Moodle and Totara LMS bring the benefits of open source learning to organisations, significantly reducing the cost of your learning management, with advanced functionality for workplace learning. Our platforms support competency management, training delivery, team management, compliance tracking, classroom management and flexible reporting features.
- Track learning progress and compliance
- Personal development plans
- Manage team development
- Encourages and fosters knowledge sharing (social learning)
- Delivery of effective eLearning
- HR/ERP/CRM integration
- Organisation and position frameworks
- Performance management, appraisals and 360 feedback tools
- Accessible anywhere, any time, from any device
- Sophisticated reporting
- Map learning to individual jobs, management, departments, teams and groups
- Access instructor led training, self-paced eLearning and virtual training
- Deliver training and content to users on any device
- Integration and interoperability with other platforms
- Content authoring and management capabilities with both content and activities
- Create assessments from question banks, track scores and completion rates
- Determine compliance criteria and maintain clear and accurate audit trails
- Maintain current and historical records of active and completed learning
- Support informal and social learning, allowing employees to share knowledge
- Complete picture of usage, progress and achievement across your business
£6300 per unit per year
- Free trial available
New Media Warehouse Ltd T/A Synergy Learning
+44 (0) 28 9042 2000
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Service constraints||Preference is for deployment on LAMP environments. Synergy Learning provide a fully managed service on this stack.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Average resolution time of 50 minutes, first response within 30 minutes|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.0 AA or EN 301 549|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Synergy Learning provides second line support to a dedicated team of Moodle/Totara administrators/support staff with fixed or unlimited hour options available.
The provision of ongoing support includes the capturing of all feedback and calls logged with Synergy Learning in our helpdesk. Nominated users with access to the helpdesk will have access to all tickets, from all users, and will be able to view their status, change the priority, respond to any query and monitor the total time used.
For application support the severity of the issues or problems submitted determines the time and method of our response (email or by phone).
Fixed hour contracts range from £999-2,499 with unlimited support available for £3,499. All costs exc VAT
An account manager is assigned to each customer with a technical account manager provided where applicable. Cloud support engineers are available as part of the application support provided.
|Support available to third parties||No|
Onboarding and offboarding
We begin each implementation of our service with a series of onsite/remote consultancy days and training.
This ensures all required users are trained in the appropriate areas and the site is configured correctly.
In addition to have an implementation consultant and trainer, online documentation with self-service guides are available.
Administrators of the platforms will also have access to our application support helpdesk via email and/or phone.
Where additional training is required this can be provided onsite or remotely in short sessions, covering specific use cases that are unique to your requirements and workflows.
|End-of-contract data extraction||
At the conclusion of the hosting and support period, if the contract is not extended, the client can request all of their files and data to be provided as a migration to another platform/provider. Synergy Learning provides;
* Database dump
* Archived folder for Moodle files
* Archived folder of uploaded data and files
* Removal of all data once confirmation received that all files have been received
We also recommend and support you in creating specific reports that extract user records with the report builder, delivering data in a spreadsheet format, in addition to the entire site data backup.
We provide the download of your site data, if under 5GB, as part of the contract. For any sites above 5GB a small charge will be applied to download your data locally, adding this to a portable storage device and securely sending this via courier.
For any transfers of sites via RSYNC an additional cost would be applicable for any additional time or transfers requested if this was required as part of a migration.
The daily rate for server engineers would be applicable to this.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||There is no difference in the mobile and desktop service. All features are available on mobile. The learning platforms are responsive in their design, ensuring the content responds accordingly based on the size of the screen the user is accessing the site on.|
|Accessibility standards||WCAG 2.0 AA or EN 301 549|
Our goal is to be fully accessible and usable for all users regardless of ability.
Core developers of our web platforms spend a lot of time making sure new developments are accessible. Part of the process when building new code is to follow established best practices and part of the process for accepting new code into the platform is to test pages carefully and gather feedback from experts and end-users.
Our platforms are complex systems with many parts with code that is always evolving. Modules can be enabled and disabled. The interface can be heavily customised using themes and thousands of settings. Actual content can be produced by any trainer or any learner.
Accessibility is not a state, it is a process of continuous improvement in response to our users and the wider technical environment.
|What users can and can't do using the API||
Web services enable other systems to push and/or pull date from the platforms and perform operations. This simple example will give you an idea of how our web services infrastructure works;
* The client sends a username and password to the web service login script.
* The script returns a token for that user account.
* The client calls a particular web service function on a protocol server including the token .
* The protocol server uses the token to check that the user can call the function.
* The protocol server call the matching external function, located in a externallib.php file inside the relevant module.
* The external function checks that the current user has_capability to do this operation.
* The external function calls the matching Moodle core function (in lib.php usually).
* The core function can return a result to the external function.
* The external function will return a result to the protocol server.
* The protocol server returns the result to the client.
With over 200+ web services available in the core platform and the ability to write your own to extend the platform, the possibilities are limitless.
|API documentation formats||
|API sandbox or test environment||Yes|
|Description of customisation||
As an Open Source platform the core code can be deployed as-is or customised to meet specific needs. This includes, but not limited to:
* New features or functionality
* The interface and user experience (theme)
* Additional web services
* Integration with third-party software
* Addition of community plugins, developed/contributed by others
User can customise either through the application itself (via settings that can be modified via the browser) or through development of their own code/plugins. Where this skillset is not available we can provide this service for you.
Customisations can be provided by other parties or suppliers and would require a review from a security and performance perspective before being applied to your own site.
|Independence of resources||
We provide both shared cloud and private cloud options for the managed hosting service of our applications.
If using the private cloud there will be resources allocated directly against the customers site and their users, independent of other sites or services that are provided. This ensures no other demands impact the service.
|Service usage metrics||Yes|
Service metrics are provided around the SLA's in the contract. This includes the response and resolution times of support tickets, the uptime/availability of the site, active user count, performance of the server and storage usage/available.
