Moodle Learning Management System (LMS)
Moodle LMS is designed to allow educators and training managers from all sectors to deliver learning online. Moodle LMS enables staff and students to take courses, sit assignments and see progress. Using Moodle you can create blended and self-directed courses and a customised eLearning platform tailored to your organisation's branding.
Features
- Fully customisable site design and layout with your branding
- Collaborative tools and activities including forums, wikis, glossaries and more
- Embed H5P content in Moodle enabling interactive presentations and more
- Gamification features through additional plugins
- All-in-one Calendar to track course dates, assignments, deadlines, group meetings
- Bespoke training programme blending face to face and remote sessions
- Customisable reporting including management and user dashboards
- Utilise Moodle's Plugin Directory to extend functionality further
- 24/7x365 Support for Critical Incidents
- Compatible with Storyline, Rise, Captivate, SCORM, xAPI/TinCan, H5P, and more
Benefits
- Manage your learners and their progress through a central platform
- ISO27001, IS09001 and Cyber Essentials Plus Accredited
- Offline content available through the Premium Moodle Mobile App
- Increase learner engagement through a wide range of activities
- Sleek and modern theme design enhancing your organisation's brand
- Open-source and fully customisable platform through integrations and plugins
- Foster and promote remote collaboration through group activities
- Responsive and accessible design allows for easy navigation
- Generate revenue through Moodle via eCommerce integrations
- Fully portable between Mobile, Tablet, and Desktop
Pricing
£8,000 a unit a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
8 5 3 0 6 1 0 9 6 5 6 2 0 3 5
Contact
Titus Learning
Seb Francis
Telephone: 01133 200 346
Email: sales@tituslearning.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
-
Moodle version upgrades will be discussed with the client in advance so this can be carefully planned in and a maintenance schedule is put in place. We aim to keep the downtime to approximately 1 hour and try to schedule a feasible time for both client and Titus.
Any patches that need to be deployed due to vulnerability checks in place will result in zero downtime.
Our solution will support Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Edge on desktop, as well as Mobile Safari and Google Chrome on mobile devices. - System requirements
-
- Internet Access
- Current Web/Mobile Browser
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Severity 1 - 30 minutes
Severity 2 - 4 business hours
Severity 3 - 1 business day - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Standard and Enhanced support SLA's are available. Details of which can be found in our product Service Definitions.
Support costs are included as standard in all our offerings
Each client has a nominated Customer Success Manager - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
The solution is designed to offer an intuitive interface with minimal onboarding time, allow self service for basic user tasks such as password resets, and provide contextual links to help topics including FAQs or forums.
The training programme is bespoke, usually consisting of a blend of face-to-face sessions and online training delivered via Moodle, available to all users but tailored to their specific role. The online programme is multifaceted, including activities, training resources, webinars and instructional video. - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- At the end of the contract, Titus will extract and securely transfer to the customer a full backup of the Moodle database and any associated user data in a format which allows them to transfer the platform to a new supplier or deploy and manage it in house.
- End-of-contract process
- Full handover of data as described above is included, as well as decommissioning hosting infrastructure. Should any further services be required after the end of the contract they would be chargeable as per the SFIA Rate Card.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- The Moodle interfaces use HTML5 and are designed and tested to ensure that they are fully responsive and automatically resize/reflow for tablet or mobile devices. For the best mobile user experience we recommend the use of the free Moodle Mobile app which is available for iOS and Android devices via their respective application stores, or the paid for branded Moodle Mobile App, details of which can be found in our pricing schedule.
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- The Moodle platform is a complex system with many parts. Its code is always evolving. Modules can be enabled and disabled. The interface can be heavily customised using themes and thousands of settings. Actual content can be produced by any teacher or any student.
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- Part of the process when building new code in Moodle is to follow established best practices and part of the process for accepting new code into core is to test pages carefully and gather feedback from experts.
- API
- Yes
- What users can and can't do using the API
-
Users of our API have the power to revolutionise their interaction with their Learning Management System (LMS). Through our API, users can effortlessly access and manipulate data within their LMS site, streamlining administrative tasks and enhancing efficiency. Setting up the service is straightforward for those well-versed in technical language and API functionality. With a good technical understanding of widely used API methodology and internal systems, users can utilise the comprehensive guide provided with the API to navigate its features seamlessly. Authentication is a straightforward process, as users simply need to include a Bearer Token in the header of their request, which can be generated by a Moodle administrator.
