G-Cloud 11 services are suspended on Digital Marketplace

If you have an ongoing procurement on G-Cloud 11, you must complete it by 18 December 2020. Existing contracts with Cognisco Ltd. are still valid.
Cognisco Ltd.

People Analytics, Assessment, Compliance and Business Intelligence

Cognisco’s robust assessment methodologies to calibrate people capability and risk across hard-to-quantify sectors.
Identify talent; demonstrate competency; develop decision-making.
Off-the-shelf assessments; industry benchmarks.
Highest quality, low cost. Mobile friendly, bite-size formats.
Competency compliance for regulated industries. Biometric ID validation/certification.
Bespoke assessments reflect real application of understanding, behaviour and culture.

Features

  • Scenario-based Competency and Confidence correlating assessments
  • 360 Degree Assessments, Feedback, Apprenticeships Quality of Evidence
  • Personalised learning needs analysis to identify most effective L&D spend
  • Assessment of application of knowledge and judgement in specific situations
  • Identify potential People Risk & Reputational Risk at multiple levels
  • Biometric invigilation and identification management
  • Track evidence-based ROI impact of learning and development investment
  • Bespoke assessment development for any skills, capabilities & competencies
  • CMI approved scenario-based Leadership & Management assessments
  • Assessments and reporting delivered via web-based and mobile applications

Benefits

  • Understanding personal impact on colleagues and stakeholders
  • Evidence of competency and identify specific learning gaps
  • Direct learner to most effective and efficient interventions
  • Identification the unconscious incompetent and associated risk
  • Mitigation of People Risk, Reputational Risk and change capability.
  • Eliminate identiity fraud and cheating during assessments
  • Return on Investment analysis of learning and risk mitigation
  • Tailored, service-specific assessments to meet unique business needs
  • Universally acknowledged standard for Leadership & Management development
  • Real-time access, data-analysis and reporting

Pricing

£1.00 a transaction

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at aknight@cognisco.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 11

Service ID

8 1 6 1 6 8 3 8 4 2 8 1 3 8 7

Contact

Cognisco Ltd. Amanda Knight
Telephone: 01234 757520
Email: aknight@cognisco.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Civil Service Learning and other Learning Management Systems.
HR/Workforce Management and Employee Engagement processes.
Risk and Regulatory Compliance systems and processes.
Certification and examination systems.
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
No.
System requirements
  • IE 11 or newer browser access.
  • Chrome 62 and above

User support

Email or online ticketing support
Email or online ticketing
Support response times
Office hours only, Monday to Friday 9-5:30. SLA levels to be agreed individually in contract.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Yes, at an extra cost
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
Can be delivered if required.
Onsite support
Onsite support
Support levels
This is a web-based application with Technical/User support is provided by phone and email most of the time very effectively.
For new clients face to face training of Super Users as part of induction is often provided onsite, or via webinars, videoconferencing and phone as required.
We build strong relationships with clients and have frequent meetings to develop projects at inception, with quarterly meetings to maintain continuous improvement.
Relationship management is vital to the bespoke nature of our business and we work hard to make it highly effective and retain clients.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
For new clients face to face training of Super Users as part of induction is often provided on-site, or via webinars, videoconferencing and phone as required. Users are supported both via their own Super Users and directly by Cognisco via our Support Team as needed.
We focus on building strong relationships with clients and have frequent meetings to develop projects at inception with key users, with quarterly meetings to maintain continuous improvement.
We provide on-going support and training through our highly expert team to current and new users which is included as part of the overall service. We use a helpdesk ticketing system to ensure we tag every request, and then support with email, on-line, phone, videoconferencing, webinar or face-to-face support as required.
Relationship management is vital to the bespoke nature of our business and we work hard to make it highly effective and retain clients.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
Microsoft Office Formats
End-of-contract data extraction
Clients have multiple options for extracting data including:
Data can be retrieved from the system via the administration function;
Data can be downloaded as extracts which can be standard format or customised;
System and data can be maintained for live access if required;
Archive database and system to be accessible for audit purposes;
Remove personal data and retain anonymised results;
Securely destroy data and back-ups as requested.
We are GDPR compliant and all our data is stored within the UK.
End-of-contract process
End-of-contract process can include to retain system and/or data, or to provide documentation. We can provide whatever handover service is requested. We support clients to ensure that all user access is managed effectively and shut down client applications appropriately.
If the client does not wish for the data to be stored, the data will be securely destroyed.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Application and User Interface has been optimised for mobile devices and tablets. E.g assessments broken into bite-sized learning.
Service interface
No
API
Yes
What users can and can't do using the API
APIs are configurable to allow clients to provide and receive notifications from the system . These are REST based Web APIs that use JSON payloads and are authenticated using OAUTH
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
System is highly customisable which is a key feature and benefit to create and support bespoke applications for each client, and multiple applications within clients. The following can all be customised:
Subject and content of all assessments to include application of knowledge, behaviour, and culture to client;
Customisation of off-the-shelf assessments for specific client environments and contexts

