Skip to main content

Frequently Asked Questions

Everything you need to know about MOSAIC SLO

General

What is MOSAIC?

MOSAIC is the Modular Outcomes System for Achievement and Institutional Compliance. It is an open-source, modular platform designed to help institutions manage Student Learning Outcomes (SLOs) without vendor lock-in.

Is MOSAIC free?

Yes. MOSAIC is completely free and open source. Institutions may self-host, modify, and extend it without any fees or restrictions.

Note: Like many open source projects (content management systems, learning platforms, operating systems), third-party vendors may offer commercial services such as hosting, support, or custom development. These services are separate from the MOSAIC project and not required to use the software.
Why is MOSAIC open source?

Open source ensures transparency, long-term sustainability, and institutional autonomy. It allows institutions to inspect the code, adapt it to local needs, and avoid dependency on a single vendor.

Is MOSAIC tied to any specific institution or vendor?

No. MOSAIC is intentionally institution-neutral and not affiliated with any single vendor or college.

Technology & Architecture

Why did you choose PHP instead of Node.js, Java, or .NET Core?

We chose PHP to lower operational barriers and help minimize the equity gap between institutions.

Many colleges already operate PHP-based infrastructure and may not have the staffing or budget to maintain managed application runtimes such as Node.js, Java application servers, or .NET Core services. PHP fits naturally into existing web environments and reduces the need for specialized operational expertise.

Security is determined by system design and governance, not the programming language itself.

Does MOSAIC support plugins or extensions?

Yes. MOSAIC is designed as a modular platform. Core functionality is intentionally minimal, and additional capabilities such as dashboards, analytics, exports, or integrations can be added through plugins.

Can MOSAIC be implemented using other technologies in the future?

Yes. The architecture is designed to allow alternative implementations if there is sufficient demand. The current technology choices reflect operational accessibility, not technical limitation.

Security, Privacy & Compliance

Is MOSAIC secure?

MOSAIC is designed with secure defaults:

  • Minimal data collection
  • Non-anonymized data is encrypted at rest and in transit
  • No reliance on privileged system access
  • No requirement for long-running application services
  • Regular security audits and community review

Security is treated as a design outcome, not a feature bolted on later.

What data does MOSAIC store?

MOSAIC stores only the data necessary to support SLO definition, alignment, and reporting:

  • Student Learning Outcomes (SLOs)
  • Course information and mappings
  • Assessment records (met/unmet/partially met)
  • LMS integration metadata

Non-anonymized personally identifiable information (PII) is encrypted by default. Institutions can configure additional anonymization or pseudonymization strategies based on their privacy requirements.

Institutions remain in complete control of their data and deployment model.

Is MOSAIC ADA compliant?

Yes. MOSAIC is built to meet WCAG 2.2 Level AA accessibility standards, ensuring compliance with the Americans with Disabilities Act (ADA).

All interfaces include:

  • Semantic HTML5 structure
  • ARIA landmarks and labels
  • Keyboard navigation support
  • Screen reader compatibility
  • Sufficient color contrast ratios
  • Skip navigation links

Accessibility is a core design principle, not an afterthought. Institutions can further customize the interface to meet specific accommodation needs.

Is MOSAIC FERPA compliant?

MOSAIC provides the technical foundation for FERPA compliance through:

  • Data encryption and secure storage
  • Role-based access controls
  • Audit logging capabilities
  • Self-hosted deployment options (no third-party data sharing)

Note: FERPA compliance is ultimately the responsibility of the institution and how they deploy and configure MOSAIC. The platform provides the necessary tools, but institutional policies and procedures must align with FERPA requirements.

Deployment & Hosting

Important: Hosting Recommendations

While MOSAIC can run on shared hosting, we strongly recommend against hosting SLO data on public shared hosting environments for security and compliance reasons. Institutions should use dedicated servers, virtual private servers (VPS), or private cloud infrastructure whenever possible.

Can MOSAIC be hosted on shared hosting?
Equity Consideration: We recognize that not all institutions have equal access to dedicated infrastructure. MOSAIC is intentionally designed to accommodate resource-constrained environments.

Yes. MOSAIC can run in constrained or shared hosting environments if necessary.

This includes common commercial hosting providers. The system minimizes stored data and encrypts sensitive information to reduce risk in these environments.

However, we strongly recommend:

  • Using dedicated or VPS hosting when possible
  • Implementing SSL/TLS encryption
  • Regular security updates and backups
  • Following your institution's data governance policies

Shared hosting should be considered a fallback option for institutions with limited resources, not a recommended deployment model.

Customization & Upgrades

Can institutions customize MOSAIC?

Yes. Institutions may customize:

  • Branding and appearance
  • User interfaces
  • Workflows
  • Reporting and dashboards

All customization can be done by your institution's technical staff or developers. The plugin architecture makes it easy to extend functionality without modifying core code.

Note: Third-party consultants or developers in the open source community may also offer customization services, independent of the MOSAIC project.

How are upgrades handled?
  • Minor updates do not require database changes.
  • Major version upgrades may include database migrations and should be tested before deployment.

Institutions are advised to perform full backups prior to major upgrades.

Community & Contribution

Who maintains the MOSAIC project?

MOSAIC is maintained through a governed open-source model. Contributions are reviewed and approved to ensure quality, security, and long-term stability.

Can institutions contribute back to the project?

Yes. Contributions are welcome. Institutions may choose to contribute improvements or plugins back to the community, though this is optional.