Once authenticated, users can access data in the JSON format, leveraging familiar terms like webservices and endpoints. Our API provides flexibility, allowing users to cherry-pick the endpoints that align with their specific data requirements. Whether users seek to retrieve information or enact changes within their LMS, the API offers a dynamic platform for both endeavours.
However, it’s important to note that the API doesn’t automatically integrate data into users’ systems. Users must utilise the API in conjunction with their chosen system(s), configuring the data format (JSON) to suit their needs. - API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Moodle can be configured to allow users the capability to perform varying levels of customisation (or not). Permissions set by role (e.g. administrator, course leader, learner, etc) define whether an individual may customise elements of the Moodle experience. Customisation can include the layout of personal dashboards, the reporting available, the visual theme of the interface, etc.
Scaling
- Independence of resources
- Titus uses AWS Elastic File Service, which automatically scales horizontally by adding unlimited storage in 10GB increments as required and vertically by scaling or bursting the network throughput as the amount of data to be transferred increases. Amazon EC2 uses Xen virtualisation for all server instances.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Within Moodle, reporting is available via a dashboard, as well as by exporting customisable reports. The information reported can be tailored to the role of the user. Customer administrators have full access to all Moodle logs, including access and usage data. Customers also have access to dashboard reports on service usage from AWS (hosting/infrastructure). Specific metrics to be made available are agreed with the individual customer during project initiation.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Moodle
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- In-house
- Protecting data at rest
- Physical access control, complying with CSA CCM v3.0
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
At a user level, options for data export are provided within the platform, allowing data to be selected using a variety of criteria (date ranges, user groups, roles, etc) and in a variety of formats.
At a site level, exports of the entire Moodle database are provided by Titus via secure file transfer. - Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- JSON
- HTML
- Data import formats
-
- CSV
- ODF
- Other
- Other data import formats
-
- JSON
- HTML
Data-in-transit protection
- Data protection between buyer and supplier networks
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
-
Guaranteed availability: 99.9% annually with 99.99% also available at additional cost.
We do not provide service credits where availability is less than this, but clients are entitled to terminate due to breach of contract in that event. - Approach to resilience
-
The AWS architecture is designed to be disaster resistant by using a Multi Availability Zone (AZ) setup, so that in the event of a disaster in one AZ, the system would still function.
Database read replicas will be implemented to provide backup copies of the db in the event of the master failing, and AWS Snapshot Manager will be used to take snapshots of the web server and database automatically and to retain a certain number of agreed snapshots e.g. last 7 days. The backups facilitate disaster recovery in the unlikely event that all servers are compromised by recovering from server and database snapshots. - Outage reporting
-
AWS Cloudwatch logging is implemented to provide a monitoring dashboard and raise alerts based on specified metrics and thresholds allowing action to be taken before services are affected.
Different notification methods can be implemented including API, email or SMS alerts as well as dashboard displays, which ensure immediate attention by the Titus helpdesk/support team by which appropriate remedial action will be taken.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- Employees are given access to client Moodle sites and client server infrastructure on an as-needed basis by their line manager. Access is granted using a password management tool.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Approachable Certification
- ISO/IEC 27001 accreditation date
- 08/12/2022
- What the ISO/IEC 27001 doesn’t cover
- N/A
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Titus has a named Director who acts as the chief security officer, and oversees our working relationships with Moodle, Amazon Web Services, our suppliers and partners as well as our internal processes. We take information security seriously, and incorporate it into company policies and procedures which are regularly audited in line with ISO 27001 standards.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Hardware and software versions are tracked in our server information database and regularly checked to ensure that supported versions are in use. Information is collected on the system to be changed, such as security components and network architecture, to gain a full picture of the current system. Threats that may result from the change are assessed for likelihood and impact, giving a visualisation of the severity of the threat. We create a change plan and communicate this to involved parties along with required actions such as server reboots. Post change, we analyse the process to identify areas for future improvement.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Potential threats are assessed on a number of criteria - the age of the vulnerability, importance of the target system, skills required to exploit the vulnerability, and potential damage caused by exploitation.
Patches are prioritised by severity - a patch deemed critical will be deployed without delay. Otherwise, patches are deployed to our servers on a monthly basis, with end-users informed in cases where downtime is required.
Our Network Vulnerability Tests come from the Greenbone Security Feed, and are used in vulnerability scanning to determine server vulnerability. We also examine software release notes and security vulnerability reports for potential vulnerabilities. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Potential compromises are identified through monitoring services (EG: Cloudwatch, New Relic, SIEM software) and investigated by our tech team.
Potential compromises are assessed for impact and likelihood and prioritised accordingly. They are then assigned to our technical operations team for investigation and remediation.
