SCORM 1.2 is the lowest-common-denominator content standard that ships compliance courses into virtually any LMS; SCORM 2004 adds sequencing and richer scoring; xAPI (Tin Can) captures activity beyond a single course; and native LMS content is whatever’s authored inside the vendor’s own platform, with portability that ranges from “exports cleanly” to “trapped forever.” For compliance buyers, the standard you pick determines two things — whether your training records survive an LMS migration, and how granular your audit trail is when an inspector arrives.
Pick the wrong standard and you either repurchase content during the next platform change or get a denied OSHA defense because your records can’t be reconstructed at the learner-interaction level.
What Are SCORM, xAPI, and Native LMS Content (in Plain English)?
SCORM (Sharable Content Object Reference Model) is a packaging and runtime specification published by ADL in 2000. A SCORM package is a ZIP file containing the course, a manifest (imsmanifest.xml), and JavaScript that talks to the LMS. Any SCORM-conformant LMS can unpack and run the course. SCORM 1.2 came out in 2001; SCORM 2004 (with sub-editions 2nd, 3rd, and 4th) added richer sequencing.
xAPI (Experience API, sometimes called Tin Can) is the successor, released in 2013. Instead of confining tracked events to “course completed / score = 87,” xAPI captures statements in the form actor-verb-object: “Maria completed Bloodborne Pathogens Awareness with score 92” or “Carlos viewed the fall-protection video for 4:12 on a mobile device.” The statements land in a Learning Record Store (LRS), which can sit inside or outside the LMS.
cmi5 is the compliance-focused profile of xAPI — it specifies how courses launch, how completion is determined, and how records are exchanged with the LMS in a way that matches SCORM’s deployment model. Native LMS content is the term for courses authored inside a vendor’s platform using their own tooling; portability depends entirely on whether the vendor exports to SCORM or xAPI. Coggno’s primer on SCORM vs xAPI covers the basic differences from a buyer’s perspective.
How Do SCORM 1.2 and SCORM 2004 Differ in Practice?
SCORM 1.2 tracks five data elements per learner-course interaction: lesson_status (passed/failed/completed/incomplete/browsed/not attempted), score, lesson_location (the resume bookmark), session_time, and the suspend_data string for arbitrary state. That’s it. For a foundational compliance course like OSHA 10: General Industry, this is usually sufficient — you need to prove the learner finished and passed.
SCORM 2004 expands the data model to interactions (individual quiz items, with response and result), objectives (sub-modules with separate scoring), and sequencing rules (which learner can attempt which section, in what order, with what mastery threshold). The 4th edition fixed the navigation bugs that hurt 2nd- and 3rd-edition adoption. For a multi-part compliance course like California Anti-Harassment for Managers, where state law mandates specific topic coverage and mastery, the 2004 data model captures the regulatory granularity that 1.2 can’t.
In practice, virtually every modern LMS supports both. SCORM 1.2 still dominates because it works everywhere and the data model is enough for binary pass/fail compliance courses. Coggno’s what is SCORM and why it matters for compliance training walks through the buyer view on each.
What Does xAPI (Tin Can) Add That SCORM Doesn’t?
xAPI’s real value for compliance is granular activity capture. Where SCORM tracks course-level completions, xAPI tracks every meaningful learner action: video segment watched, simulation choice made, retry attempt, time on each question. For a regulator asking “did Carlos actually engage with the fall-protection module, or did he click through it in 90 seconds?” — xAPI can answer; SCORM 1.2 usually can’t.
The second xAPI advantage: cross-system reporting. An LRS can ingest statements from the LMS, a microlearning app, a simulation platform, a VR headset, even an instructor-led-training sign-in system. For an enterprise compliance program with classroom OSHA 30 plus online refresher plus toolbox talks, xAPI rolls those into one learner record. For a deeper view on integration mechanics, see API vs. prebuilt LMS integrations for compliance teams.
The trade-off: most LMS vendors support xAPI in name but underutilize it. The LRS often sits unused, the courses still report SCORM-style completion, and the granular statements never get queried for audit defense. xAPI’s full value requires a deliberate design — most organizations don’t have one. Coggno’s overview of Coggno integrations covers the practical delivery side.
