The Working Manager Limited

TWM Core Learning Experience Platform

The TWM Core Learning Experience Platform comes with everything you need to get your online learning strategy started. Our flexible modular approach lets you expand the functionality and content offered from within the platform. This is the right approach to help you demonstrate return on investment and return on excellence.


  • Easy authoring and dissemination of content
  • Easy to access on any device
  • Present content based on role and career with Learning Pathways
  • Learning Record can be used to simply assign mandatory content
  • Learning Communities enables learners to interact with each other
  • Enable Line Managers to explore the progress of their staff
  • Event Booking System enables the management of Face-to-Face courses
  • Policy tracking tool allows dissemination and acceptance of policies
  • Off-the-shelf content to enrich your platform
  • Real-time reports can be simply accessed via Site Manager


  • Create an enthused culture of learning and drive potential
  • Create an engaging, user-centric learning experience
  • Make the traditional LMS more intuitive and user friendly
  • Encourage and support social learning and interaction
  • Understand and track what your learners use and need
  • Ensure you are meeting mandatory and compliant learning requirements
  • Increase the performance of your organisation and your workforce
  • Reduce the costs of Face-to-Face training programmes
  • Personalised to the organisation and learning objectives of each individual
  • Enables line managers to track and encourage learning and development


£12,500 an instance a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

8 0 2 8 8 8 0 6 8 8 0 5 5 9 0


The Working Manager Limited Philip Purver
Telephone: 07768104254

Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
System requirements
None. Only a web browser is required

User support

Email or online ticketing support
Email or online ticketing
Support response times
Target Response Time is 48 hours
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Support is included to the administration team of the core TWM Learning Experience Platform. This is typically managed remotely. Onsite support is available from a consultant at a cost of £850 + VAT per day plus expenses at cost.
Support available to third parties

Onboarding and offboarding

Getting started
Our team of skilled account and project managers can help you analyse the opportunity of moving to the TWM Platform and enable you to create a user-centric environment where learners will not only come to once but on a sustainable basis.

All of our account managers have been exactly where you are and can provide practical advice, having all been Learning and Development Managers with some of TWM’s clients. This means they can empathise with your challenges and offer insight in a way other providers are unable to deliver. Every TWM client is assigned a dedicated account manager who will be your primary contact and will work with you to manage the delivery, and importantly the help you drive adoption of your solution. Support is provided at every step from initial scoping through to delivery and continued use. We will help make sure that your portal evolves with your needs.

As our account managers are uniquely qualified and experienced as Learning and Development Managers, they are well equipped to advise you on the best approaches for both roll out and adoption, as well as how to best leverage benefits from the functionality you will have available to you.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Content developed by the client is of course owned by the client and will be returned by placing a request with their Account Manager
End-of-contract process
At the end of contract that is not renewed, the users TWM Core Learning Experience Platform solution will be archived with user access removed. Any data to be returned will be agreed. If a client requests that their solution is permanently deleted, this will be done within 30 days.

Using the service

Web browser interface
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
None. The TWM Core Learning Experience Platform uses a responsive design to adapt to mobile devices.
Service interface
Customisation available
Description of customisation
Using the Site Manager tool client can customise the design, branding and layout of their portal to create their own unique organisation learning space.


Independence of resources
Each client has their Core Learning Experience Platform solution hosted on their own area of TWM's dedicated servers housed by Rackspace, a leading ISP. TWM monitors individual client usage and server performance to make improvements where necessary and maintain exceptional performance levels.


Service usage metrics
Metrics types
Metrics are provided through the Site Manager tool so that managers can understand who is accessing content and when as well as progress. This helps identify engagement strategies to achieve the highest level of engagement possible.
Reporting types
Real-time dashboards


Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Exported information must be carried out by our technical team and can be requested through a client's Account Manager.
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats
  • CSV
  • Other
Other data import formats
  • Content can be uploaded in any format
  • User data can be imported using CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Availability: 99.5% during the core day. Not more than 2 hours unavailability in any core day

All of the above service levels are measured on a monthly basis. A working day for the purposes of this Schedule shall be Monday to Friday, excluding public holidays and bank holidays. A core day for the purposes of this Schedule shall be (Monday – Friday 09:00 – 17:30hrs).

