LEO Consulting & Professional Services including Moodle
LEO’s tools-agnostic approach means that our experts recommend the correct tools and technologies to support your goals.
Whether it’s getting the most out of your current tools, selecting new ones or building your learning ecosystem, LEO Learning can help. We specialise in Moodle, Mahara and Alfresco in the Defence sector.
Features
- Capture product requirements
- Evaluate current technology landscape
- Strategy design
- Implementation of bespoke solutions
- Deployment, maintenance and support
- Integration across a range of systems
Benefits
- Market leader in Learning Technology
- Revolutionize your learning technology landscape
- Deliver change at unprecedented speed and scale
- Deliver measurable business results
- Dedicated Defence team
Pricing
£1,000 a unit a day
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
7 4 9 4 9 5 8 2 9 5 8 6 5 1 6
Contact
Leo Learning Ltd
Sean Nugent
Telephone: 01273468889
Email: lxbidteam@gpstrategies.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- N/A
- System requirements
- N/A
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Monday to Friday UK time, between 9.00 a.m. and 5.30 p.m. excluding Bank Holidays and the week between Christmas and New Year.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AAA
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- No matter the size or scale of your project, we can offer our very own technical support and maintenance team. LEO provides expert technical assistance across a wide range of learning web applications and integrations.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- LEO can work to varied client requirements, including any necessary training, support and documentation for bespoke learning web applications that can be tailored subject to specification.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- We would provide a full site copy for data to be extracted.
- End-of-contract process
- Should you wish to transfer your site to another provider for hosting/maintenance/future updates, we will provide all documentation relating to the site and assist in the transfer process. Should we need to provide additional training to the new supplier or the client, this would incur an additional charge.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- LEO can work to varied client requirements, including building bespoke learning web applications and integrations that can be tailored for mobile devices.
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- LEO can work to varied client requirements, including building bespoke learning web applications and integrations interfaces that can be tailored subject to specification.
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- LEO can work to varied client requirements, including compliance with the WCAG 2.1 AA standard for bespoke learning web applications that can be tailored subject to specification.
- API
- Yes
- What users can and can't do using the API
- LEO can work to varied client requirements, including the creation, customisation and documentation of API's for bespoke learning web applications that can be tailored subject to specification.
- API documentation
- Yes
- API documentation formats
-
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- LEO can work to varied client requirements, including necessary customisations to branding/look and feel, implementation of plugins, gamification, custom reports and enhanced functionality and features. for bespoke learning web applications that can be tailored subject to specification.
Scaling
- Independence of resources
- LEO can work to varied client requirements, including scaling the team size to meet the demand of our clients.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Should we provide hosting and support for your platform, we provide reports on performance, support tickets and site availability.
- Reporting types
- Regular reports
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- Less than once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- User data can be exported in CSV format.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
The Hosting Services under this agreement will provide 24/7 uptime, with a minimum of 99.5% availability per calendar year (excluding reasonable and scheduled maintenance periods). Uptime is defined as the Website being accessible and fully usable from a site that is physically different to the one that hosts the Website.
If the Website is unavailable beyond this 0.5 percent period by the cause or fault of LEO (or its suppliers) then, by means of the Client’s sole remedy, LEO shall provide a service credit of four (4) hours free Hosting Services at the end of the term of this agreement for each subsequent 30 minutes that the Website is not accessible.
The maximum service credit in respect of any single 24-hour period of non-availability is 48 hours of free Hosting Services at the end of the term of this agreement. The maximum service credit arising under this contract shall not exceed 12 weeks.
A standard server design will not cater for large User Surges. LEO has designed the Client’s specific server configurations such that User Surges should not have an impact on user experience, but any foreseeable Website User Surges should be communicated to LEO in advance. - Approach to resilience
- Our hosted platforms have a 99.5% availability target as a standard part of our service level agreement.
- Outage reporting
- Outages are reported via email alerts.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Username or password
- Other
- Other user authentication
- Whitelisted self-registration - e.g. using a specific email domain, such as @leolearning.com
- Access restrictions in management interfaces and support channels
- Moodle has an extensive and extendable roles and permission system including providing access to specific reports to specific individuals or roles.