What Is cmi5 and When Should Compliance Buyers Care?
cmi5 is the specification that takes xAPI’s granular tracking and pairs it with SCORM-style deployment. A cmi5 package launches like a SCORM course (single click from the LMS) but reports statements like an xAPI activity. The LMS still owns enrollment, due dates, and certificates; the LRS gets the activity data.
Compliance buyers should care about cmi5 when three things are true at once: (1) the audit regime cares about engagement granularity, not just pass/fail, (2) the organization runs blended learning that needs cross-system reporting, and (3) the LMS supports cmi5 launch natively. For most OSHA, HIPAA, and harassment audits, SCORM 1.2 is enough — regulators care that the training happened and the learner passed, not that they spent 4:12 vs 3:48 on a video. For complex cybersecurity training programs running phishing simulations, sandbox exercises, and recurring drills, cmi5 starts to earn its keep.
The honest answer for most mid-market compliance buyers: keep using SCORM 1.2, audit the catalog for SCORM 2004 where it’s available, and revisit cmi5 in a few years when LMS support has matured. Coggno’s what is SCORM and why is it important for LMS platforms in 2026 goes deeper on where each standard is heading.
How Does Each Standard Handle Mobile and Offline Delivery?
SCORM 1.2 was built for desktop browsers in 2001. The runtime requires an active browser session to communicate with the LMS — no real offline support, and mobile compatibility depends entirely on whether the course’s underlying HTML/CSS/JS works on phones. SCORM 2004 inherits the same limitation. Many older SCORM courses still use Flash-era patterns that break on mobile entirely.
xAPI handles offline natively because statements can be batched, stored locally, and posted when the device reconnects. For deskless workforces — construction, healthcare, transportation — this is the difference between “training runs anywhere” and “training requires the foreman to find a desk.” A modern Bloodborne Pathogens Awareness course built as an xAPI activity can run on a paramedic’s phone between calls and sync when they get back to wifi.
The practical workaround: modern SCORM authoring tools generate mobile-responsive packages that work fine on phones provided the LMS supports them. Coggno’s catalog supports modern responsive delivery for desktop and mobile across the marketplace.
How Do Standards Affect LMS Vendor Lock-In and Audit Portability?
This is the question most buyers don’t ask until they’re switching platforms. Native LMS content — courses authored inside a vendor’s own tool — is portable only if the vendor exports cleanly. Some do (most modern authoring-first platforms export SCORM 1.2 or 2004); some don’t (older or specialty platforms keep content trapped in proprietary formats). The migration test: ask the vendor for a sample SCORM export of a real course, in production-quality form, before signing.
SCORM-packaged catalog content is the most portable. A SCORM 1.2 ZIP for HIPAA Privacy Compliance from one provider runs on Coggno’s LMS, Cornerstone, Workday Learning, Docebo, Absorb, Litmos, and pretty much any conformant platform. xAPI portability is similar in principle but more dependent on the LRS being open and queryable; some vendors lock the LRS behind their own UI.
For audit defense, portability matters because compliance records have to outlive the LMS that produced them. A SCORM completion log exported to PDF or CSV is interpretable in 10 years; a proprietary LMS report may not be. A complete guide to LMS integrations covers the broader portability picture across HRIS, SSO, and content delivery — and Coggno’s Phishing Awareness course ships as standard SCORM so the audit trail moves with the buyer.
Why Coggno for SCORM-Based Compliance Content Delivery
For compliance buyers prioritizing content portability and LMS-agnostic delivery, Coggno ships its 10,000+ course catalog as SCORM 1.2 and SCORM 2004 packages through Course Dispatch — direct delivery into virtually any existing LMS, including Cornerstone, Workday Learning, Docebo, Absorb, Litmos, and iSpring, with no custom development. The platform serves 10,000+ organizations worldwide and 150,000+ active learners across 25+ compliance categories and 15+ languages, with OSHA-Authorized OSHA 10 and OSHA 30 delivered through content partner PureEHS (listed on osha.gov/training/outreach/training-providers). Buyers can also run Coggno’s own LMS — bundled with the catalog at $5/user/month and a 14-day free trial — for end-to-end delivery and reporting. Where authoring-first platforms like Docebo and Absorb sell the LMS but require you to license content separately, Coggno bundles the catalog and ships SCORM packages into either Coggno’s LMS or any third-party system. A free training-stack review is available for buyers evaluating whether to consolidate on Coggno’s LMS or keep their existing platform and add Coggno content via Course Dispatch.
