ASQA is aware of a cyber incident involving the international learning management system Canvas.
ASQA has been advised that as a result of the incident, providers using the system have been unable to access it.
Canvas’s US provider Instructure is working to restore it as soon as possible.
Providers are reminded that they must notify ASQA of the occurrence of an event that would significantly affect the organisation’s ability to comply with any of its obligations (also known as a material change) under the National Vocational Education and Training Regulator Act 2011, and that this notification must be given within 10 business days after the event occurs.
These events may include (but are not limited to) any impact on your ability to comply with the 2025 Standards for RTOs, for example:
- Clause 20 of the Compliance Requirements – Compliance with laws (including privacy laws) - particularly in circumstances where student information has been compromised.
- Standard 2.3 of the Outcome Standards - VET students have access to support services, trainers and assessors and other staff to support their progress throughout the training product
ASQA expects impacted providers to continue to actively monitor and address their obligations, including ensuring that student wellbeing is supported where individuals are impacted. More information to assist you to understand your obligations can be found in this issue of ASQA IQ on our website.
If you have any other questions, call us on 1300 701 801 (dial +61 3 8613 3910 from outside Australia) between 9am to 5pm (Australian local time) Monday-Friday or submit an enquiry using our online form Help with your enquiry.