IRIS SOFTWARE LIMITED

IRIS Central

IRIS Central is a powerful trust analytics platform that provides accurate, actionable insights from HR, financial, assessment, attendance, wellbeing and many more. It allows MAT leaders and stakeholders role-based access to real-time data from Management Information Systems (MISs) and others, with high quality data supporting impactful decisions.

Features

• Real time data from MIS, HR, financial systems and more
• Works with any MIS (some features Edgen & iSAMS only)
• Wide range of insights
• Simple, powerful cloud portal with SSO
• Dedicated data feed
• Customisable, role-based dashboards for all
• Baseline data to measure MAT/school against
• Out of box dashboards for HR, financial, attendance and more
• Data imported, managed through Central App reported through Central Dataset
• AI and ML driven analytics

Benefits

• Supports impactful decision making with high quality, actionable insights
• Timely access to live data – no emails or spreadsheets
• Simple, secure and controlled data access for all stakeholders
• Trustees and external agencies can access data with restricted settings
• Drill through to individual pupil and staff data for context
• Fast, responsive and secure with SSO via O365 and Google
• Saves staff time and effort in creating analytics for sharing
• Central management of settings for individual Edgen instances
• Create custom analytics using Designer requires minimal training
• Easy access to cleansed data for analytics using Data Share

£2,000.00 an instance a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at BidTeam@iris.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

127917960205796

Contact

Bid Team
0344 225 1525
BidTeam@iris.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: IRIS Ed:gen MIS solution
• Cloud deployment model: Private cloud
• Service constraints: None
• System requirements: Modern web browser (not Internet Explorer)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Any new ticket is responded to within 10 minutes to confirm the ticket has been created and advising the user of the ticket reference number.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: N/A
• Web chat accessibility testing: None
• Onsite support: Yes, at extra cost
• Support levels: Our support KPIs are: 90% of inbound calls answered within 30 seconds. 88% of tickets resolved within 48 working hours, tickets worked in order of priority. 92% ticket satisfaction.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onboarding support is provided, all technical aspects are handled by the IRIS team and full training is also provided.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Generally, via CSV.; If a contract is not renewed, data will be offered to the customer in a suitable format. Access to the service will be removed and data will be destroyed securely in line with industry practice and our own policies.
• End-of-contract process: If a contract is not renewed, data will be offered to the customer in a suitable format. Access to the service will be removed and data will be destroyed securely in line with industry practice and our own policies.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: N/A
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Use the data feed option to create own analytics, customise roles and dashboards for these roles in the live service. Drill into detail to row level.

Scaling

• Independence of resources: Our service has been uniquely designed so that each instance is unaffected by adjacent services, within the platform, we have carefully built the service to scale in terms of user numbers without slowness, even at busy times of the day where tens or even hundreds of users may be logged in to one system.

Analytics

• Service usage metrics: Yes
• Metrics types: We can provide a range of metrics including load time, uptime, status, user logs etc.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Extraction is through multiple formats. ; We offer a Direct Data Share with live SQL
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • Parquet
• Data import formats:
  • CSV
  • Other
• Other data import formats: JSON

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: With our cloud hosted Ed:gen platform, our infrastructure is highly secure using industry standard encryption, DDOS protection and sophisticated monitoring systems.
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.9%+
• Approach to resilience: The service is designed in such a way to drastically minimise the potential for downtime, from the way we transparently apply updates without taking the service down right through the redundancy that is built in and our own custom service monitoring apps built in house. We host in modern environments and take advantage of all the tools at our disposal to monitor health and security.
• Outage reporting: Through our status page.

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: N/A
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 13/10/2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: IRIS operates using a full suite of policies and procedures - including but not limited to:; IRIS Group Data Protection Policy ; IRIS Information Security and Acceptable Use Policies Summary ; IRIS Data classification and handling policy; Personal data incidents reporting procedure; Engineering Personal Data Breach Policy
• Information security policies and processes: IRIS Group Data Protection Policy ; IRIS Information Security and Acceptable Use Policies Summary; IRIS Data classification and handling policy; Personal data incidents reporting procedure; Engineering Personal Data Breach Policy

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: N/A
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: N/A
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: N/A
• Incident management type: Supplier-defined controls
• Incident management approach: IRIS Group Data Protection Policy ; IRIS Information Security and Acceptable Use Policies Summary ; IRIS Data classification and handling policy; Personal data incidents reporting procedure; Engineering Personal Data Breach Policy

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  We are committed to ensuring equal opportunities at IRIS. Our CEO, Elona Mortimer-Zhika, celebrates diversity in our workplace and expects the culture and environment of IRIS to be based on mutual respect and free from discrimination. We are committed to delivering a competitive and fair employment environment. We put equality, diversity, and inclusion at the forefront of our decisions, monitor progress, take action to continually improve, and be transparent with our findings. We have a zero-tolerance approach to discrimination based on protected characteristics and any allegations of discrimination will be dealt with in line with our Disciplinary policies. We have several wellbeing groups, including Unique which provides support for physical or mental health conditions or neurodivergent people. We provide a variety of training schemes to all employees, regardless of any protected characteristic, and encourage progression through our organisation.; ; We are passionate about gender equality and are committed to building a diverse workforce. We have continued to invest in our range of programmes to support gender equality and support the women of IRIS so they can reach their full potential. These initiatives ensure that we continue to focus on making IRIS a great place to work, enable our people to flourish, improving gender pay equality and providing equal opportunity for all. IRIS Groups championing of women in leadership has been recognised as a Great Place to Work for Women. The executive team comprises of three female leaders and 11 male leaders. ; Our Modern Slavery Policy sets out the ways in which we identify and manage the risks of modern slavery as a business, including risk assessment, risk mitigation and staff training. IRIS reviews all material suppliers and assesses whether any risks of slavery or human trafficking arise.

  Wellbeing

  We are committed to engaging, supporting and empowering our workforce. We create an environment where they feel part of a team; from regular global company updates to social evenings and charity events. We’re a UK Best Workplaces™ for Wellbeing. We have over 40 Mental Health First Aiders, have a weekly workplace support group and offer a free Employee Assistance Programme and bereavement counselling. We have several wellbeing groups and celebrate diversity. We offer colleagues a cycle scheme, private medical insurance and reduced gym memberships. We hold company fitness challenges and provide free fitness sessions. We’re proud to be a Real Living Wage employer, provide UK cost of living support, offer a tech and car scheme and give access to money coaches, workplace ISAs and pension, life assurance and critical illness cover. We seek our employees feedback on benefits that matter to them.; We give our employees three ‘Giving Back’ days a year on top of their annual holiday entitlement to support local community and national charitable cause. Employees are encouraged to actively give their time and skills to fundraise for a charity of their choice and volunteer on community projects, including being a school governor, charity trustee, reading with school children through the Benchmark scheme, mentoring in schools and running money management courses, both externally in conjunction with charities and schools, as well as internally with IRIS employees.

Pricing

• Price: £2,000.00 an instance a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at BidTeam@iris.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.