Student Analytics for Education
Simpson Associates Student Analytics for Education, uses descriptive and predictive analytics to give tutors and administrators a way to measure and monitor student performance.
It aggregates multiple types of student data, such as; attendance, VLE and social factors and uses machine learning to monitor for indications of risk.
- Aggregate multiple types of student data from disperate sources
- Uses machine learning to monitor for indications of risk.
- Single view of the Student
- Dashboarding and Report
- Early indication of students at risk
- Single view of a Student
- Increased retention
£50000 per unit
- Education pricing available
Simpson Associates Information Services Limited
01904 234 510
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||Can integrate with Microsoft CRM Dynamics|
|Cloud deployment model||
|System requirements||Application is a hosted web application|
|Email or online ticketing support||Email or online ticketing|
|Support response times||2 hours during weekdays|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||Our help desk is available from 9:00am to 5:30pm, weekends and bank holidays excluded. • Calls may be logged 24 hours a day and 7 days a week on our help desk portal. The response time will start from the start of the next working day. • Calls must be logged by the customer in one of the following ways: - Email, Telephone or Web Portal • The call first response time will be no longer than two hours and often much quicker. • Support calls will be prioritised as follows: o Priority 1 – the system is unusable with no work around. o Priority 2 – the system is unusable with an agreed work around or a critical error2 without a work around. o Priority 3 – all other issues • Incidents will be resolved in the following time-scales: o Priority 1 incidents we will endeavour to provide a fix or work around within 2 working days. o Priority 2 incidents we will endeavour to provide a fix or work around within 2 working days. o Priority 3 incidents we will endeavour to fix or find a work around within 5 working days.|
|Support available to third parties||No|
Onboarding and offboarding
|Getting started||Full product documentation with in application guides|
|End-of-contract data extraction||All data will be supplied in a csv file format as a simple data extract|
|End-of-contract process||All end of contract services will be described in an exit plan and form part of the costs of service.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Dashboards available on mobile devices|
|Description of customisation||Bespoke configuration of data sources and machine learning models|
|Independence of resources||Separately allocated resources|
|Service usage metrics||Yes|
|Metrics types||Usage of the platform|
|Reporting types||Regular reports|
|Supplier type||Not a reseller|
|Staff security clearance||Staff screening not performed|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Download in CSV or PDF formats|
|Data export formats||
|Other data export formats|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||See Microsoft's Online Service Terms at http://www.microsoftvolumelicensing.com/Downloader.aspx?DocumentId=13655|
|Approach to resilience||Please see https://www.microsoft.com/en-us/cloud-platform/global-datacenters and https://www.microsoft.com/en-us/TrustCenter/|
|Outage reporting||Please see https://azure.microsoft.com/en-us/status/ and https://portal.azure.com/#blade/HubsExtension/ServicesHealthBlade|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
"Azure-AD can designate separate administrators to serve different functions. These administrators will have access to features in the Azure portal and, depending on their role, will be able to create or edit users, assign administrative roles to others, reset user passwords, manage user-licenses, and manage domains, among other things. A user who is assigned an admin role will have the same permissions across all of the cloud services that your organization has subscribed to, regardless of whether you assign the role in the Office365 portal, or in the Azure classic-portal, or by using the Azure-AD module for Windows PowerShell.
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||No audit information available|
|Access to supplier activity audit information||You control when users can access audit information|
|How long supplier audit data is stored for||Between 6 months and 12 months|
|How long system logs are stored for||Between 6 months and 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||We are working towards ISO27001 information security certification and operate a system that reflects these standards.|
|Information security policies and processes||
Our information policy information ensures that data exchanged with other organisations is protected against unauthorised access and disclosure and complies with all regulations.
This applies to all forms of communications and information exchange including voice conversations in person or by telephone, video and email communications, Instant messaging etc.
Suitable security measures such as (egress filtering on firewalls) is implemented to minimise the risk of transmission of malicious code.
Employees should not compromise or disadvantage Simpson Associates or bypass other controls through types of communication, for example by email defamation, harassment, impersonation, forwarding of chain letters, making unauthorised purchases or contractual agreements etc.
Suitable cryptographic techniques are used to protect the confidentiality, integrity and authenticity of information this is outlined in the Cryptographic Controls Policy.
Employees must comply with retention and disposal requirements for all business correspondences in accordance with relevant policies and procedures.
Enforcement will be managed through audit and spot checking by the support team.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Changes to the service must be raised in writing via a standard Change Request Form.
Each Project Change Request is added to the Change Request Log
Each Change will be review and agreed with the client.
|Vulnerability management type||Undisclosed|
|Vulnerability management approach||Vulnerability management is managed though our support desk who collaborate with their customer peers. Changes will be managed through the change management processes which dictate the speed by which patches are applied.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Upon receipt of a security-relevant event, an alert is triggered. A support analyst then determines whether the event represents suspicious activity and is therefore deemed a legitimate threat or not, and, if so notifies the relevant personnel, irrespective of the time of day.
Any compromise or suspected compromise will be reported to the security team to asses the appropriate response and subject to change management processes. Threat nature will determine response time.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Application Support is provided on a 9x5.30 weekday basis as part of the solution.
An ITIL-based Incident Management process is followed by the Support Desk in order to manage individual incidents. Update and Escalation timings are in line with the Incident Priority.
Reports can be made via email, service desk portal or phone. All incidents are tracked via an online ticketing systems available on a 24x7x7 basis for customers to track and report on incidents logged.
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£50000 per unit|
|Discount for educational organisations||Yes|
|Free trial available||No|