Availability shall be calculated using the following mechanism

A = (600 x WD) (D Dp) x 100
(600 x WD)

A = Availability in %
600 = Number of minutes per working day
WD = Number of working days per calendar month
D = Total downtime recorded in minutes
Dp = Planned downtime and agreed exclusions recorded in minutes which is scheduled in advance to perform system testing, upgrades, enhancements and routine maintenance activities.

Failure to meet availability levels will be discussed commercially with your Account Manager.
Approach to resilience
The Core Platform is hosted by Rackspace - a Tier 4, ISO27001 compliant datacentre in the UK.

The technical resilience of the service is supported through:
• Use of an established data-­‐centre, Rackspace, registered to ISO27001
• Multiple data-­‐lines and ISPs to the data-­‐centre
• High specification dedicated servers for the application and data.

A managed backup plan at RackSpace causes a daily backup of live production data and each day takes an “image” of everything regarding the data and site configuration for the clients site.

Backups are retained for 14 days. The backups are not encrypted as they are retained onsite within the data centre, with the policy being that only backups taken offsite being encrypted. Encryption of backups can be made at request of the client but there may be an additional charge. After the backups have expired they are aged off and overwritten.

The application and database servers have multiple hard drives and use a combination of RAID types 1 and 5 depending on requirements to keep systems running in case of hard drive failure.

Prior to software upgrades we take a full backup of the server. enabling complete recovery of a previous version if required.
Outage reporting
Clients will be notified of an outage by email from our support team in the event of any problems. We will always strive to rectify problems as soon as possible.

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
Support is given administrators only and identity is confirmed via security questions. The close working relationship between client and Account Manager helps reinforce this.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
BSI accredited Rackspace. Certificate IS 636168
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Who accredited the PCI DSS certification
Visa accredited Rackspace
PCI DSS accreditation date
What the PCI DSS doesn’t cover
Other security certifications
Any other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
Security is included in all staff induction and regular briefings are held with all staff.

All staff credentials are recorded securely
Any breach is recorded in a security incident log
The log and improvement are reviewed quarterly
Information security policies and processes
All information security is overseen by Chris Alexander in collaboration with Rackspace, our ISP used for hosting. Information security policies form part of all staff inductions. Any breach is reported directly to Chris Alexander.

All client data falls into two categories
Restricted – disclosure causes significant risk to clients and/or TWM
Private – disclosure causes moderate risk to clients and/or TWM
We are responsible for ensuring the security of data held
Access to systems:
- Auto-secure of unattended workstations
- Auto-secure of TFS Server
- User Authentication for each Developer
- All code changes tracked
- All versions of code maintained
- Rackspace – RDP Autosecure

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Where the CLIENT or TWM identifies the need for a Change then either party must submit a proposed change using the Change Control Form to the other.

No Change shall be valid until it is authorised in writing by the authorised representative of both parties.

Each Change shall be assigned a unique reference number and effective date of change.

Any improvement or addition to the Systems or Services which does not result in increased costs to the CLIENT shall not be subject to the above change control procedures.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Logs are reviewed on a monthly basis to identify any potential threats. Should a vulnerability be detected, it is treated as urgent and prioritised over all other development and hotfixes issued as quickly as possible.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Logs are reviewed on a monthly basis to identify any potential threats. Should a vulnerability be detected, it is treated as urgent and prioritised over all other development and hotfixes issued as quickly as possible. Should an incident be identified or reported, we aim to respond to incidents within 4 hours.
Incident management type
Supplier-defined controls
Incident management approach
Whether incidents are internal or external, users are asked to complete our Incident Response Report Form which is then added to our Incident Log. Information captured includes a summary, notifications made and action taken.
For each incident there is a post incident analysis which generates a lessons learnt. Processes are then updated accordingly.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£12,500 an instance a year
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.