Totara Learn Learning Management System (LMS)
Totara Learn is a Learning Management System (LMS) enhancing organisational e-Learning through adaptive course management, programs and certifications, and tailored learning plans against competency frameworks and requirements. Totara provides a robust and intuitive learning and performance management system catering to the design and delivery of organisations compliance and training needs.
Features
- Create learning programs to structure your courses and certifications
- Learning plans to guide learners through personal development goals
- Responsive and bespoke themes aligned to your organisations branding
- Blended Learning capabilities through face-to-face and virtual classroom training
- Access learning materials on-the-go with the Totara Mobile App
- Gamification through leaderboards, access restrictions and activities
- Assessment including grading, scoring and assignments
- Create surveys to evaluate and provide insight into your courses
- Compliance management with organisational hierarchies and custom reporting
- Segmentation through account and audience management
Benefits
- Create personalised learning experiences for your team
- Adaptive learning through customisation
- Empower learning, training and development in your organisation
- 24/7 x 365 Critical Incident Monitoring
- ISO27001, IS09001 and Cyber Essentials Plus Accredited
- Custom report builder to understand user engagement and progress
- Localisation through language packs, timezones and customisable characters
- Access offline content through the Totara Mobile App
- Create a seamless user experience for learners
- Easy to administer platform reducing admin time
Pricing
£11,500 a unit a year
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
6 7 9 4 7 0 3 0 7 1 4 5 2 6 6
Contact
Titus Learning
Seb Francis
Telephone: 01133 200 346
Email: sales@tituslearning.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Totara Learning Experience Platform (LXP) Totara Engage and Totara Perform.
- Cloud deployment model
-
- Public cloud
- Private cloud
- Service constraints
-
The Totara Learn and e-learning content will work various hardware platforms, but the following is an example of a minimum specification that would be expected to deliver a rich, interactive user experience.
Client-side JavaScript enabled
As e-learning is usually delivered online we would recommend the following bandwidths for internet access:
Minimum bandwidth: 256 kbps
If using video: 512 kbps.
Planned Maintenance will be scheduled with customers at a convenient time/date to prevent disruption of service. - System requirements
- Latest and Current Internet Browser
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Severity 1 - 30 minutes
Severity 2 - 4 business hours
Severity 3 - 1 business day - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- Standard and Enhanced support SLA's are available. Details of which can be found in our product Service Definitions. Support costs are included as standard in all our offerings Each client has a nominated Customer Success Manager
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- The training programme is bespoke, usually consisting of a blend of face-to-face sessions and online training delivered via Totara, available to all users but tailored to their specific role. The online programme is multifaceted, including activities, training resources, webinars and instructional video.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- At the end of the contract, Titus will extract and securely transfer to the customer a full backup of the Totara database and any associated user data in a format which allows them to transfer the platform to a new supplier or deploy and manage it in house.
- End-of-contract process
- Full handover of data as described above is included, as well as decommissioning hosting infrastructure. Should any further services be required after the end of the contract they would be chargeable as per the SFIA Rate Card.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
Unlike browsers in which support is focused to specific vendor offerings, mobile device support looks at how the Totara Learn product works on mobile devices in general.
Totara Learn already includes several mobile specific features and we try to ensure that the product is usable both on traditional computers and on mobile devices. Areas such as navigation, expandable/collapsible sections, and actions should all work with both traditional and mobile controls. There are also responsive themes provided with Totara that will re-flow for smaller resolutions to give the best possible user experience. - Service interface
- No
- User support accessibility
- None or don’t know
- API
- Yes
- What users can and can't do using the API
-
Our integration capability (excluding plugins) is now determined by two main factors, through Workato:
1. Our external GraphQL API framework: whether we have made it possible to access the data required on the Totara side to feed into the integration
2. Workato’s app integrations: whether Workato has a pre-built connector to the application you want to integrate with Totara (or an easy way to allow you to build your own connector)
We have invested heavily in our external GraphQL API framework and now have 25 available actions that can be used. We
will continue to invest in our external API framework. This API framework can be leveraged for native integrations
as well.
Workato has over a thousand pre-built app connectors. Even if a pre-built connector is not available in Workato’s public library, they have a number of tools that can help you build a connector quickly and easily. - API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Customise your site's appearance to reflect the needs of your organisation by editing the theme, adding blocks, and customising the front page. When users log in to your site they will see either a dashboard or the front page, depending on the setup of your site. The front page is the default landing page for all users logged into your site, whereas dashboards can be tailored and restricted to only a particular audience. In addition to the different sections of your site, you can customise features such as the navigation bar and site administration menu, making it easier for your users to find what's important to them.
