Skip to main content

Help us improve the Digital Marketplace - send your feedback

MRI Software Limited

MRI Accommodation Rent Accounting (ARA)

MRI Accommodation Rent Accounting (ARA) is a comprehensive and integrated temporary accommodation rent accounting solution with a self-service customer portal. ARA allows housing teams to place people into the most suitable temporary accommodation and monitor expenditure, the client’s movements, and their financial obligations, whilst reducing administration costs and debt owed.


  • Latest technology: mobile friendly, cloud hosted, highly secure, SSO/MFA
  • Intuitive self-service customer portal for rent account management
  • Back-office dashboard that provides real-time updates with alerts and actions
  • Pre-built standard reports & flexible real-time report builder
  • Full case management including Electric Document Management Retrieval System (EDMRS)
  • Easy implementation with flexible authorisation by staff role
  • Customer & accommodation database access as standard
  • Imports payments from revenue and benefit systems and accounting systems
  • Data output to accounting systems to help reconcile accounts
  • In-house helpdesk: providing reliable and trusted customer and user support


  • Better customer experience: providing ultimate transparency of costs to customers
  • Reduce the administrative burden on your team by enabling self-service
  • As the sector changes, so will the solution’s capabilities
  • Purpose-built solution, made specifically for social housing teams
  • Intuitive workflows remove repetitive administrative tasks
  • We’ll implement the solution, so you don’t have to
  • Information displayed in a clear way for informed decision making
  • Simplifies collection and recording of case information and evidence
  • Prioritises tasks to ensure efficiency, consistency, and compliance
  • Common look and feel across MRI’s suite of solutions


£16,550 an instance a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

1 0 1 6 2 2 1 8 9 6 4 2 2 6 0


MRI Software Limited Claire Brown
Telephone: 020 3861 7100

Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
The solution only requires an internet connection and a device that supports the latest browsers such as Google Chrome, Microsoft Edge, Firefox, Mac OS X, Safari 9+, iOS 7+ with mobile safari, Google Chrome (mobile), Android 4.x, and windows phone 8.1. Any planned maintenance will be completed (where possible) outside of core office hours and customers will be notified in advance.
System requirements
  • Latest internet browsers
  • Internet connection

User support

Email or online ticketing support
Email or online ticketing
Support response times
The help desk team are available via phone or email, Monday to Friday 09:00 to 17:00, excluding English statutory holidays. Our first and second line support aim to respond to service related incidents or requests by one working day, however we are currently achieving 4 hour response times. Emails received outside of office hours are collated and the call acknowledged and responded to the next working day.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
We include support within our annual fee. Support includes a named Account Manager and a Client Support Helpdesk. The Client Support Helpdesk also serves as the contact for all cloud support requests for trained users. Cases and incidents can be recorded and viewed in the client portal on a 24/7 basis.
Support available to third parties

Onboarding and offboarding

Getting started
Onboarding (training) is available and follows a train the trainer approach. Our training includes an overview of relevant legislation, walk through the system modules and a 'hands on' session supported by step-by-step user guides. Sessions are delivered in a supportive environment designed to facilitate learning. All applicable documentation will be provided in a pre-agreed format.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Onboarding documentation will be completed based on templates provided and will be completed with guidance between us and your the end-user . Off-boarding process and documentation will be as agreed between us.
End-of-contract process
At the end of the contract, the service is ceased and, if requested, customer data is returned. The portal is then decommissioned.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
Our solutions are mobile responsive to render differently depending on the device used to login. The only difference between the desktop and mobile service is the screen size (optimised to ensure everything still fits on the screen in the mobile service).
Service interface
User support accessibility
None or don’t know
Description of service interface
The application user interfaces are designed with untrained users in mind and provide a consistent approach to usability for all. We observe all usability standards and design for ease of use.
Accessibility standards
None or don’t know
Description of accessibility
We are committed to providing a website that is accessible to the widest possible audience, regardless of technology or ability. The website endeavours to conform to level Double-A of the World Wide Web Consortium (W3C) Web Content Accessibility Guidelines 2.0.
Accessibility testing
What users can and can't do using the API
APIs are available to integrate with third party systems (such as Housing Management Systems, Choice based Letting and Housing Registers) . This API will send customer details across to the 3rd party solution with the aim to create a customer on that 3rd party solution. Housing Partners will work with the 3rd party provider to ensure they can receive our API call and that they have fields for all the data being sent. If a customer would like to use an API they will get in touch with their implementation manager to discuss how they would like to use the API and what system they would like to integrate. Services to deliver the APIs will be chargeable at the daily rates.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
As part of the onboarding process customers will work with their dedicated implementation manager to


Independence of resources
We utilise Microsoft Azure's Autoscaling which dynamically allocates resources to match performance requirements. As the volume of work grows, We may need additional resources to maintain the performance levels and satisfy SLAs. Autoscaling uses the elasticity of cloud-hosted environments while easing management overhead. It reduces the need to monitor the performance of a system and make decisions about adding or removing resources. We use Azures Load Balancer that delivers high availability and network performance. It is a Layer 4 (TCP, UDP) load balancer that distributes incoming traffic among healthy instances of services defined in a load-balanced set.


