Trust Centre
Cadmus is trusted by top-ranked universities across the globe.

Uplifting assessment requires trust
At the core of Cadmus is our mission to elevate university assessment through a platform that prioritises security, privacy, accessibility, compliance, and integrity.
Importantly, Cadmus has been designed to safeguard user data, so educators and students can engage with confidence knowing their information is protected.
Our Policies
Secure by design
Cadmus teams prioritise the security of our assessment software, and uphold the highest standards of data protection and compliance. These practices are built into our policies, systems and processes, and embraced within our culture—demonstrating our commitment to creating a secure environment through shared responsibility.
Specialist security team
Our team of security experts understands the complexities of risk and regulatory compliance, and how to maintain a secure, resilient system so user data is protected. Our leadership team also plays an active role in setting and monitoring Cadmus’s security policies and practices.
Continuous learning & improvement
Our people participate in annual, mandatory privacy and security training as part of Camdus’s shared responsibility approach. We continuously review and update our training content to reflect emerging risks and evolving best practices.
Access management
Cadmus access is granted to our people on a need-to-know basis, with permissions regularly reviewed to align with the principle of least privilege. The platform is centrally managed to ensure all Cadmus devices comply with our security standards and protective controls.
Enterprise-grade security and control features
With Cadmus, university partners can control staff use of the platform so you can keep your institution’s work secure and aligned with internal policies.
Access and authentication
Cadmus is built to seamlessly integrate with university systems, ensuring secure, reliable access through existing institutional infrastructure. By leveraging Learning Tools Interoperability (LTI), Single Sign-On (SSO) and university-managed identity providers, Cadmus simplifies user management while aligning with your internal security policies.
Team administration
Cadmus leverages your university’s existing Learning Management System (LMS) to manage user access and roles. Educators and administrative staff are added, removed or reassigned directly through the LMS, ensuring a consistent and centralised source of truth for user management. Cadmus inherits these roles via LTI, applying role-based access controls automatically to ensure the right people access the right features—reducing risk and simplifying oversight without additional admin overhead.
SAML Single Sign-On (SSO)
Cadmus supports Security Assertion Markup Language (SAML)-based SSO for institutional staff and students, enabling integration with your university’s identity provider (IdP). This allows centralised authentication, streamlined provisioning and enforcement of university-wide access policies—all without introducing separate credentials or login systems.
Role-Based Access Control
Access to Cadmus is governed by Role-Based Access Control (RBAC), with roles mapped directly from the university’s LMS. Users with teaching roles are directed to the secure Cadmus educator environment, while student roles access a completely separate student environment. This separation ensures teaching and learning environments remain distinct and secure.
Two-step authentication
Cadmus does not manage authentication independently. Instead, it inherits all authentication policies from your university’s IdP. Any enforced multi-factor authentication or two-step verification policies are automatically applied to Cadmus access, ensuring consistent protection without added administrative overhead.
Session management & access policies
Session timeouts, reauthentication intervals and access controls are governed by your institution’s existing policies. Because Cadmus authenticates through LTI and your university’s SSO infrastructure, session behavior reflects your internal security posture—giving you complete control over how and when users access the platform.