in csv/excel files. kokm has the ability to download many tables and attachments so files may also be downloaded. kokm can also bulk export data if requested or set up automated processes to do the export.
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- Users can download to PDF or Print versions of pages
- Users can download documents made available for them to download
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- PDF, Open Office, Microsoft Office Word Powerpoint Excel etc
- Zip files for SCORM xAPI from third party tools
- Video files: avi, mp4, WMV etc
- Audio files: mp3, eav etc
- Images/Pictures: jpg, png, gif, PSD, etc
- Other file types can be supported
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection within supplier network
- Kokm's data sits in a Virtual Private Cloud behind Web Application Firewalls inside security subnets and data can be encrypted at rest if required.
Availability and resilience
- Guaranteed availability
-
Kokm provides dupliacted load balanced architecture to provide the highest levels of business continuity.
kokm as a Saas over the internet aims for 99.9% available and has an SLA fo 99.5%.
kokm immediately addresses any outage should it occur and would work with you on restoration should such an event occur. - Approach to resilience
- Kokm provides a resilient architecture and more detailed information is available on request.
- Outage reporting
- Kokm immediately advises key personnel directly if an outage occurs,
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Dedicated link (for example VPN)
- Username or password
- Other
- Other user authentication
-
Kokm is a fully eCommerce enabled website so when is use to the piblic as well as signed in authenticated users kokm is used by the public and these users are not authenticated.
Authentication takes place when a user transacts and communicates with the kokm database (e.g. purchases an item) or is logged in.
kokm can authenticate users via a number of methods and provide Single Sign On (SSO). kokm can use Identity Management capabilities such as ADFS and Active Directory and third party services for example OKTA. - Access restrictions in management interfaces and support channels
-
Kokm is built as one product and management and support access the site as normal users enabling them to use the capability of kokm. They will however be presented with additional options, menus and navigation controls because they carry a support of management role.
Access to capabilities in kokm is driven by your roles, permissions and team membership along with the hierarchy. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Other
- Description of management access authentication
- All users access kokm in the same way but are restricted in what they can do based on their roles, permissions and team membership and their position in the organisation hierarchy.
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- E-Zest Ltd and AWS
- ISO/IEC 27001 accreditation date
- 31/12/2018
- What the ISO/IEC 27001 doesn’t cover
- Note: Our software supplier/developers and hosting environments meet these requirements.
- ISO 28000:2007 certification
- Yes
- Who accredited the ISO 28000:2007
- E-Zest Ltd and AWS
- ISO 28000:2007 accreditation date
- 31/12/2018
- What the ISO 28000:2007 doesn’t cover
- Note: Our software supplier/developers and hosting environments meet these requirements.
- CSA STAR certification
- Yes
- CSA STAR accreditation date
- 31/12/2018
- CSA STAR certification level
- Level 3: CSA STAR Certification
- What the CSA STAR doesn’t cover
- Note: This is notifying that our Hosting environment AWS meets these requirements and will certify its data centre on an ongoing basis. The date in nominal.
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Kokm utilises hosting and other service providers that meet ISO27000 and other significant standards. We require evidence of these standards and their maintenance.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Kokm utilises a ticketing system using well known proprietary ticketing and code release applications. All changes go through this controlled process accompanied by a staged development through testing to production process.
All changes are approved through this process and testing. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Threat assessment is undertaken in several ways:
1. CTO and Executive level constant scanning of environment
2. Alerts from providers of any element of the kokm architecture
3. Software deployed in the kokm architecture to alert, detect and prevent
Changes are deployed based on severity and any safety patches required are immediately deployed. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Kokm deploys management software to identify potential compromises
kokm also deploys its servers and other elements of its architecture to provide maximum prevention of exposure.
A potential compromise will be addressed immediately using the ticketing and controls system. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Kokm has a pre-defined process for reporting and management of issues.
Incidents will be detected by kokm and immediately ticketing into its incident control.
A user identifying an issue has direct contact into a Client Services Manager and will report direct either through phone, email or chat.
Incident reports are documented and manged through to conclusion.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £3,500 to £100,000 a licence a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
-
A free trial includes all aspects of kokm apart from enabled eCommerce.
There is a time limit of 1 month unless otherwise agreed. - Link to free trial
- Www.kokm.com