Benchmarks, standards, competencies, regulations and compliance applications

Approved Authors can write, edit and customise assessment content

Client Super Users /Managers can customise user-access, reset assessments, manage and approve competencies

Team Leaders can approve evidence for competency, approve competency and allocate assessments.

Scaling

Independence of resources
The system benefits from the use of elastic IP addressing to enable fail over in the case of data centre failure. Data is geo-replicated across datacentres and each web service supports seamless scaling up and out of the number of application servers starting with a minimum of 2 servers at all times that are deployed across separate fault tolerant zones with the same datacentre. All data is held in the UK.

Analytics

Service usage metrics
Yes
Metrics types
System usage can be reviewed at multiple levels by Super Users and Team Leader roles.
Super Users can have access to metrics for all users, whilst Team Leaders only have access to their team's metrics. Multiple levels of team can be set up.
Metrics include current usage, last access, changes made and new data added etc.
Metrics are a primary feature of the system to enable current, past and future status of users to be managed and monitored, and whether they are compliant, competent and up-to-date with qualifications.
Additional service metrics can be provided on request.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Standard reports can be downloaded and/or printed as required on any device.
A full reporting and data extract service can be provided by Cognisco on an on-going basis or when requested.
Data can be delivered in multiple formats.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • PDF
  • Microsoft Office formats
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
99.9% Up time guaranteed over the course of a year to exclude planned maintenance.
Service Credits will be provided where SLA not met.
Approach to resilience
System is designed to be highly resilient to government standards. Available on request.
Outage reporting
We use a monitoring service to provide email and App alerts to internal support staff 24/7.

Identity and authentication

User authentication needed
Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication
Biometric recognition and identification validation if required.
2-factor authentication can be provided if required.
Access restrictions in management interfaces and support channels
The service defines a complete set of roles that control and restrict access to the various parts of the system.
Access to Internal Management Systems which set access are controlled using corporate identities and roles at multiple levels. This enables degrees of access for different personnel within each client application.
Users can access via a login or access directly via one-time-use url link without login access.
Access requiring biometric validation can be enabled to ensure identification validation as required.
Access restriction testing frequency
At least once a year
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Description of management access authentication
Management access can be restricted to specific IP addresses if required.

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
QMS International Ltd
ISO/IEC 27001 accreditation date
27/06/2018
What the ISO/IEC 27001 doesn’t cover
N/a
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials
  • ISO 9001:2015

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
  • Other
Other security governance standards
ISO 9001:2015
Cyber Essentials
Information security policies and processes
ISO 27001 standard processes and policies are followed.
ISO 9001 2015 standard processes and policies are followed.
Cyber Essentials standard processes and policies are followed.
We have a dedicated QA who reports to Head of Operations, reporting to the CEO and Board.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
All components of our service are maintained within a software development lifecycle management tool including a software versioning control system. Changes identified from various parts of the business are documented and lodged within this tool and allocated to developers to implement. All changes are considered from a security impact and tested via our dedicated testing team.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Our service benefits from advanced auto threat detection on our SQL servers and databases including SQL injection. The auto threat detection service maintains details of all current and new potential threats and applies these to our service automatically. All system operating systems are auto-patched by our provider.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Our service runs a number of monitoring services that automatically notify us of any potential issues. Any issue requiring manual intervention will be assigned a priority ticket, triaged and remediated as soon as possible. All such tickets are responded too within 24 hours.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Users report problems either by phone or via our support desk email. Issues are triaged and responded too within our standard SLA. Incidents are logged in our support management system and responses provided to the User.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£1.00 a transaction
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Trial options depend on the type of service of interest to the user.
We can provide demo versions of off-the-shelf assessments, access to demo apps, trail periods, indicative reports and user experience and other options.
Link to free trial
https://cognisco.com/test-drive/

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at aknight@cognisco.com. Tell them what format you need. It will help if you say what assistive technology you use.