Service usage metrics
Metrics types
The customer can build their own custom reports using the reporting tool within the solution, reports can be generated using any fields. Reports include reports to support organisation management, how many cases each officer is handling and how these cases are progressing. Reporting to show how successful the prevention and relief service is being managed within the Local Authority.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
Less than once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Other data at rest protection approach
Our SQL databases are encrypted at rest using transparent data encryption. Physical access control, inline with ISO27001
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
If a customer requires an export of their data they can use the intuitive inbuilt report builder that allows CSV files to be created from any field found within the solution. If a more robust or detailed report is required, this can be requested but will incur a charge depending on the complexity of the report.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • PNG
  • HTML
  • .xls
Data import formats
  • CSV
  • Other
Other data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
Our SQL databases are encrypted at rest using transparent data encryption. All connections to Azure SQL databases require encryption via SSL/TLS while data is in transit. This is configured by Microsoft via their Azure platform.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
All developers and testers test against OWASP top 10 security vulnerabilities. In addition to this, automated web application security testing is carried out during the development, release and life cycle of the product. A full network penetration test against all live sites and firewalls is carried out annually, as well as a full web application assessment penetration test during the development and release of the product.

Availability and resilience

Guaranteed availability
We use commercially reasonable efforts to ensure availability twenty -four (24) hours a day, seven (7) days a week, except for: (a) planned downtime (of which we provide adequate notice and will schedule to the extent practicable during the weekend hours), or (b) any unavailability caused by circumstances beyond our reasonable control, including without limitation, Force Majeure events or internet service provider failures or delays. We host our solution in a UK-based Tier 3 data centre that is designed to deliver high availability.
Approach to resilience
Available on request.
Outage reporting
Our Azure infrastructure ensures the availability of our data and services to a 99.9% uptime SLA and this includes three ready-to-run copies of our Azure infrastructure, two in one location and one in a separate geographical location. Recovery timescale therefore is not applicable as both geographical locations would have to be unavailable for users to notice an outage. Our data exists as multiple redundant copied with the primary set in Dublin. Azure monitoring is delivered by Status Cake uptime alerting which is instantaneous. New Relic error alerting is used for Web Site alerting which is also instantaneous. These layers are in addition to the standard Service alerting in Azure. These services all alert 24/7/365. Any users that are affected by an outage will be emailed in a reasonable time.

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
All users have a unique username and password to ensure only authorised users are accessing the solution. Further restrictions can be put in place including an IP whitelist ensuring only approve IP addresses can access the system.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
This ISMS is specific to the locations described in the statement of applicability.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
All staff are issued with our security policy when they join and confirm that they understand and will adhere to this. Our security policy is supported by processes and procedures such as our data breach reporting, new starters and leavers procedures. Our software development process incorporate privacy by design with security at the heart of everything that we do. All staff are trained on our security processes when they join and have regular refresher training. Our policies and processes are regularly reviewed by our operations managers and the outputs of these reviews are, in turn, reviewed with senior management. The focus of these reviews are the performance and ongoing applicability of our security quality management system.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Implementation is managed according to a pre-defined process. Change log items are identified early in the implementation process. These are assessed for size and impact to determine if the change will be done, won't be done (notwithstanding the customer may disagree) or might be done as an additional cost item. If the change falls outside (or it is not clear) of the existing DPIA for the software then the change will be assessed by the dedicated Data Compliance Manager. Once agreed changes are built, tested and accepted as would be the case for core functionality.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Regular internal risk assessments, scheduled audit, penetration testing (internal and external) and market best practice bench marking. Subject to QA patch release process, patches are released as soon as available.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Azure monitoring is delivered by Status Cake uptime alerting which is instantaneous. New Relic error alerting is used for Web Site alerting which is also instantaneous. These layers are in addition to the standard Service alerting in Azure. These services all alert 24/7/365.
Incident management type
Supplier-defined controls
Incident management approach
Our support Help Desk includes first, second and third line support based and will acknowledge and respond to your incident within one working day. Should our first line support team not be able to resolve your issue at first point of contact, it will be categorised, prioritised and passed to our second or third line support teams.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks

Social Value

Tackling economic inequality

Tackling economic inequality

Whilst not a certified living wage employer, our employees are all contracted and salaried fairly, in line with the Living Wage standards. We do not employ anyone on zero hours contracts and have a strong commitment to regularly review salaries in line with our appraisal process. We have a number of apprentices in the business who we are supporting to complete degree level qualifications, who all receive above the apprentice minimum wage.
Equal opportunity

Equal opportunity

We work hard to ensure our employees have a voice. We have various committees in place within our business, for example a Diversity, Equity and Inclusion committee, An Events Group which helps us to understand how employees are feeling about working at MRI and helping us drive forward inclusive events. We have also very recently launched our first ERG – employee resource group for Women and Allies. As a business with over 250 employees in the UK we are required to produce a Gender Pay Gap report. We very much welcome this initiative and our latest report will be available via our website from 4th April 2022. This report shows the impact we have on reducing our Gender Pay Gap and also highlights the many initiatives we have underway to further reduce our gap.


Work hard, play hard. From the day we opened our doors we set out to build flexible, game-changing solutions to make people's lives better. We do this by providing our clients with solutions which can enable them to provide better places to live, work and do business. The only way to carry out that mission is to hire the best employees and keep them. We are dedicated to creating a working environment which supports and develops our staff. Some of the benefits that we offer are: Gym reimbursements Medical assistance, including mental health tools Flexible working opportunities, including hybrid working Employee engagement is key to MRI's success and we hold quarterly spirit weeks to both connect and enthuse our teams globally. These weeks are themed and where staff are encouraged to learn about different topics or take part in activities that they might not typically have time for. These include fitness sessions, cooking sessions, engagement with families for those working from home or targeting one big event where we can globally feel like we are one team with the same goal. We also carry our bi-annual employee engagement surveys to ensure employees can express their views. With our most recent survey we had an 89% completion rate and we are currently creating actions to help us improve as a business as a result of our employee feedback.


£16,550 an instance a year
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.