Scaling
- Independence of resources
- Titus uses AWS Elastic File Service, which automatically scales horizontally by adding unlimited storage in 10GB increments as required and vertically by scaling or bursting the network throughput as the amount of data to be transferred increases. Amazon EC2 uses Xen virtualisation for all server instances.
Analytics
- Service usage metrics
- Yes
- Metrics types
- The Statistics block allows managers to view information about how their team members have used the Totara site over the last 30 days. Information includes: Show count of users who have spent a certain number of hours online, Show count of courses that have been started, Show count of courses that have been completed, Show count of competencies that have been achieved, Show count of objectives that have been achieved.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Totara
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- In-house
- Protecting data at rest
- Physical access control, complying with CSA CCM v3.0
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
You can create and manage different export types to decide which contain a list of data items that will be exported when a user requests an export of their own data, and an export task is run to produce a file containing this data.
Users will only be able to export their own data and not that of others. When creating an export type, User exporting own data has to be selected to make the type available for use. - Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
- Data import formats
-
- CSV
- ODF
- Other
- Other data import formats
Data-in-transit protection
- Data protection between buyer and supplier networks
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- Guaranteed availability: 99.9% annually with 99.99% also available at additional cost. We do not provide service credits where availability is less than this, but clients are entitled to terminate due to breach of contract in that event.
- Approach to resilience
- The AWS architecture is designed to be disaster resistant by using a Multi Availability Zone (AZ) setup, so that in the event of a disaster in one AZ, the system would still function. Database read replicas will be implemented to provide backup copies of the db in the event of the master failing, and AWS Snapshot Manager will be used to take snapshots of the web server and database automatically and to retain a certain number of agreed snapshots e.g. last 7 days. The backups facilitate disaster recovery in the unlikely event that all servers are compromised by recovering from server and database snapshots.
- Outage reporting
- AWS Cloudwatch logging is implemented to provide a monitoring dashboard and raise alerts based on specified metrics and thresholds allowing action to be taken before services are affected. Different notification methods can be implemented including API, email or SMS alerts as well as dashboard displays, which ensure immediate attention by the Titus helpdesk/support team by which appropriate remedial action will be taken.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- Employees are given access to client Totara sites and client server infrastructure on an as-needed basis by their line manager. Access is granted using a password management tool.
- Access restriction testing frequency
- Less than once a year
- Management access authentication
-
- 2-factor authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Approachable Certification
- ISO/IEC 27001 accreditation date
- 08/12/2022
- What the ISO/IEC 27001 doesn’t cover
- N/A
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Titus has a named Director who acts as the chief security officer, and oversees our working relationships with Moodle, Amazon Web Services, our suppliers and partners as well as our internal processes. We take information security seriously, and incorporate it into company policies and procedures which are regularly audited in line with ISO 27001 standards.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Hardware and software versions are tracked in our server information database and regularly checked to ensure that supported versions are in use. Information is collected on the system to be changed, such as security components and network architecture, to gain a full picture of the current system. Threats that may result from the change are assessed for likelihood and impact, giving a visualisation of the severity of the threat. We create a change plan and communicate this to involved parties along with required actions such as server reboots. Post change, we analyse the process to identify areas for future improvement.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Potential threats are assessed on a number of criteria - the age of the vulnerability, importance of the target system, skills required to exploit the vulnerability, and potential damage caused by exploitation. Patches are prioritised by severity - a patch deemed critical will be deployed without delay. Otherwise, patches are deployed to our servers on a monthly basis, with end-users informed in cases where downtime is required. Our Network Vulnerability Tests come from the Greenbone Security Feed, and are used in vulnerability scanning to determine server vulnerability. We also examine software release notes and security vulnerability reports for potential vulnerabilities.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Potential compromises are identified through monitoring services (EG: Cloudwatch, New Relic, SIEM software) and investigated by our tech team. Potential compromises are assessed for impact and likelihood and prioritised accordingly. They are then assigned to our technical operations team for investigation and remediation. We aim to respond to such incidents within an hour and resolve the incident within 24 hours.
