POLICIES AND PROCEDURES MANUAL

1.0 Purpose and Scope

This document establishes the policies and procedures for training, assessment, evaluation, and record-keeping for Level 1 Labs’ online cybersecurity education platform. It ensures consistent, high-quality education, valid measurement of learner competency, and secure maintenance of all associated records.

These policies apply to all learners, course developers, instructors, and administrative staff involved in the platform’s educational activities.

2.0 Policy Statements

• 2.1 Training Policy: Structured, current, and pedagogically sound training aligned with industry standards (e.g., NIST).
• 2.2 Assessment Policy: Assessments must be valid, reliable, fair, and aligned to learning objectives.
• 2.3 Evaluation Policy: Continuous evaluation for quality assurance and improvement.
• 2.4 Record-Keeping Policy: Secure, confidential maintenance of learner and certification records in compliance with data protection laws.
• 2.5 Securing Online Records: Layered security controls including MFA and strong passwords (minimum 10 characters).

3.0 Procedures

3.1 Training Development & Delivery

• 3.1.1 Course Design: Standardized templates with learning objectives, prerequisites, modules, labs, and assessments.
• 3.1.2 Content Review: Quarterly SME review for technical accuracy.
• 3.1.3 Instructor Qualification: Relevant certifications (e.g., CISSP, OSCP, GIAC) or equivalent experience plus pedagogical training.
• 3.1.4 Delivery Modalities: VILT, recorded lectures, simulations, cyber ranges, and reading materials.

3.2 Assessment of Learners

• Formative: Quizzes, labs, participation.
• Summative: Proctored exams, final challenges, capstone projects.
• Proctoring: AI-based and/or live remote proctoring.
• Academic Integrity: Strict prohibition of plagiarism, collusion, and unauthorized resources.

3.3 Evaluation of Platform and Tutorial

• Standardized learner evaluations post-completion.
• AI tutor and VILT performance analytics.
• Quarterly platform analytics review.
• Bi-annual improvement and policy review cycle.

3.4 Record-Keeping and Data Management

• Secure LMS record maintenance.
• Encryption at rest and in transit.
• Assessment retention: minimum 5 years.
• Certificate validity: 2 years with public verification portal.
• Compliance with privacy regulations and data subject rights.

4.0 Roles and Responsibilities

• Platform Administrator: LMS configuration and policy enforcement.
• Course Developer / SME: Content development and review.
• Learner: Ethical participation and feedback.
• Data Protection Officer: Privacy compliance and data requests.

5.0 Related Documents

• Academic Integrity Policy
• Privacy Policy
• Learner Terms of Service
• Institute Catalogue
• Incident Response Plan