Moodle is an off-the-shelf, open source learning management system which we can provide a fully managed service for.
- A fully responsive, multi-device experience
- A seamless learner experience
- An LMS uniquely tailored to your organisation
- Easy and automated course enrolment
- Digital badges to incentivise learners
- Social learning
- Cost effective - no licence or subscription fees
- Robust and secure
- Scalable: used by organisations with hundreds of thousands of users
- Configurable: Core features can be enabled/disabled as required
- SCORM 1.2 certified
- Rapid innovation - new releases every 6months
- Open source - Moodle is constantly being reviewed and updated
£31500 per unit
Leo Learning Ltd
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Our standard support hours are 9am – 5.30pm Monday to Friday
Extended support hours of 8am – 8pm are also available.
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
No matter the size or scale of your project, we can offer our very own technical support and maintenance team – the LEO Service Desk. The Service Desk provides expert technical assistance across a wide range of technologies, from e-learning and portals to intranets and e-commerce sites.
The Service Desk offers the following high quality support:
1st line support for end users
2nd line support for site administrators
3rd line support for site maintenance
We can tailor support packages to your individual needs. If you require support for your users and administrators, or need the reassurance of a site maintenance plan, the Service Desk is on hand to help.
|Support available to third parties||Yes|
Onboarding and offboarding
As part of every LMS implementation we deliver a one day training package, split into two sessions. These can be online or face-to-face sessions, or a blend of both.
Our preferred method is for an initial half day training session prior to site launch that focuses on course creator training. This enables your administrators and core team to understand how to manage courses and content within the portal.
We then conduct a second administrator training workshop in order to ensure that you are as autonomous as possible following site launch.
In addition, we can provide an FAQ area for users, and we offer first line and second line support.
|End-of-contract data extraction||We would provide a full site copy for data to be extracted.|
|End-of-contract process||Should you wish to transfer your site to another provider for hosting/maintenance/future updates, we will provide all documentation relating to the site and assist in the transfer process. Should we need to provide additional training to the new supplier or the client, this would incur an additional charge.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||
Moodle provides a consistent experience across all device types. Course layout changes between screen sizes - any top level navigation becomes available by clicking on the menu button. All blocks automatically move beneath the main content so that the most important information is available on-screen, rather than forcing users to scroll down in search of the information they need.
Moodle seamlessly creates a multi-device environment for online learning.
|Accessibility standards||WCAG 2.0 AA or EN 301 549|
|Accessibility testing||LEO's QA department has extensive experience testing using assistive technologies, including confirming to AA standards and using screen readers such as JAWS. We regularly engage with our clients who have assistive technology requirements to test our systems and products.|
|What users can and can't do using the API||Moodle contains a full set of web service functions that can be called using either REST or SOAP. These web service functions are secured by encryption as well as being able to assign access to specific functions at user level. If a web service function that meets your requirements does not already exist, a new one can easily be created.|
|API documentation formats||HTML|
|API sandbox or test environment||Yes|
|Description of customisation||LEO can customise the service on your behalf. There are a wide range of possible customisations including branding/look and feel, implementation of plugins, gamification, custom reports and enhanced functionality and features.|
|Independence of resources||The hosting team receive alerts in periods of demand and will monitor and adjust the service as required.|
|Service usage metrics||Yes|
|Metrics types||Should we provide hosting and support for your platform, we provide reports on performance, support tickets and site availability.|
|Reporting types||Regular reports|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||Less than once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||User data can be exported in CSV format.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||IPsec or TLS VPN gateway|
Availability and resilience
The Hosting Services under this agreement will provide 24/7 uptime, with a minimum of 99.5% availability per calendar year (excluding reasonable and scheduled maintenance periods). Uptime is defined as the Website being accessible and fully usable from a site that is physically different to the one that hosts the Website.
If the Website is unavailable beyond this 0.5 percent period by the cause or fault of LEO (or its suppliers) then, by means of the Client’s sole remedy, LEO shall provide a service credit of four (4) hours free Hosting Services at the end of the term of this agreement for each subsequent 30 minutes that the Website is not accessible.
The maximum service credit in respect of any single 24-hour period of non-availability is 48 hours of free Hosting Services at the end of the term of this agreement. The maximum service credit arising under this contract shall not exceed 12 weeks.
A standard server design will not cater for large User Surges. LEO has designed the Client’s specific server configurations such that User Surges should not have an impact on user experience, but any foreseeable Website User Surges should be communicated to LEO in advance.
|Approach to resilience||Our hosted platforms have a 99.5% availability target as a standard part of our service level agreement.|
|Outage reporting||Outages are reported via email alerts.|
Identity and authentication
|User authentication needed||Yes|
|Other user authentication||Whitelisted self-registration - e.g. using a specific email domain, such as @leolearning.com|
|Access restrictions in management interfaces and support channels||Moodle has an extensive and extendable roles and permission system including providing access to specific reports to specific individuals or roles.|
|Access restriction testing frequency||Less than once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||Cyber Essentials|
|Information security policies and processes||
Our Information Security policy is the responsibility of the IT management team and is carefully monitored on an ongoing basis to ensure compliance with regulations (e.g. GDPR and the Data Protection Act). Key points from the policy and procedures include:
• Staff must undertake mandatory training annually to ensure they are aware of potential security threats and concerns and are able to support the security policy in the course of their work
• Any member of staff suspecting an incident involving LEO's IT/IS Security must immediately report their concerns to the Systems Manager who will assess any immediate action required to protect both LEO/Client data and reputations, and inform the Head of Information Security
•In order to identify potential Information Security breaches, LEO reserves the right to monitor all external and internal communications and access to the LEO network, intranet and the internet, where the property of LEO is used in the communication or is accessed remotely from outside LEO
• All systems have security products installed to protect against unauthorised entry
• All systems are protected by passwords, especially those permitting updates to data
• All servers use encryption technology
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Changes to systems within the development lifecycle are controlled by:
* Ensuring changes are submitted by authorised users.
* Ensuring authorised users accept changes prior to implementation;
* History of all events is maintained and old versions retained for reference purposes.
Most systems are also configured using Puppet, and Continuous Deployment services (Jenkins) which provide a standard way of delivering and operating software, no matter where it runs. This automated solution provides visibility and reporting when we need to make decisions and prove compliance.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
Most systems are configured for Automatic Security Updates and patch deployment. LEO periodically carries out a vulnerability assessment of our corporate offices as part of the Cyber Essential PLUS certification process.
We use an automated patch management system. Patching is done 3 times per week. This includes operating system and application support.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Depending upon need, we can set up web application firewalls and enhanced protective monitoring tools to block potential attacks to a site.
We also regularly apply released security patches to keep the platform up to date against known vulnerabilities.
In the event of a compromise our estimated maximum time to restore is 1 day.
|Incident management type||Supplier-defined controls|
|Incident management approach||
We have monitoring tools that pick up whether a site is likely to become or has become unavailable. We then investigate this after we receive an alert.
Users can also report incidents by phone, ticketing system, or email depending upon the support services supplied.
Communications are sent via our support service desk to the confirmed client contact(s), including incident reports to an agreed SLA.
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£31500 per unit|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|