SkillSet Limited

Moodle learning management system

Moodle is a complete learning management system, providing eLearning, classroom and offline learning features in a single, open source package. SkillSet provides hosting and support services, as well as configuration and customisation of the base platform. Areas of customisation include branding, reporting, custom plug-ins and integration to other software platforms.

Features

  • Fully customisable look and feel using responsive design
  • SCORM 1.2 certified
  • Supports eLearning, classroom, video and other learning formats
  • Customisable reports
  • Advanced quizzing and assessment creation
  • Data segregation by user defined roles
  • Creation of learning paths, including mandatory and locked content
  • Unlimited user accounts
  • Communicate with learners across a variety of channels and devices
  • Support options, including 24*7*365 telephone access

Benefits

  • Hosts SCORM content from multiple suppliers
  • Responsive design formats content to suit the learner's device
  • Tracks a wide range of learning objects from one interface
  • Extracts the exact data you need for tracking learner progress
  • Assess abilities and gain useful feedback on course content
  • Users only see content specific to their role
  • Administrators can ensure that compliance training is complete
  • Open source allows us to customise to meet your needs
  • Simple to administer
  • Comprehensive training can be provided

Pricing

£3500 per instance per year

Service documents

Framework

G-Cloud 11

Service ID

2 0 7 5 1 0 9 8 3 8 6 6 6 1 6

Contact

SkillSet Limited

Paul Deed

01252 856512

paul.deed@skillset.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
No
System requirements
  • Google Chrome 30.0 and above
  • Mozilla Firefox 25.0 and above
  • Apple Safari 6.0 and above
  • Microsoft Internet Explorer 9.0 and above

User support

Email or online ticketing support
Email or online ticketing
Support response times
Priority 0
Response provided within 1 hour of customer’s initial contact;
Restoration within 2 hours of above Response;
Resolution within 48 hours of the above Restoration.

Priority 1
Response provided within 1 hour of customer’s initial contact;
Restoration within 4 hours of above Response;
Resolution within 48 hours of the above Restoration.

Priority 2/3
Response provided within 2 working days of customer’s initial contact;
Resolution within:
- Next quarterly maintenance release if reported at least 40 days before the scheduled release
- Next but one quarterly maintenance release if reported within 40 days of the next scheduled release
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Yes, at an extra cost
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AAA
Web chat accessibility testing
N/A.
Onsite support
No
Support levels
Our support service is manned during UK office hours and can be contacted through email, telephone or by raising a ticket on the Freshdesk system directly.
Extended support hours can be tailored to your particular needs, including 24*7*365 direct telephone access, upon request.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
For administrators of the system we provide training materials and support. For end-users the system is intuitive and able to be used without training.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Users' data is primarily in the form of learning records. Depending upon configuration, users can receive certificates or badges to confirm completion of courses and so will have an ongoing record of their activity.
End-of-contract process
We would, if requested, make a backup of the site available to you at the end of the contract for you to store and keep - we will also place a backup of the site into long-term archival using Amazon Glacier, or similar to ensure that we could re-instate the site at a later date if required.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
  • Windows Phone
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The themes used for Moodle are all responsive and so will display the site accordingly.
Service interface
Yes
Description of service interface
Moodle is a complete learning management system, providing eLearning, classroom and offline learning features in a single, open source package. A simple interface, drag-and-drop features, and well-documented resources along with ongoing usability improvements, make Moodle easy to learn and use. The modular set up and interoperable design allows developers to create plugins and integrate external applications to achieve specific functionalities.
Accessibility standards
WCAG 2.1 AAA
Accessibility testing
N/a
API
Yes
What users can and can't do using the API
https://docs.moodle.org/dev/Core_APIs
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Users can hide elements of the user interface and customise the appearance. They can also change the colour scheme to, for example, select a high-contrast view if they are visually impaired.

Scaling

Independence of resources
Moodle is a single-tenant application and so will run on dedicated VMs for each customer. These can be load balanced and auto-scaled if the customer's workloads are forecast to be variable and require it.

Analytics

Service usage metrics
Yes
Metrics types
We can build reports to show a range of usage metrics covering logins, user activity, time spent on the site etc.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Other
Other data at rest protection approach
We use AWS for hosting and take advantage of their ability to encrypt data at rest, including backups for all elements of the service provided.
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Users' data is primarily in the form of learning records. Depending upon configuration, users can receive certificates or badges to confirm completion of courses and so will have an ongoing record of their activity.
Data export formats
CSV
Data import formats
  • CSV
  • Other
Other data import formats
Any format can be allowed.

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
The network in which the servers/services are running is only accessibly by named individuals and requires MFA to access it. In addition, all data is encrypted both at rest and in transit.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
We use the AWS Cloud Services for its resilience and capacity. AWS commits to a Monthly Uptime Percentage (defined below) of at least 99.95%. We have never had any unscheduled downtime using this platform.

We offer varying levels of support from business hours of 8am-6pm Monday-Friday, and for some customers we offer 24 hour support for business critical systems: this allows access to a member of our support staff at all times.
Approach to resilience
All servers providing the service are placed into multiple availability zones that are physically isolated and independent of one another. End-user access is through a load-balancer with health checks and auto-scaling of the underlying instances to ensure continuous monitoring and availability.
Outage reporting
Monitoring is at 1 minute intervals and exceptions are raised through alerts that generate email and text message warnings.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Users can be authenticated in a number of different ways depending upon the customer requirements - these include simple username and password, MFA, integration with other identitiy providers.
Access restriction testing frequency
At least every 6 months
Management access authentication
Public key authentication (including by TLS client certificate)

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Socotec
ISO/IEC 27001 accreditation date
May 2018
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
CEO, Tim Stratton, is responsible for information security management. We have an internal information security policy and data protection policy which all staff adhere to.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All source code is held in Git or Subversion and part of a continuous integration build pipeline. Changes can be raised by customers following our CR process and will be impacted for customer approval. Because each customer is on their own instance, we can make customer-specific changes without impacting other customers.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Amazon Inspector includes a knowledge base of hundreds of rules mapped to common security standards and vulnerability definitions that are regularly updated by AWS security researchers.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Amazon Inspector includes a knowledge base of hundreds of rules mapped to common security standards and vulnerability definitions that are regularly updated by AWS security researchers.
Incident management type
Supplier-defined controls
Incident management approach
We use Freshdesk's ITIL-aligned service desk software to manage incidents and problems as well as produce a knowledge-base for customer reference.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£3500 per instance per year
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