- Incident management type
- Supplier-defined controls
- Incident management approach
- Common events (e.g. loss of connection to server, disk space shortage) have pre-defined processes the tech team follows to resolve them. There are a number of channels for users to report incidents, including email, web portal and telephone. Incidents are reported on in daily team briefings, retrospectively to end-users in root-cause analysis reports, and users are proactively warned of future downtime or security issues through email notifications. Depending on the severity of the incident, it will be resolved within a set period of time, with automated monitoring systems alerting staff to incidents that are approaching their resolution target.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Equal opportunity
- Wellbeing
Fighting climate change
Titus is committed to achieving Net Zero emissions by 2050 in accordance with Government Guidance and has a Carbon Reduction plan in place to manage this process. We run a cycle-to-work scheme where employees can claim funding for bicycles, and we encourage train over car travel. We are a digital-first business, and we minimise in-person meetings - using video conferencing wherever possible. We have a staff-led hybrid and remote working policy to reduce commuting and a salary sacrifice scheme for employees to purchase electric vehicles. In updating our Carbon Reduction Plan (CRP) to align with Crown Commercial Service (CSS) GCloud-14, demonstrates our commitment to embedding ESG, including carbon reduction, into our contract delivery. Our CRP, which includes Scope 1, 2, and 3 emissions, is published as part of our CCS award and listing, showcasing our dedication to meeting UK government procurement guidelines for environmental stewardship. Currently, we're enhancing our CRP with more accurate activity-based calculations and primary data, aiming for compliance with advanced standards like the GHG Protocol and ISO 14064-1, reflecting our ongoing pursuit of environmental excellence in public sector engagements.Equal opportunity
As a certified B Corp, Titus has an on-going commitment to integrating social value and EDI in every aspect of our operations, extending to our value chain and into the specific performance of our client solutions. We conscientiously embed EDI in every phase of our project lifecycle, from understanding the organisations specific requirements, user groups, user journeys in the Discovery phase to the continuous practice of our EDI and social value initiatives in the Review and Improvement phase. Our strategy includes developing EDI-aligned solutions that quite naturally align to software concepts such as a ‘by design philosophy’ and Accessibility features, ensuring inclusive and accessible functionality in the LMS solution design, and thorough testing to validate the effectiveness of the solution through an EDI lens. The aim is to roll out an LMS that not only serves our customers' end users, but also exemplifies our commitment to social value, offering potential collaboration opportunities to extend these benefits to wider community demographics. As an accredited Investors in People business we ensure that we invest in our team and provide opportunities for learning inside and outside of the workplace. We provide an annual training budget for all members of the team supported by a personal development plan. We also provide a budget for the team to develop new skills outside of the workplace. We’re also proud to be an accredited Living Wage Employer from the Living Wage Foundation. We conduct yearly benchmarking of our teams’ salaries across the business which is supported by a yearly increase following a performance review to ensure our staff are financially compensated for their hard work and delivering a quality service for our clients.Wellbeing
Titus’ values include People First, evidenced by Investors in People accreditation and, most recently, BCorp certification.
We support a culture of wellbeing; we have a remote first working policy, all staff are provided with healthcare plans, >20% of the workforce are trained mental health first aiders and colleagues are encouraged to lead and participate in wellbeing activities such as yoga sessions, book and music clubs, regular team walks and inviting speakers to talk to us about health and wellbeing. This extends into the local community with staff regularly supporting local wellbeing initiatives and charities, including Mind in Bradford.
Our BCorp status was achieved at the first attempt and cements our mission to improve the world through learning. We endeavour to work with other BCorps and suppliers who share our ‘people over profit’ values, and we deliberately seek to partner with customers who also fit this profile; one of our key target verticals being the not-for-profit sector.
Our core products can be leveraged to create supportive and positive learning environments, promoting good mental health and wellbeing. With tools and features such as forums and collaboration areas, users are encouraged to work together, fostering a sense of community and belonging. And, of course, resources such as videos and articles can be added to the platforms ensuring users have access to training, encouraging self-care. We also build our product enhancements with accessibility in mind, ensuring we meet the latest WCAG guidelines, and user experience is central to all development decisions.
Underpinning our products is a robust service wrapper, delivered by people to people. By investing in the wellbeing of our staff, the customer receives support from a resilient and positive team focussed on success for the customer, reducing friction and negating issues.
Pricing
- Price
- £11,500 a unit a year
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- Demonstration Portal available upon request.