- Access restriction testing frequency
- Less than once a year
- Management access authentication
- Identity federation with existing provider (for example Google Apps)
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- Hosting service provided by AWS (subprocessor) who are ISO-27001 certified
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- Cyber Essentials
- Information security policies and processes
-
Our Information Security policy is the responsibility of the IT management team and is carefully monitored on an ongoing basis to ensure compliance with regulations (e.g. GDPR and the Data Protection Act). Key points from the policy and procedures include:
• Staff must undertake mandatory training annually to ensure they are aware of potential security threats and concerns and are able to support the security policy in the course of their work
• Any member of staff suspecting an incident involving LEO's IT/IS Security must immediately report their concerns to the Systems Manager who will assess any immediate action required to protect both LEO/Client data and reputations, and inform the Head of Information Security
•In order to identify potential Information Security breaches, LEO reserves the right to monitor all external and internal communications and access to the LEO network, intranet and the internet, where the property of LEO is used in the communication or is accessed remotely from outside LEO
• All systems have security products installed to protect against unauthorised entry
• All systems are protected by passwords, especially those permitting updates to data
• All servers use encryption technology
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Changes to systems within the development lifecycle are controlled by:
* Ensuring changes are submitted by authorised users.
* Ensuring authorised users accept changes prior to implementation;
* History of all events is maintained and old versions retained for reference purposes.
Most systems are also configured using Puppet, and Continuous Deployment services (Jenkins) which provide a standard way of delivering and operating software, no matter where it runs. This automated solution provides visibility and reporting when we need to make decisions and prove compliance. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Most systems are configured for Automatic Security Updates and patch deployment. LEO periodically carries out a vulnerability assessment of our corporate offices as part of the Cyber Essential PLUS certification process.
We use an automated patch management system. Patching is done 3 times per week. This includes operating system and application support. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Depending upon need, we can set up web application firewalls and enhanced protective monitoring tools to block potential attacks to a site.
We also regularly apply released security patches to keep the platform up to date against known vulnerabilities.
In the event of a compromise our estimated maximum time to restore is 1 day. - Incident management type
- Supplier-defined controls
- Incident management approach
-
We have monitoring tools that pick up whether a site is likely to become or has become unavailable. We then investigate this after we receive an alert.
Users can also report incidents by phone, ticketing system, or email depending upon the support services supplied.
Communications are sent via our support service desk to the confirmed client contact(s), including incident reports to an agreed SLA.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
LEO is committed to reducing the direct environmental impacts of our operations. We conduct our own activities and operations to reflect best environmental practice. Our parent company, LTG, is EcoVadis certified, which covers Environment, Labor & Human Rights, Ethics, and Sustainable Procurement.
We have introduced numerous initiatives to restrict our negative impact on the environment and carbon footprint wherever possible. Our commitments include:
- Minimising the generation of waste, resources consumption and preventing pollution as much as possible
- Optimally using resources and re-using materials wherever possible
- Actively promote recycling both internally and among customers and suppliers
- Promote environmental awareness among all our staff and encourage their involvement and suggestions
The nature of LTG’s activities is based on an office environment and in the UK we place particular emphasis on recycling to reduce single-use plastics. In 2020, our Brighton office alone recycled 1330kg of materials; a total of 1,912kg of CO2 saved. As our products are digital, the environmental footprint for our supply chain for our products is minimal.
In addition, LTG has recently streamlined its energy and carbon reporting and policies, including developing a method for tracking our carbon footprint. - Covid-19 recovery
-
Covid-19 recovery
Across the Learning Technologies Group (LTG) we have supported a number of stakeholder groups handle and recover from the impact of COVID-19, as detailed below:
LEO: Helping clients digitise learning
At the start of the COVID-19 pandemic organisations immediately recognised that they would need to rapidly switch from face-to-face training delivery to virtual and digital delivery wherever possible. LEO provided resources, including free to download eBooks, and conducted expert-led webinars to enable organisations to adapt to this change and continue to deliver impactful interventions digitally - meaning their employees could stay connected with their peers and remain up to date with training in the flow of work, all from their homes.
