Centerprise International Ltd

Ionoco PATH Enterprise

The PATH Platform is a presentation and quizzing platform for trainers. Including tools to create tests, multiple rich data question types are available with clocks. Participants join via a browser locally or remotely (with video feed). Tests can be taken synchronously or asynchronously. PATH includes reports and marking tools.

Features

  • Employee, conference and student engagement and test platform
  • Multiple quizzes and tests can be run at any time
  • Video streaming and synchronization for remote students/colleagues
  • Multiple question types with rich media (video, audio and graphic)
  • Question and quiz clocks
  • Live operation with presentation mode for groups/audiences
  • Built-in messaging
  • Remote access with video streaming and synchronized operation for users
  • Schedules and/or in own time events
  • Real-time responses / results

Benefits

  • Engages audiences / students easily in real time
  • Instant feedback on learning and understanding during presentations/lectures
  • Users can access the platform without additional hardware or infrastructure
  • Schedule for a single user to thousands of users
  • Enterprise solution allows for sharing test across groups
  • Admin approval to ensure quizzes are checked before going live

Pricing

£50000 to £100000 per instance per year

Service documents

G-Cloud 10

889292683189740

Centerprise International Ltd

Tenders Team

01256 378 000

tendersteam@centerprise.co.uk

Service scope

Service scope
Software add-on or extension Yes
What software services is the service an extension to PATH Enterprise can be integrated into third party platforms such as student databases and Blackboard.
Cloud deployment model Hybrid cloud
Service constraints No
System requirements Can be used on any major browser for video streaming

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Our response times are driven by business priority. Whilst these can be customised the standards are: Priority 1. High. Service is completely unavailable or there is a critical impact on the Customer’s business operation: 15 minutes. Priority 2. Medium. The Service is severely degraded or there is a significant impact on the Customer’s business operation: 30 minutes. Priority 3. Low. The quality of the Service is degraded and is affecting one or more users: 1 hour. Priority 4. Service Request. Customer is seeking a change to the Service: 1 hour.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels 1. Overview. There are 3 Service Desk packages: Silver, Gold and Platinum. Service Hours are 09:00 to 17:30 Monday to Friday (excluding UK Bank Holidays); Gold Service Hours are 08:00 to 20:00 Monday to Friday (excluding UK Bank Holidays); and Platinum Service Hours are 24x7x365. 2. Incident Target Resolution. Priority 1 - High. Service is completely unavailable or there is a critical impact on the Customer’s business operation: 4 hours. Priority 2 - Medium. The Service is severely degraded or there is a significant impact on the Customer’s business operation: 8 hours. Priority 3 - Low. The quality of the Service is degraded and is affecting one or more users: 16 hours. Priority 4 - Service Request. Customer is seeking a change to the Service: 5 working days. 3. Service Credits. A Service Credit regime is used to recompense the Customer for failures to meet the agreed Service Level. Service Credits are valued as a percentage of the related Service Charges for the month.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We will provide admin and user training, if required. Participants are provided with online documentation.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction We can give you a copy or an export of the database in CSV or other suitable format following the end of contract. This service is included within the price.
End-of-contract process Accounts remain open until users confirm that all data has been safely removed. Accounts are not automatically closed or any data deleted without explicit agreement.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service To use all features it is recommended that sessions are run using a PC (Windows or Apple) with a second screen and webcam. Session participants can use any device. The user experience for participants is the same on all devices.
Accessibility standards WCAG 2.0 A
Accessibility testing None
API No
Customisation available Yes
Description of customisation Users can customise user and participant groups; and assign roles, permissions and approval requirements. All quizzes and tests can be created and customised by adding content.

Scaling

Scaling
Independence of resources The platform is based on an expanding mesh architecture, hosted on AWS across 2 or more locations. Load-balanced session brokers manage the server deployment allocating resources accordingly.

Analytics

Analytics
Service usage metrics Yes
Metrics types Reports and user/participant activity, and quiz/test results.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Ionoco Limited

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Tests and reports can be downloaded via the webportal.
Data export formats CSV
Data import formats
  • CSV
  • Other
Other data import formats
  • XLS
  • TXT
  • All picture formats
  • Most common video formats
  • Most common audio formats

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Private network or public sector network
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability The service is provided with a 99.99% availability, SLA refunds are subject to contract.
Approach to resilience The platform is based on an expanding mesh architecture, hosted on AWS across 2 or more locations. Load-balanced session brokers manage the server deployment allocating resources to maintain service uptime.
Outage reporting All our services are monitored via the Critica dashboard. Standard service notices are emailed to subscribers and enterprise clients are given access to a dedicated Critica dashboard with e-mail and/or text message alerts available.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
  • Other
Other user authentication As standard, we use username and password. However, dual-authentication, Active Directory or other means of authentication to the platform are available at the client's request.
Access restrictions in management interfaces and support channels The platform has an expandable number of roles with the administrator allocating user roles and access. Role allocation can be delegated to any other role.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password
  • Other

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Alcumus ISOQAR
ISO/IEC 27001 accreditation date 12/02/2018
What the ISO/IEC 27001 doesn’t cover N/A - Everything is covered by our ISO 27001 certification.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification SecurityMetrics
PCI DSS accreditation date 10/10/2016
What the PCI DSS doesn’t cover N/A - Everything is covered by our PCI DSS accreditation.
Other security certifications Yes
Any other security certifications Cyber Security Essentials Plus

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes In-line with the requirements of ISO 27001 and 20000, we've developed policies and procedures to support both standards and comply with the requirements of ISO 9001 e.g., our Information Security Policy includes the following internal policies/procedures: •IT Security Business Continuity Policy •Information Security Policy – Suppliers •CCTV Policy •CI Forensic Policy •Corporate Hospitality and Bribery Act •Access Control Policy •Policy Against Malicious Code •Child Protection Policy •Policy on the Secure Handling, Use, Storage, Retention and Destruction of Disclosure Information •Clear Desk Policy •Cryptographic Policy. The Information Security Policy has been produced and accepted by the Board. The policy is visible to all staff on SharePoint and all staff sign Appendix E of the policy, which is retained in the employee’s HR file. The importance of Information Security and the policy is covered in employee inductions and the Staff handbook. Security responsibilities are defined within our Information Security policy, which records the following managers: •Service Delivery Manager (Information Security Manager) •Security Controller •Group Quality Manager •Users – to comply with the IT Security Policy. Security Responsibilities are defined in the individual’s job description and employment contract.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All platform upgrades are deployed to a staging server environment and fully tested prior to the deployment to the live service. All component upgrades are tracked through a software development versioning system. Fully tested prior to being released to users.
Vulnerability management type Undisclosed
Vulnerability management approach We continually use a range of vulnerability management processes to assess potential threats and apply patches accordingly. Further details can be discussed with the client under a non-disclosure agreement (NDA).
Protective monitoring type Supplier-defined controls
Protective monitoring approach All our services are monitored via the Critica dashboard. Standard service notices are emailed to subscribers, and enterprise clients are given access to a dedicated Critica dashboard with e-mail and/or text message alerts available.
Incident management type Supplier-defined controls
Incident management approach We have a Software Developer available on 15 minutes notice, 24/7 to investigate any urgent incidents. If necessary, immediate action is taken. Any non-urgent incidents are assessed and addressed the following working day.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £50000 to £100000 per instance per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Full access to all features for a limited review period (up to 1 month).
Link to free trial Available upon request

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Terms and conditions document View uploaded document
Return to top ↑