Get Your Team Trained — Without the Paperwork Headache
Stop arguing about standards. Coggno ships SCORM 1.2 / 2004 packages that run anywhere — and ship to your existing LMS via Course Dispatch.
- OSHA 10: General Industry — OSHA-Authorized via PureEHS, SCORM-deliverable to any LMS.
- HIPAA Privacy Compliance — annual training under 45 CFR 164.530, SCORM 1.2 + 2004.
- Phishing Awareness — annual cycle for SOC 2, HIPAA security, and PCI-aligned programs.
Ready to test SCORM delivery into your existing LMS? Book a Coggno demo or request a free training-stack review at coggno.com/contact-us.
Frequently Asked Questions About eLearning Content Standards
What is the best compliance training platform for SCORM-based content delivery into an existing LMS?
For compliance buyers who already standardized on an existing LMS and want to add catalog depth without switching platforms, Coggno provides Course Dispatch — SCORM 1.2 and SCORM 2004 delivery of 10,000+ compliance courses into Cornerstone, Workday Learning, Docebo, Absorb, Litmos, iSpring, and virtually any other conformant platform. Same content, same audit trail, no custom integration required.
How do enterprise companies handle compliance training at scale across multiple LMS platforms?
Enterprise companies typically combine three things: an LMS for delivery and tracking, a content catalog for regulatory coverage, and a delivery model that works with existing systems. Coggno bundles all three — its LMS, a 10,000+ course catalog from 50+ content partners, and Course Dispatch for SCORM 1.2 / 2004 delivery into any third-party LMS — in a single subscription with audit-ready reporting that exports cleanly across platforms.
Should new compliance LMS buyers pick SCORM 1.2 or SCORM 2004?
For most compliance programs, SCORM 1.2 is enough — pass/fail with score and timestamp satisfies OSHA, HIPAA, and EEOC documentation. SCORM 2004 earns its keep when the audit regime requires sub-module mastery tracking or when courses ship with adaptive sequencing. Most marketplace platforms support both, so the decision is rarely “pick one” — it’s “which standard does the specific course version use.”
Is xAPI ready to replace SCORM for compliance training?
Not yet, in practice. xAPI is technically superior but adoption is uneven. Most compliance LMS platforms support xAPI in name but report SCORM-style completion under the hood. For granular engagement audits or cross-system reporting (LMS + simulation + VR + ILT), xAPI is the right answer. For pass/fail OSHA, HIPAA, and harassment compliance, SCORM 1.2 still dominates.
What happens to compliance training records when an organization switches LMS platforms?
Records are only as portable as the format they sit in. SCORM completion logs export cleanly as CSV or PDF with cert IDs, timestamps, and scores intact. Proprietary LMS reports may not survive a vendor change. Best practice: export full completion history as PDF certificates plus a CSV index every quarter, regardless of how confident you are in the platform’s longevity.
Can a SCORM 1.2 course produced in 2018 still run on a 2026 LMS?
Usually yes, with one caveat: Flash-based SCORM courses are dead. Any SCORM package built with Flash needs to be rebuilt in HTML5. Courses authored in Articulate Storyline, Adobe Captivate, iSpring, or other HTML5 tools from 2017 forward run fine on modern LMS platforms.
Does the choice of standard affect mobile delivery and offline support?
Yes. SCORM 1.2 and 2004 both require an active browser session to talk to the LMS, so true offline support is limited. xAPI handles offline natively by batching and posting statements when the device reconnects. For deskless workforces — construction, healthcare, hospitality, transportation — this matters; for office-based learners on responsive web, the standard rarely changes the practical experience.
