People Analytics, Assessment, Compliance and Business Intelligence
Cognisco’s robust assessment methodologies to calibrate people capability and risk across hard-to-quantify sectors.
Identify talent; demonstrate competency; develop decision-making.
Off-the-shelf assessments; industry benchmarks.
Highest quality, low cost. Mobile friendly, bite-size formats.
Competency compliance for regulated industries. Biometric ID validation/certification.
Bespoke assessments reflect real application of understanding, behaviour and culture.
- Scenario-based Competency and Confidence correlating assessments
- 360 Degree Assessments, Feedback, Apprenticeships Quality of Evidence
- Personalised learning needs analysis to identify most effective L&D spend
- Assessment of application of knowledge and judgement in specific situations
- Identify potential People Risk & Reputational Risk at multiple levels
- Biometric invigilation and identification management
- Track evidence-based ROI impact of learning and development investment
- Bespoke assessment development for any skills, capabilities & competencies
- CMI approved scenario-based Leadership & Management assessments
- Assessments and reporting delivered via web-based and mobile applications
- Understanding personal impact on colleagues and stakeholders
- Evidence of competency and identify specific learning gaps
- Direct learner to most effective and efficient interventions
- Identification the unconscious incompetent and associated risk
- Mitigation of People Risk, Reputational Risk and change capability.
- Eliminate identiity fraud and cheating during assessments
- Return on Investment analysis of learning and risk mitigation
- Tailored, service-specific assessments to meet unique business needs
- Universally acknowledged standard for Leadership & Management development
- Real-time access, data-analysis and reporting
£1.00 per transaction
- Education pricing available
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||
Civil Service Learning and other Learning Management Systems.
HR/Workforce Management and Employee Engagement processes.
Risk and Regulatory Compliance systems and processes.
Certification and examination systems.
|Cloud deployment model||
|Email or online ticketing support||Email or online ticketing|
|Support response times||Office hours only, Monday to Friday 9-5:30. SLA levels to be agreed individually in contract.|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Yes, at an extra cost|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.1 AA or EN 301 549|
|Web chat accessibility testing||Can be delivered if required.|
|Onsite support||Onsite support|
This is a web-based application with Technical/User support is provided by phone and email most of the time very effectively.
For new clients face to face training of Super Users as part of induction is often provided onsite, or via webinars, videoconferencing and phone as required.
We build strong relationships with clients and have frequent meetings to develop projects at inception, with quarterly meetings to maintain continuous improvement.
Relationship management is vital to the bespoke nature of our business and we work hard to make it highly effective and retain clients.
|Support available to third parties||Yes|
Onboarding and offboarding
For new clients face to face training of Super Users as part of induction is often provided on-site, or via webinars, videoconferencing and phone as required. Users are supported both via their own Super Users and directly by Cognisco via our Support Team as needed.
We focus on building strong relationships with clients and have frequent meetings to develop projects at inception with key users, with quarterly meetings to maintain continuous improvement.
We provide on-going support and training through our highly expert team to current and new users which is included as part of the overall service. We use a helpdesk ticketing system to ensure we tag every request, and then support with email, on-line, phone, videoconferencing, webinar or face-to-face support as required.
Relationship management is vital to the bespoke nature of our business and we work hard to make it highly effective and retain clients.
|Other documentation formats||Microsoft Office Formats|
|End-of-contract data extraction||
Clients have multiple options for extracting data including:
Data can be retrieved from the system via the administration function;
Data can be downloaded as extracts which can be standard format or customised;
System and data can be maintained for live access if required;
Archive database and system to be accessible for audit purposes;
Remove personal data and retain anonymised results;
Securely destroy data and back-ups as requested.
We are GDPR compliant and all our data is stored within the UK.
End-of-contract process can include to retain system and/or data, or to provide documentation. We can provide whatever handover service is requested. We support clients to ensure that all user access is managed effectively and shut down client applications appropriately.
