Totara assesses our software against the OWASP Application Security Verification Standard (ASVS). This allows us to assess our software against industry best practice and helps us guide its improvement.
Self-assessment reports can be requested for Totara versions 13 to 17. These can then be requested by partners, either through the Totara Helpdesk or through their Channel Partner Manager.