Shiken - AI-Powered Adaptive Learning
Shiken is an adaptive learning management system (LMS) that blends AI and scientific research into learning acquisition to personalise learning and training for organisations while delivering mindfulness and mental health support to improve student and employee well-being.
Shiken helps organisations deliver engaging, impactful, mindful and personalised training at scale.
- Personalised learning algorithms tailored to each user
- Hosted Learning Management System (LMS) designed to scale
- Single Sign On
- SCORM / Tin Can / xAPI support
- Real time reporting
- Mental health support
- Mobile, ipad and desktop
- Voice recognition
- Intelligent, personalised analytics
- Reduce training costs
- Improve learner/employee mental health
- Improve engagement with online training by breaking down topics
- Objective feedback on spoken responses
- Custom features, integrations and reports available
- Dedicated account manager to assist with onboarding and training
- Publish personalised content
- Personalise and adapt to learner needs
£10000 to £50000 per licence per year
- Education pricing available
- Free trial available
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Service constraints||Shiken is available 24/7. Users are informed in advance of any planned maintenance, which takes place outside of business hours.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||24hrs|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Onsite support|
|Support levels||All clients are able to access email, web and phone support, as well as an account manager at no extra cost.|
|Support available to third parties||Yes|
Onboarding and offboarding
We provide onsite and online training at no extra cost. User documentation and a discussion forum for managers / administrators is also provided online.
We can set up your LMS within a matter of hours, which comes with all the tools you need to invite users, add content and set up courses. However, we're also happy to spend more time setting up a custom implementation i.e. with integrations to your existing systems, helping to train and onboard your staff and import existing learning content, which we can do within 2-4 weeks.
You can perform a bulk upload of users or integrate with Single Sign On / Active Directory to provide access to the system.
|End-of-contract data extraction||We can export data collected during the contract period in most mainstream data extraction formats|
At the end of the contract, customers may renew their annual license at the same rate.
Alternatively, if a customer wishes to cancel their service and informs us in writing at least 60 days before the end of the contract, we will provide exports of their data and learning materials in commonly used formats such as JSON, CSV, SCORM or HTML as appropriate. Following this, their environment will be permanently shut down and data destroyed at a date agreed upon with the customer.
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Our mobile apps have been developed specifically for iOS and Android devices. They offer similar functionality overall, but the mobile apps also benefit from offline access and push notifications.|
|What users can and can't do using the API||API access is available on request, and at an additional cost. Users can use the API to update user information, add content, and stream analytics from the LMS.|
|API documentation formats|
|API sandbox or test environment||No|
|Description of customisation||
We have considerable flexibility in customising and adding new features, tailored to the need of each client.
Our in-house technical team are happy to work with clients on a 1:1 basis to discuss their needs.
Commonly-requested customisations involve various integrations, Single Sign On and custom reports, but we are also able to add other features to the LMS.
|Independence of resources||
We built our product to handle heavy traffic from the beginning, and utilise processes to ensure it is able to continue to handle heavy traffic.
Our application has been tailored for heavy traffic, so we plan for heavy traffic at the coding stage.
We use an auto-scaling environment, which adds new servers/capacity in real-time to meet demand.
For large clients or at an extra cost, we can host a client's instance on it's own dedicated environment.
|Service usage metrics||Yes|
Shiken has a very flexible analytics set-up. By default, we provide:
- Total / Active Users
- Time spent on platform
- Average score / improvements
And can also set up custom analytics reports depending on what each user needs.
Users also have significant control over defining their own analytics reports through an easy-to-use interface
|Reporting types||Real-time dashboards|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||Encryption of all physical media|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||Request an export from our support team|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||Service level agreements can be discussed with collaboration with customers and end-users to ensure they cover specific concerns regarding the service. In our experience, this is the best approach as our customers typically have very different concerns.|
|Approach to resilience||
We use a failover system for our server and database, whereby there are always two instances running, so if one fails another is able to take over seamlessly with no service interruption.
Our architecture is designed with scale in mind, and currently handles tens of thousands of users each day. Further information on request.
|Outage reporting||We report outages through a public dashboard and email alerts to our clients.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||We constrain the permissions of individual users and administrators to those absolutely necessary to the management and support of any account.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||Between 6 months and 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||Between 6 months and 12 months|
|How long system logs are stored for||Between 6 months and 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||Cyber Essentials|
|Information security policies and processes||
Our Chief Operating Officer (COO) oversees information security. The COO reports security policies, breaches and any updates to the board, which makes a strategic decision.
Processes are then codified and disseminated to all relevant departments, which includes engineering, IT, data science, product, and commercial.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
We have a detailed change management process, whereby all planned changes are documented. Change logging is kept on an internal ledger, and their relative priority and security impact are reviewed by our Chief Product Officer, in conjunction with our Chief Operating Officer, who reviews the proposed change in light of compliance with GDPR and other security measures we must comply by.
Once change requests are prioritised and approved, they are scheduled in our pipeline to be implemented. Changes are reviewed after their implementation and finally, the record is closed.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
Our vulnerability management process includes the following components:
1) preparation and defining scope, 2) vulnerability scan every year, 3) define remediating action, 4) implement remediating actions, 5) rescan to gauge impact of remediation plan.
Once we have identified vulnerabilities, we deploy patches as soon as possible to our services. Whilst this can vary depending on the complexity of the patch, we aim for within a few weeks.
We get information about potential threats from vulnerability scans.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
We regularly monitor for indicators of compromise, and if signs of compromise are indicated, we take immediate action.
Response will depend on the severity and type of the compromise, but we are committed in rectifying the compromise in a proportional way.
We are GDPR compliant, which means if user data has been compromised, we inform the ICO within the required timeline.
Similarly, we aim to respond to incidents as soon as possible, with proportion to the type and severity of the compromise.
|Incident management type||Supplier-defined controls|
|Incident management approach||
We have predefined processes for common SaaS incidents such as service not available, application bug, feature not usable, slow loading time, etc.
Incidents can be reported to us by our employees and by users - users can get in touch with us via email or via their account manager to report incidents.
We provide incident reports upon request.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£10000 to £50000 per licence per year|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||
We can provide a 14 day free trial for customers. This includes everything apart from features which require custom development.
Other limitations of the trial such as the amount of content and number of users are judged on a case by case basis