If the client does not wish for the data to be stored, the data will be securely destroyed.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Application and User Interface has been optimised for mobile devices and tablets. E.g assessments broken into bite-sized learning.|
|What users can and can't do using the API||APIs are configurable to allow clients to provide and receive notifications from the system . These are REST based Web APIs that use JSON payloads and are authenticated using OAUTH|
|API documentation formats|
|API sandbox or test environment||Yes|
|Description of customisation||
System is highly customisable which is a key feature and benefit to create and support bespoke applications for each client, and multiple applications within clients. The following can all be customised:
Subject and content of all assessments to include application of knowledge, behaviour, and culture to client;
Customisation of off-the-shelf assessments for specific client environments and contexts
Benchmarks, standards, competencies, regulations and compliance applications
Approved Authors can write, edit and customise assessment content
Client Super Users /Managers can customise user-access, reset assessments, manage and approve competencies
Team Leaders can approve evidence for competency, approve competency and allocate assessments.
|Independence of resources||The system benefits from the use of elastic IP addressing to enable fail over in the case of data centre failure. Data is geo-replicated across datacentres and each web service supports seamless scaling up and out of the number of application servers starting with a minimum of 2 servers at all times that are deployed across separate fault tolerant zones with the same datacentre. All data is held in the UK.|
|Service usage metrics||Yes|
System usage can be reviewed at multiple levels by Super Users and Team Leader roles.
Super Users can have access to metrics for all users, whilst Team Leaders only have access to their team's metrics. Multiple levels of team can be set up.
Metrics include current usage, last access, changes made and new data added etc.
Metrics are a primary feature of the system to enable current, past and future status of users to be managed and monitored, and whether they are compliant, competent and up-to-date with qualifications.
Additional service metrics can be provided on request.
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||
Standard reports can be downloaded and/or printed as required on any device.
A full reporting and data extract service can be provided by Cognisco on an on-going basis or when requested.
Data can be delivered in multiple formats.
|Data export formats||
|Other data export formats||
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
99.9% Up time guaranteed over the course of a year to exclude planned maintenance.
Service Credits will be provided where SLA not met.
|Approach to resilience||System is designed to be highly resilient to government standards. Available on request.|
|Outage reporting||We use a monitoring service to provide email and App alerts to internal support staff 24/7.|
Identity and authentication
|User authentication needed||Yes|
|Other user authentication||
Biometric recognition and identification validation if required.
2-factor authentication can be provided if required.
|Access restrictions in management interfaces and support channels||
The service defines a complete set of roles that control and restrict access to the various parts of the system.
Access to Internal Management Systems which set access are controlled using corporate identities and roles at multiple levels. This enables degrees of access for different personnel within each client application.
Users can access via a login or access directly via one-time-use url link without login access.
Access requiring biometric validation can be enabled to ensure identification validation as required.
|Access restriction testing frequency||At least once a year|
|Management access authentication||
|Description of management access authentication||Management access can be restricted to specific IP addresses if required.|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||QMS International Ltd|
|ISO/IEC 27001 accreditation date||27/06/2018|
|What the ISO/IEC 27001 doesn’t cover||N/a|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||
|Other security governance standards||
|Information security policies and processes||
ISO 27001 standard processes and policies are followed.
ISO 9001 2015 standard processes and policies are followed.
Cyber Essentials standard processes and policies are followed.
We have a dedicated QA who reports to Head of Operations, reporting to the CEO and Board.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||All components of our service are maintained within a software development lifecycle management tool including a software versioning control system. Changes identified from various parts of the business are documented and lodged within this tool and allocated to developers to implement. All changes are considered from a security impact and tested via our dedicated testing team.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||Our service benefits from advanced auto threat detection on our SQL servers and databases including SQL injection. The auto threat detection service maintains details of all current and new potential threats and applies these to our service automatically. All system operating systems are auto-patched by our provider.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||Our service runs a number of monitoring services that automatically notify us of any potential issues. Any issue requiring manual intervention will be assigned a priority ticket, triaged and remediated as soon as possible. All such tickets are responded too within 24 hours.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||Users report problems either by phone or via our support desk email. Issues are triaged and responded too within our standard SLA. Incidents are logged in our support management system and responses provided to the User.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£1.00 per transaction|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||
Trial options depend on the type of service of interest to the user.
We can provide demo versions of off-the-shelf assessments, access to demo apps, trail periods, indicative reports and user experience and other options.
|Link to free trial||https://cognisco.com/test-drive/|