Solutions - Government & Public Sector
Learning infrastructure your auditor can inspect.
For ministries, agencies, intergovernmental institutions and public-sector training bodies that need full data residency, documented accessibility, and a source code base that isn't sitting behind a vendor NDA. Open edX is open source under AGPL and Apache 2.0 - the code is public, the platform is portable, and the contractual relationship is with us.
The public sector isn't one buyer.
Ministries, agencies, intergovernmental bodies, municipal administrations and capacity-building programmes.
National ministries
Education, labour, digital, interior, health - ministries launching large-scale capacity-building or citizen-education programmes on infrastructure they can audit, host and, if needed, take over themselves.
Agencies & regulators
Regulatory bodies delivering compliance training to a supervised sector, or equipping their own civil servants with specialist skills. Formal procurement, formal audit trail, formal data-protection impact assessment.
Intergovernmental institutions
UN-system organisations, EU agencies and multilateral bodies training staff and partners across many countries, many languages, and varying infrastructure. Diplomatic immunity complicates data residency - open source simplifies it.
Public-sector training academies
Dedicated staff academies for civil service, public administration, police, judiciary or military. Long programme cycles, structured cohorts, documented training records that feed into HR and pension systems.
Regional & municipal administrations
States, Länder, regions and large municipalities running their own training for staff and citizens. Often shared infrastructure across multiple departments through multi-tenant configuration.
EU-funded capacity programmes
Horizon Europe, Digital Europe, Erasmus+ and CERV programmes where capacity-building is a work package. Consortium-friendly architecture, multilingual delivery, post-grant sustainability built into the contract.
What we deliver
Six capabilities that map to procurement language.
EU hosting by default
Infrastructure operated in EU jurisdiction. No transatlantic data transfer. No Privacy-Shield exposure. No opaque sub-processor chain. Our sub-processors are published and versioned - you get 30 days' notice of any change.
Source code you can audit
Open edX is released under AGPL and Apache 2.0. The entire platform source code is on GitHub, public, auditable by your IT security team or by an external security contractor. If a security review flags an issue, the fix is upstream; you don't depend on our roadmap to get it.
On-premise & air-gapped
Install on your data-centre hardware. Run completely disconnected from the internet if policy requires. Updates are performed as scheduled on-site visits, quarterly by default, aligned with your change-control windows - not pushed down your network in the middle of the night.
Accessibility-focused delivery
Targeting WCAG 2.1 Level AA - the basis for EN 301 549, BITV 2.0 in Germany, and most EU national accessibility laws. Screen-reader tested, keyboard-navigable, captioned-video workflows. Every deployment includes a written accessibility statement documenting any known gaps
Multilingual delivery
Open edX ships with UI support for 15+ languages. Per-course language tracks, locale-aware formatting, and translation-ready content for multi-country programmes.
Federated & government SSO
SAML 2.0 and OAuth 2.0 for SSO - compatible with national civil-service IdPs, eID brokers, Entra ID, Keycloak and most commercial IAM suites. SCIM for user provisioning. We integrate with the identity layer you already have, not by replacing it.
Typical project shape
What a public-sector engagement looks like.
Discovery & DPIA
Use-case mapping, data-flow diagram, DPIA drafting with your DPO, procurement alignment with your purchasing office.
Security review
Platform provisioning, configuration hardening, pen-test window for your security team, documented response to findings.
Build, integrate, train
SSO integration with your IdP or eID broker, content authoring training, pilot cohort configuration, accessibility pass.
Go-live & handover
Cutover with rollback plan, documentation handover, named-engineer support active, scheduled review cadence established.
Government & public-sector FAQ
Procurement-grade questions, procurement-grade answers.
The questions we answer most often during public tenders and DPO reviews - phrased as asked, not as we'd prefer.
Yes. We install Open edX on your own infrastructure or in a fully air-gapped environment for organisations with strict data residency or network-isolation requirements. Updates in air-gapped deployments are scheduled as quarterly on-site visits, because release cadence has to match your change-control process rather than ours.
Open edX provides the technical features required for GDPR compliance - user data export, deletion, and audit logging. Compliance is ultimately determined by how your organisation configures and operates it. We deliver a configuration that starts from a GDPR-compliant baseline, document any gaps honestly in writing, and provide the DPA, TOMs and sub-processor list on first request rather than at contract signature.
Open edX targets WCAG 2.1 Level AA, which is the basis for EN 301 549 and for BITV 2.0 in Germany. We provide a written accessibility statement documenting known gaps rather than claiming blanket compliance — because accessibility conformance is a per-deployment assessment, not a property of the software alone. If your tender requires an independent accessibility audit, we arrange that with a recognised auditor; the cost and timeline are scoped separately.
Open edX is open-source software; ISO 27001 certification attaches to the operator, not the code. When Abstract hosts the platform, we can provide attestations covering our operational environment. If you operate the platform yourselves - on your own cloud or on-premise - the certification scope covers your operations, not ours. We explain this up front because some tenders ask for platform-level certification that doesn't exist for any open-source system.
Open edX supports SAML 2.0 and OAuth 2.0, which are the underlying protocols for most government SSO systems. Integration with national eID systems (eIDAS-compliant wallets, country-specific ID brokers) typically goes through an SSO broker (Keycloak, your existing IAM platform) that already speaks the eID protocols; we then integrate Open edX with that broker. We don't re-implement eID protocols inside Open edX, because that would duplicate infrastructure your government already runs.
The platform is open source. You can take a copy of the code, the database, the content (which is stored in OLX, a plain-text format), and the configuration - and run it yourself, or move it to another Open edX partner. Data portability is a contractual right, not a negotiation. We will actively support exit if you decide the fit isn't right; long-term lock-in isn't the business we're in.
Procurement-grade conversations from the first call.
Book a discovery call with an architect who's delivered Open edX to UN-system organisations, EU-funded programmes, and public agencies. Bring your tender draft, your DPIA template, or your security questionnaire — we'll answer honestly.
