SkillSet Limited

Moodle learning management system

Moodle is a complete learning management system, providing eLearning, classroom and offline learning features in a single, open source package. SkillSet provides hosting and support services, as well as configuration and customisation of the base platform. Areas of customisation include branding, reporting, custom plug-ins and integration to other software platforms.

Features

  • Fully customisable look and feel using responsive design
  • SCORM 1.2 certified
  • Supports eLearning, classroom, video and other learning formats
  • Customisable reports
  • Advanced quizzing and assessment creation
  • Data segregation by user defined roles
  • Creation of learning paths, including mandatory and locked content
  • Unlimited user accounts
  • Communicate with learners across a variety of channels and devices
  • Support options, including 24*7*365 telephone access

Benefits

  • Hosts SCORM content from multiple suppliers
  • Responsive design formats content to suit the learner's device
  • Tracks a wide range of learning objects from one interface
  • Extracts the exact data you need for tracking learner progress
  • Assess abilities and gain useful feedback on course content
  • Users only see content specific to their role
  • Administrators can ensure that compliance training is complete
  • Open source allows us to customise to meet your needs
  • Simple to administer
  • Comprehensive training can be provided

Pricing

£3500 per instance per year

Service documents

G-Cloud 11

207510983866616

SkillSet Limited

Paul Deed

01252 856512

paul.deed@skillset.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints No
System requirements
  • Google Chrome 30.0 and above
  • Mozilla Firefox 25.0 and above
  • Apple Safari 6.0 and above
  • Microsoft Internet Explorer 9.0 and above

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Priority 0
Response provided within 1 hour of customer’s initial contact;
Restoration within 2 hours of above Response;
Resolution within 48 hours of the above Restoration.

Priority 1
Response provided within 1 hour of customer’s initial contact;
Restoration within 4 hours of above Response;
Resolution within 48 hours of the above Restoration.

Priority 2/3
Response provided within 2 working days of customer’s initial contact;
Resolution within:
- Next quarterly maintenance release if reported at least 40 days before the scheduled release
- Next but one quarterly maintenance release if reported within 40 days of the next scheduled release
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Yes, at an extra cost
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.1 AAA
Web chat accessibility testing N/A.
Onsite support No
Support levels Our support service is manned during UK office hours and can be contacted through email, telephone or by raising a ticket on the Freshdesk system directly.
Extended support hours can be tailored to your particular needs, including 24*7*365 direct telephone access, upon request.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started For administrators of the system we provide training materials and support. For end-users the system is intuitive and able to be used without training.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Users' data is primarily in the form of learning records. Depending upon configuration, users can receive certificates or badges to confirm completion of courses and so will have an ongoing record of their activity.
End-of-contract process We would, if requested, make a backup of the site available to you at the end of the contract for you to store and keep - we will also place a backup of the site into long-term archival using Amazon Glacier, or similar to ensure that we could re-instate the site at a later date if required.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
  • Windows Phone
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The themes used for Moodle are all responsive and so will display the site accordingly.
Accessibility standards WCAG 2.1 AAA
Accessibility testing N/a
API Yes
What users can and can't do using the API https://docs.moodle.org/dev/Core_APIs
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Users can hide elements of the user interface and customise the appearance. They can also change the colour scheme to, for example, select a high-contrast view if they are visually impaired.

Scaling

Scaling
Independence of resources Moodle is a single-tenant application and so will run on dedicated VMs for each customer. These can be load balanced and auto-scaled if the customer's workloads are forecast to be variable and require it.

Analytics

Analytics
Service usage metrics Yes
Metrics types We can build reports to show a range of usage metrics covering logins, user activity, time spent on the site etc.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Other
Other data at rest protection approach We use AWS for hosting and take advantage of their ability to encrypt data at rest, including backups for all elements of the service provided.
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Users' data is primarily in the form of learning records. Depending upon configuration, users can receive certificates or badges to confirm completion of courses and so will have an ongoing record of their activity.
Data export formats CSV
Data import formats
  • CSV
  • Other
Other data import formats Any format can be allowed.

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks The network in which the servers/services are running is only accessibly by named individuals and requires MFA to access it. In addition, all data is encrypted both at rest and in transit.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability We use the AWS Cloud Services for its resilience and capacity. AWS commits to a Monthly Uptime Percentage (defined below) of at least 99.95%. We have never had any unscheduled downtime using this platform.

We offer varying levels of support from business hours of 8am-6pm Monday-Friday, and for some customers we offer 24 hour support for business critical systems: this allows access to a member of our support staff at all times.
Approach to resilience All servers providing the service are placed into multiple availability zones that are physically isolated and independent of one another. End-user access is through a load-balancer with health checks and auto-scaling of the underlying instances to ensure continuous monitoring and availability.
Outage reporting Monitoring is at 1 minute intervals and exceptions are raised through alerts that generate email and text message warnings.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Users can be authenticated in a number of different ways depending upon the customer requirements - these include simple username and password, MFA, integration with other identitiy providers.
Access restriction testing frequency At least every 6 months
Management access authentication Public key authentication (including by TLS client certificate)

Audit information for users

Audit information for users
Access to user activity audit information You control when users can access audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Socotec
ISO/IEC 27001 accreditation date May 2018
What the ISO/IEC 27001 doesn’t cover N/A
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes CEO, Tim Stratton, is responsible for information security management. We have an internal information security policy and data protection policy which all staff adhere to.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All source code is held in Git or Subversion and part of a continuous integration build pipeline. Changes can be raised by customers following our CR process and will be impacted for customer approval. Because each customer is on their own instance, we can make customer-specific changes without impacting other customers.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Amazon Inspector includes a knowledge base of hundreds of rules mapped to common security standards and vulnerability definitions that are regularly updated by AWS security researchers.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Amazon Inspector includes a knowledge base of hundreds of rules mapped to common security standards and vulnerability definitions that are regularly updated by AWS security researchers.
Incident management type Supplier-defined controls
Incident management approach We use Freshdesk's ITIL-aligned service desk software to manage incidents and problems as well as produce a knowledge-base for customer reference.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £3500 per instance per year
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