We aim to respond to such incidents within an hour and resolve the incident within 24 hours. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Common events (e.g. loss of connection to server, disk space shortage) have pre-defined processes the tech team follows to resolve them.
There are a number of channels for users to report incidents, including email, web portal and telephone.
Incidents are reported on in daily team briefings, retrospectively to end-users in root-cause analysis reports, and users are proactively warned of future downtime or security issues through email notifications.
Depending on the severity of the incident, it will be resolved within a set period of time, with automated monitoring systems alerting staff to incidents that are approaching their resolution target.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Equal opportunity
- Wellbeing
Fighting climate change
Titus is committed to achieving Net Zero emissions by 2050 in accordance with Government Guidance and has a Carbon Reduction plan in place to manage this process. We run a cycle-to-work scheme where employees can claim funding for bicycles, and we encourage train over car travel. We are a digital-first business, and we minimise in-person meetings - using video conferencing wherever possible. We have a staff-led hybrid and remote working policy to reduce commuting and a salary sacrifice scheme for employees to purchase electric vehicles.
In updating our Carbon Reduction Plan (CRP) to align with Crown Commercial Service (CSS) GCloud-14, demonstrates our commitment to embedding ESG, including carbon reduction, into our contract delivery. Our CRP, which includes Scope 1, 2, and 3 emissions, is published as part of our CCS award and listing, showcasing our dedication to meeting UK government procurement guidelines for environmental stewardship. Currently, we're enhancing our CRP with more accurate activity-based calculations and primary data, aiming for compliance with advanced standards like the GHG Protocol and ISO 14064-1, reflecting our ongoing pursuit of environmental excellence in public sector engagements.Equal opportunity
As a certified B Corp, Titus has an on-going commitment to integrating social value and EDI in every aspect of our operations, extending to our value chain and into the specific performance of our client solutions.
We conscientiously embed EDI in every phase of our project lifecycle, from understanding the organisations specific requirements, user groups, user journeys in the Discovery phase to the continuous practice of our EDI and social value initiatives in the Review and Improvement phase.
Our strategy includes developing EDI-aligned solutions that quite naturally align to software concepts such as a ‘by design philosophy’ and Accessibility features, ensuring inclusive and accessible functionality in the LMS solution design, and thorough testing to validate the effectiveness of the solution through an EDI lens. The aim is to roll out an LMS that not only serves our customers' end users, but also exemplifies our commitment to social value, offering potential collaboration opportunities to extend these benefits to wider community demographics.
As an accredited Investors in People business we ensure that we invest in our team and provide opportunities for learning inside and outside of the workplace. We provide an annual training budget for all members of the team supported by a personal development plan. We also provide a budget for the team to develop new skills outside of the workplace. We’re also proud to be an accredited Living Wage Employer from the Living Wage Foundation. We conduct yearly benchmarking of our teams’ salaries across the business which is supported by a yearly increase following a performance review to ensure our staff are financially compensated for their hard work and delivering a quality service for our clients.Wellbeing
Titus’ values include People First, evidenced by Investors in People accreditation and, most recently, BCorp certification.
We support a culture of wellbeing; we have a remote first working policy, all staff are provided with healthcare plans, >20% of the workforce are trained mental health first aiders and colleagues are encouraged to lead and participate in wellbeing activities such as yoga sessions, book and music clubs, regular team walks and inviting speakers to talk to us about health and wellbeing. This extends into the local community with staff regularly supporting local wellbeing initiatives and charities, including Mind in Bradford.
Our BCorp status was achieved at the first attempt and cements our mission to improve the world through learning. We endeavour to work with other BCorps and suppliers who share our ‘people over profit’ values, and we deliberately seek to partner with customers who also fit this profile; one of our key target verticals being the not-for-profit sector.
Our core products can be leveraged to create supportive and positive learning environments, promoting good mental health and wellbeing. With tools and features such as forums and collaboration areas, users are encouraged to work together, fostering a sense of community and belonging. And, of course, resources such as videos and articles can be added to the platforms ensuring users have access to training, encouraging self-care. We also build our product enhancements with accessibility in mind, ensuring we meet the latest WCAG guidelines, and user experience is central to all development decisions.
Underpinning our products is a robust service wrapper, delivered by people to people. By investing in the wellbeing of our staff, the customer receives support from a resilient and positive team focussed on success for the customer, reducing friction and negating issues.
Pricing
- Price
- £8,000 a unit a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Demonstration Portal available to all Public Sector Clients which covers the basic functionality of Moodle LMS.