AGILYX EMEA LTD

IRIS (Intelligent Recognition Invoice Service)

IRIS takes the stress out of Accounts Payable (AP) processes. Using the power of Agilyx Integration Machine, a robust integration & processing platform built on Microsoft Azure services. IRIS utilises Azure’s Artificial Intelligence (AI) functionality to scan PDF invoices received via email and imports these invoices into Unit4 ERP seamlessly.

Features

• Streamlined invoice processing
• Improved accuracy
• Reduced processing times
• Seamless integration with existing ERP Systems
• tailored for business across diverse industries

Benefits

• Improved accuracy
• Reduced processing times
• streamlined invoice processing
• greater accuracy in financial operations
• minimised risk associated with human error
• more streamlined workflows and processing

£3,000 a unit a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at julie.taylor@agilyxgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

128581067106905

Contact

Julie Taylor
01628 637266
julie.taylor@agilyxgroup.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: None that we are aware of
• System requirements:
  • ERP system
  • Finance module including invoice processing

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We will respond within 4 hours to tickets been raised from Monday to Friday, 9am to 5:30pm.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We have various support packages available on request
• Support available to third parties: No

Onboarding and offboarding

• Getting started: The service is deplyed by our in house development team and configured to the customers own system requirements. Offsite training and documentation is supplied.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data is not stored by the service per se, data passes through the services for process purposes. Users can extract their audit data and any stored data via query when desired.
• End-of-contract process: The contract includes base costs, 2 environments, basic support and upto 3000 invoices per year along with template configuration and installation. Any additional implementation work would be extra cost along with any additional clients required or additional invoice costs.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: The API is configured as part of the deployment
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Buyers can customise the incoming XML and the application configuration.

Scaling

• Independence of resources: Our services uses the latest Microsoft Azure technology meaning every interaction is independent of the next, we user commercially reasonable efforts to make IRIS available 99.5% of the time.

Analytics

• Service usage metrics: Yes
• Metrics types: Number of transactions passed/failed and success/failure metrics.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: This is not usually required, however, users can extract logs via code work if required.
• Data export formats:
  • CSV
  • Other
• Data import formats:
  • CSV
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Agilyx operate an information security program designed to protect Customer Data processed through the Hosting Environment using industry standard policies and technologies.
• Data protection within supplier network: Other
• Other protection within supplier network: Agilyx operate an information security program designed to protect Customer Data processed through the Hosting Environment using industry standard policies and technologies.

Availability and resilience

• Guaranteed availability: Agilyx will use commercially reasonable efforts to make IRIS available 99.5% of the time excluding any of the following periods: (a) planned downtime; and (b) unscheduled downtime caused by: (i) circumstances beyond Agilyx’s reasonable control (including, but not limited to: acts of God, acts of government, flood, fire, earthquake, civil unrest, acts of terror, strike or other labour problem, hosting provider failure or delay, issues related to Third Party Integrated Applications, or denial of service attacks); (ii) circumstances entitling Agilyx to suspend access to IRIS under the terms of this Agreement; and (iii) the Customer’s or a User’s failure to use IRIS in accordance with Agilyx documentation.
• Approach to resilience: Working with MS Azure our data follows all MS Azure resilience protocols. Further information is available on request.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access is limited to authorised users only
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA Certification Ltd
• ISO/IEC 27001 accreditation date: 15/02/2018
• What the ISO/IEC 27001 doesn’t cover: The scope of this approval is applicable to : The design, development, provision and support of Unit4 software products and associated consultancy, technical and managed IT services. Statement of applicability v2. the scope covers all UK activities and also includes Global activities, hosting, SaaS etc
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: SyberNet Self Assessed Certification
• PCI DSS accreditation date: 14/01/2017
• What the PCI DSS doesn’t cover: The service is deployed as a hosted service. via our partner SyberNet, who are required to run and maintain it in a PCI compliant environment. SyberNet are currently a level2 service provider with less than 300,000 transaction annually and so they complete an SAQ, a quarterly scan by an ASV (they use Qualys as their Approved Scanning Vendor ) and provide anattestation of compliance (AOC)
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The Agilyx global Information Security Policy can be provided upon request. Agilyx is accredited to ISO 27001 Information Security Management.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: IRIS relies on the expert services of Azure, who provided the underlying platform, network connectivity and System software. The Azure platform offers High Availability, Fault Tolerance, and redundancy at all levels, and components are automatically replaced at the end of their lifetimes or when failed - deployments within Azure allow everyone to benefitfrom their experience of running highly secure and compliant online services
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Deployments within Microsoft Azure allow everyone to benefit from their experience of running highly secure and compliant online services around the globe (such as Microsoft Cyber Defense Operations Centre, a 24x7x365 state-of-the-art cybersecurity and defence facility). IRIS works with R&D teams to identify, mitigate and share information about known risks. Agilyx uses log monitoring and analyses to identify usage anomalies and exceptions. Software patches are applied during the maintenance window, but security patches are applied immediately.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: IRIS’s service includes system software, monitoring, management and maintenance of the Agilyx software and environment in Azure. A continuous 24x7x365 monitoring program is in place to detect and resolve infrastructure and application issues in order to meet the Agilyx application availability targets. The monitoring covers solution health, availability and response times. Prioirity 1 alerts generated are handled by Agilyx staff 24/7/365. see also response concerning Incident Management Approach.
• Incident management type: Supplier-defined controls
• Incident management approach: Agilyx will take prompt action to respond to any Security Incident and to prevent the further unauthorized use or disclosure of Customer Data, and/or to correct the issues within IRIS(to the extent that IRIS gave rise to such Security Incident).

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  Diversity is important to Agilyx. We are committed to our employees and aim to attract, recruit, engage and retain a diverse team of talented people who can drive business results and enhance our reputation. Agilyx seeks to add value to its organisation with a team which have an appropriate mix of skills, experience (in a variety of specified fields), expertise and diversity. The business also seeks to build a safe work environment by taking action against inappropriate workplace behaviour that does not value diversity including discrimination, harassment, bullying, victimisation and vilification. Agilyx values and manages diversity through a variety of programs, practices and policies which cover:recruitment and promotion of employees with the appropriate skills, talent and experience for the position. Equal employment opportunity, including but not limited to, differences that relate to sexual orientation, gender, age, ethnicity and cultural backgrounds. Talent and succession planning, Employee assistance programs, Support for flexible work hours and parental leave to accommodate employee’s needs at all levels of the organisation, Career development and performance through programs that assist employees to develop skills and experience to career enhancement, A defined grievance and dispute process, Work health safety programs and training, Study assistance and Gender diversity is a key part of the overall diversity policy at Agilyx, ensuring that women are represented in senior roles.

Pricing

• Price: £3,000 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at julie.taylor@agilyxgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.