It is a fully managed service but additional metrics can be provided on request if they are readily available to provide.
|Reporting types||Reports on request|
|Supplier type||Reseller providing extra features and support|
|Organisation whose services are being resold||Moodle and Totara LMS/Social|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Physical access control, complying with another standard|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||
Users can export their data in spreadsheet format, PDF or OpenDocument formats. Reports can be built to create these exports.
Course data can also be backed up and migrated to a similar system using the backup/export tool. This is saved as a MBZ compressed file. Unique to the learning platform application.
This can be managed without any input from the supplier.
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
Synergy Learning endeavours to provide the most reliable network infrastructure possible to its Customers. Provided the Customer has complied with its obligations under the hosting Agreement, Synergy Learning guarantees that the network is available 99.95% of the time, excluding: a) scheduled maintenance b) circumstances beyond the Supplier's reasonable control, including, but not limited to: DoS or other network attacks, upstream or 3rd party network outages, war, fire, flood, sabotage, labour disturbance, acts of government and c) breaking this Agreement or the Supplier's Acceptable Use Policy, available within the terms and conditions.
Where levels are not met, users can follow the guidelines in the contract to request a refund or cancel the service should they wish
|Approach to resilience||
Multiple physical servers are in operation with a healthy amount of RAM installed. The servers use multiple Intel Quad core processors and run the XenServer Hypervisor. The servers have multiple physical NICs, which are actively in use providing a resilient path to the storage area network, public accessible network and the management network. The servers are configured to be in a XenServer pool with High Availability enabled in load-balanced environment. The platform also sits beneath the Synergy Learning perimeter firewalls. These are Cisco ASA firewalls in an Active/Active configuration with stateful failover.
Further information is available on request.
As per the SLA we will notify clients by email of any outage of prolonged length advising of a guided resolution time along with details of the issue.
Following any outages we follow up via email with a detailed outline of the cause, steps taken to resolve and any future actions advised to ensure this does not occur again.
An account manager will also be in contact for any prolonged issues by email and/or phone.
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
Access to the site is controlled by the role you are assigned, at various contexts that have a set of permissions which control what you can and/or cannot do.
Other restrictions can be put in place by management, organisational or position hierarchy within the application where configured correctly, ensuring users only have access to the information that is appropriate.
For support channels we limit the users who can access this resource by requesting names and email addresses of authorised users on contract initiation.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||Yes|
|Any other security accreditations||ISO27001 security accreditation held by the data centers used|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||No|
|Security governance approach||
Our datacenter and transit provider has ISO27001 security accreditation and we provide Cloud solutions to public sector organisations including high profile security conscious projects to Judicial Institute and Legal Aid Agency. Our platform falls within IL1/2.
We have documented processes and procedures for all items related to security that all required staff are aware of and follow.
|Information security policies and processes||
All data will be held within our secure hosting infrastructure and Synergy Learning are registered data handlers under the Data Protection Act 1998 (registered number: Z2723604). By following our polices and internal procedures, both formal and informal, we ensure we meet the required regulatory compliance, this includes regular review of our policies and procedures.
All items from our IT Information Security Policy are covered in the training of new staff, particular those who would have access to the servers and data. This includes IT Department Responsibilities, Users’ Responsibilities, Software Security Measures, Anti-Virus Security Measures, Hardware Security Measures, Access Security, Data Protection, Internet and Email Use, Reporting IT Security Breaches, Workflows and Implementation of Policy.
All staff report directly to the Head of Technical Services and person responsible for security in the matter of any breaches or concerns.
Whilst no guidelines are currently formally met we intend to formalise policies and procedures in the near future. Informal procedures have been agreed and communicated internally with nominated staff should this incident occur in the meantime.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
A copy of the code-base will be held in the central version control solution (GIT) managed by our development team. All code changes to the solution’s code base are recorded in this repository.
A staff member will be nominated as Release Manager for all software updates to the different logical environments for the solution.
• Compilation of file update packages to each environment
• Co-ordinating testing with the customer
• Creation of release notes indicating functionality and/or faults resolved in the release.
• Tracking of software updates
• Co-ordinating software releases to the production environment
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
We use the most recent, and security supported, version of Operating System and platform code to run our applications. Long Term Support (LTS) versions are installed and in operation where possible, with weekly updates and patching of the services occurring every Wednesday.
For any threats we assess these with the required team and owners and determine what action is required and the prioritisation of any actions.
We collect information from trusted sources, partner sites and official product/service sources.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
We monitor our systems for potential security risks or breaches. A number of tasks are carried out on a daily basis by our networks team with proactive monitoring in place. For system monitoring the default services which are monitored 24/7 are: Server Alive, HTTP/HTTPS, SSH, Disk Usage, CPU, Load Average, Bandwidth and FTP (If applicable).
Staff are aware of our processes and steps in the event of a security incident and these members of staff would be responsible for either direct communication to the client or updating an account manager who will be in close contact with the client immediately.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Where the customer wishes to submit an incident for investigation, a helpdesk is provided by Synergy Learning where tickets are captured in a central location and documented with the client. Tickets can be escalated and all communication is captured within each ticket. A dashboard of all tickets is available as part of our application support and any items escalated appropriately.
Depending on the incident our team will have a pre-defined workflows and information readily available to quickly resolve the incident.
Incident reports, when in breach of SLA or for a prolonged period, are provided as a document to the customer.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£6300 per unit per year|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||Fully active service, with all functionality, for up to 30-days to review key functionality. No download of data is provided after the trial and is permanently deleted following the end of the trial.|
|Pricing document||View uploaded document|
|Terms and conditions document||View uploaded document|