6. Security &
Compliance
Data encryption in practice (role-based access control)
Elite LMS prioritises data security with encryption standards that safeguard learner information. All data stored on the platform is
encrypted and meets the Protection of Personal Information Act (POPIA) standards.
The platform integrates with Microsoft Active Directory, allowing for single sign-on capabilities and ensuring that only authenticated employees can access the system. Elite LMS secures Active Directory (AD) SSO data by using 256-bit AES symmetric encryption with exclusive keys, encrypting confidential customer data in their database and using secure protocols like HTTPS for all access.
Multi-factor authentication
Security protocols, with multi-factor authentication and Active Directory integration for seamless, secure user access.
Elite LMS
- Require some or all users to authenticate with 2FA (including setting rules by role)
- Allow users to add a secondary login check using an email or supported 2FA app
Compliance with POPIA & GDPR in system processes
Personal information is managed in compliance with POPIA, with strict
access controls and policies to protect user data. Additionally, Elite LMS employs routine audits and updates to meet evolving regulatory
standards. Our platform ensures compliance with both local and international standards, including POPIA and GDPR.
1. Proof of Compliance with RFP Standards
Commitment to Data Protection and Compliance with South African Standards. Elite LMS is fully compliant with the Protection of Personal Information Act (POPIA), the General Data Protection Regulation (GDPR), and holds ISO 27001 certification. We use AES-256 encryption for data in transit and at rest, role-based access control, and multi- factor authentication to safeguard data. Our compliance checklist (Appendix D) demonstrates clear alignment with ECIC02P-2025/26 requirements, including multimedia capability, province-level reporting, and proof-of-concept readiness.
POPIA Compliance:
- Elite LMS uses end-to-end encryption for data in transit and at rest, protecting personal data with advanced algorithms.
- Strict access controls and data minimisation policies are applied to ensure only essential, authorised personnel can access personal information.
- Personal data is managed in line with policies, and user access can be defined by roles (e.g., administrator vs. learner).
ISO 27001 Certification:
- Elite LMS’s commitment to data security is validated by our ISO 27001 certification, an internationally recognised information security standard.
- This certification ensures that we adhere to rigorous information security management practices, with regular audits, risk assessments, and updates to stay aligned with best practices.
Audit logs (user activity history)
