Concierge - Applications

The Application Overview page now includes four additional tabs as follows:

Interview Details

Enables staff to view and update information related to a learner’s interview. Staff can monitor the interview status, make necessary changes, and record notes directly linked to the interview process.

Qualifications

Enables staff to review and manage the qualifications submitted by a learner. This includes adding new qualifications and confirming whether the learner meets the necessary requirements for the course.

Requirements

Enables staff to view the requirements set against the UIO and add additional criteria as needed. This functionality allows staff to assess whether the learner’s individual qualifications and needs align with the course requirements.

Offers

Enables staff to review any existing offers made to the learner. Staff can also issue new offers, helping determine whether the learner can proceed to enrolment following the interview process.

Additional roles are required for staff to access and manage data within these tabs as follows:

• View or Edit Interview Details

• View or Edit Qualifications

• View or Edit Requirements

• View or Edit Offers

Concierge

Concierge - Interviews

Staff can use the new Interviews feature to search for existing interviews using search criteria such as event name, number of allocated learners, and so on. On finding the interview of interest you can view the learners allocated to that interview.

Concierge

Find Interviews

Concierge - Enrolments

Staff can use the new Enrolments feature to search for existing enrolments and learners, create a new enrolment on behalf of a learner, invite applicants to create a learner account and then create enrolments for a learner.

Staff can enrol a learner on a course by completing an Enrolment Form.

Details required for each page of the enrolment form are summarised below:

Personal Details

Enables staff to enter the learner’s account information, contact details, and address.

Further Details

Enables staff to input information regarding the learner’s equal opportunities and support needs.

Statements

Enables staff to select statements that are applicable for the learner.

Evidence

Enables staff to upload any supporting documentation required for the enrolment.

Data Protection

Enables staff to record the learner’s consent for the use of their personal data.

Payments

Enables staff to view the total fee for the selected courses.

When you have completed the enrolment process the Confirmation page will display.

Concierge

Find Enrolments

Create Enrolments

Application search results grid columns

In Concierge > Application > Search Results the Person Code, Surname, and Forename columns are now pinned to the left of the grid.

Not applicable

Ability to access Fund Manager Actions Page

Staff managing additional financial support for learners can use the actions page to carry out daily tasks, create funds, and so on. The licence and roles required are as follows:

• Licence: EBS4SupFundManager

• Role: ebs: central support management > View Fund Manager Admin Actions.

Fund Manager

Ability to View existing Funds

Staff can view existing funds, defaulted to the current funding year, on the Fund Manager Admin page.

Fund Manager

Ability to Add a new Fund

Staff can now create a new fund record to manage financial and learning support for learners.

Staff can go to Fund Manager Admin and then select Create Fund. The form to create a new fund contains the following sections:

• Details - with mandatory fields

• More - with additional input fields

• Performance - contains calculated fields which cannot be edited

Fund Manager

Ability to edit an existing Fund

Staff can now edit an existing fund record through the Edit option on the vertical ellipsis for a specific fund.

On editing a fund, the staff member is able to select the FAM Type and FAM Code through the drop-downs. The fund form contains the following sections:

• Details - with mandatory fields

• More - with additional input fields

• Performance - contains calculated fields which cannot be edited

Fund Manager

Add confirmation message when pressing delete on fund admin

When choosing to Delete a fund, staff are now asked to confirm the deletion through a popup notification.

Fund Manager

Ability to View Plan Items

Staff can now view plan items on a grid in Fund Manager.

Fund Manager

Ability to edit or delete a learner on a fund

Staff can now edit or delete a learner assigned to a fund.

Fund Manager

Creation and Amendment of Plan

Staff members can now create and edit plan items for learners.

Fund Manager

Ability to view, create, edit, or delete an assessment header

Staff can now view, create, or edit assessment headers to enable the maintenance of header details that have been assigned against a learner. Staff can also delete assessment headers if required.

Fund Manager

Update ILR on Learners Grid screen in Fund Manager

Staff can now update ILR records from Fund Manager. ILR records can be updated individually or in bulk using the Update ILR - Selected or Update ILR - All options on the Learners grid.

Staff will receive an error message if any of the selected records do not have an enrolment.

Fund Manager

Navigation updates

Improved navigation, search, and filtering options for assessments, plan items, learners, and so on.

Fund Manager

Ontrack Content Security (CSP) security improvements

Ontrack security has been significantly enhanced by modifying the CSP (Content Security Policy) to block the execution of inline scripts. This change stops malicious scripts being injected into ontrack pages, offering stronger protection against XSS (Cross-Site Scripting) attacks. Genuine ebs scripts are marked with a unique value to identify these as safe to run.

In order to facilitate the use of custom JavaScript by customers, scripts added in the following supported ways will also be considered authorised. It is therefore important to ensure that access to these locations is carefully controlled:

• Scripts in custom html controls in Designer.

• Scripts added to the translation and analytics folders.

Should this security change cause unforeseen issues, ontrack can be reverted to allow the use of inline scripts by adding the value unsafe-inline in the Content-Security-Policy > script-src directive institution setting.

Default directives such as those relating to the use of the Google translate widget, have been removed from the out-of-the-box CSP, following the security principle of least privilege. If these were in use, the functionality will be blocked on upgrade. If the functionality is still required, use the Dev Tools features found in Chrome and Edge to review any console errors relating to the CSP, and add any missing domains to the appropriate content security policy directive.

Two further new institution settings have been added to give greater control to institutions over the content and restrictions applied in the CSP:

• Content-Security-Policy base-uri directive.

• Content-Security-Policy worker-src directive.

Ontrack Institution Settings

Analytics snippet usage of head.cshtml to add in the <head> element

Google Tag Manager recommends that scripts are embedded in the <head> tag. To support this, the contents of a script named head.cshtml placed in the analytics folder will be included in the <head> tag of every page in Ontrack.

Files with any other name will continue to be included in the <body> tag of each page.

Configurable Functionality