LEO & Instilled: Rapid deployment of Learning Experience Platform (LXP)
In March 2020, we were approached by Resuscitation Council UK (RCUK) to help them to provide critical e-learning resources that will be used in the fight against COVID-19. In just four days we delivered content to 150k learners re-entering the workforce to respond to COVID. A six-month licence for the LXP was provided to RCUK free of charge. The content was built using the Gomo authoring tool and adapted from existing RCUK Resuscitation course material. Tweaks were made as appropriate, to make the content relevant to returning professional clinicians and COVID-19 specifically.
Bridge: An LMS to aid with the rapid training of NHS nurses.
Our client within the NHS had been heavily focused on helping recently qualified doctors become fast tracked in their training in order to more quickly join the fight against COVID-19 at UK hospitals. They needed to supplement the face-to-face training of doctors and specialists with easy-to-use online learning. The client has used the Bridge LMS to create COVID-19 related training for doctors, specialists, and other healthcare workers fighting the pandemic on the front lines. - Tackling economic inequality
-
Tackling economic inequality
LEO, as part of LTG, has always supported internships and apprenticeships. We have people in senior roles who came to work with us through these schemes. We have adopted the new apprenticeship scheme and have already used it to hire an IT apprentice for one of our London offices.
We always choose interns who are local to the area and with specific interests that we can nurture and they can contribute. For example, we recently had an intern in our Sheffield office for the summer shadowing our Quality, Health & Safety and Environmental Manager. She had an interest in Wellness and we have captured her feedback in relation to integrating aspects of her contribution into one of our Health and Safety policies. - Equal opportunity
-
Equal opportunity
LTG is committed to creating a culture that embraces and celebrates people’s differences.
We believe that organisations should embrace their workforces as they are, and we continually review how we ourselves can best promote and advance a culture in which all our staff feel comfortable being themselves in the workplace.
We are proud of what we have achieved to promote equality, diversity and inclusion and employee wellness across LTG. Recent initiatives include the launch of our employee wellness programme, D&I survey, and employee resource groups (ERGs) which allow employees to voice concerns, solve problems and feed into our diversity and inclusion strategy.
We continuously update our policies to reflect our employee’s needs, any organisational changes and the needs of our clients.
Recruitment
At LTG, all hiring, performance management, and promotions are determined solely based upon the merit of the individual’s application and/or performance. All hiring managers are fully briefed on LTG’s approach to equal opportunities and diversity. At a practical level this means all staff should be treated, and treat others, with dignity and respect and that a zero-tolerance approach is taken to inappropriate behaviours, marginalising, stereotyping, etc. in any shape or form. This includes when conducting interviews and hiring subcontractors/choosing suppliers. - Wellbeing
-
Wellbeing
An important part of our Corporate Social Responsibility (CSR) strategy is taking care of our people. This includes the following:
Employee wellness programme - the programme is called Let's Talk and focuses on a number of areas: Mental health; Physical health; Health and safety; Personal development; Social connections, and Social contributions.
Diversity and inclusion - we believe that the diversity of our workforce is a key point of strength, making the group a more vibrant and dynamic place to work. We continually review how we can best promote and advance a culture in which all staff feel comfortable being themselves in the workplace.
Communication and staff surveys - we communicate with our staff on a regular basis keeping them informed of business activities, changes in practices and procedures, and business performance. In response to the COVID-19 pandemic we increased our communications through regular pulse surveys, holding the senior management team accountable to provide action on any issues that arise.
Employee Assistance Programmes - in the US and UK we provide staff with support in a range of areas, including well-being support, financial advice and legal advice
Professional development - we have in place a talent management system - ‘Aspire’ - for career development, goal setting and progression at LTG.
Pricing
- Price
- £1,000 a unit a day
- Discount for educational organisations
- No
- Free trial available
- No