IRIS Intelligence Ltd.

IRIS Intelligence Asset Management Software

IRIS Asset Management Software (AMS) provides organizations with an intuitive and easy-to-use platform to effectively manage equipment and inventory. Assets can be tracked from procurement to sunset across categories and business units. IRIS-AMS is fully customisable to fit your organisational needs in managing your assets throughout their life cycles.


  • Multi-user web interface for managing assets across the organisation
  • Provides single unified source of Asset Management information for stakeholders
  • Communicate status of multiple asset types across multiple business units
  • Manage asset lifecycle and communicate to relevant stakeholders
  • Real-time reporting via off-the-shelf and custom templates
  • Email integration and automated reminders to ensure data remains fresh
  • Automated integration with Excel, Project and other applications
  • Dynamic charts: Asset Register, Asset Heatmap, Asset Lifecycle Grid
  • Top-of-the-range encryption and secure access restrictions
  • Ability to add customer specific “Custom Data Fields”


  • Comprehensive online asset register available 24/7
  • Plan, procure, implement, use and sunset assets of all characteristics
  • Easy to understand dashboards communicate required asset management activity
  • View assets by type, business unit, location and unlimited characteristics
  • Identify missing and superfluous assets
  • Create, track and deliver asset management plans
  • Deliver timely, accurate and relevant Management Information
  • Ensure timely review of asset registers and regular update schedules
  • Simple, intuitive, easy to use: Configure to match user requirements


£10 to £50 a person a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

1 3 6 9 6 7 2 3 2 6 7 3 6 9 9


IRIS Intelligence Ltd. Nayane Ferreira Huntriss
Telephone: 020 3286 7857

Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints
System requirements
  • OS - Windows Server 2022, 2019, 2016, 2012 , 2008R2.
  • DB – SQL Server 2008R2, 2012, 2014, 2016, 2017, 2019
  • Server RAM – minimum 2 GB free
  • Free Hard Disk space 5GB Minimum
  • CPU – Minimum 2 core , 1.4GHz
  • Can be run on a shared or dedicated server
  • Can be run virtualised if Host Machine has sufficient horsepower.

User support

Email or online ticketing support
Email or online ticketing
Support response times
Security Category 1: 95 per cent resolved within 1 working day.
Security Category 2: 80 per cent resolved within 5 working days. 100 per
cent resolved within 10 working days.
Security Category 3: 80 per cent resolved within 15 working days. 100
per cent resolved within 45 working days.
User can manage status and priority of support tickets
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Support through email and phone is available from 9 to 6, Mondays to Fridays. 24/7 Premium support for customers with larger teams, or upon premium service subscription.
Support available to third parties

Onboarding and offboarding

Getting started
The initial default settings of the software in line with relevant Asset Management standards. Users can access a dedicated help site with user documentation, and context sensitive help within the application. Upon purchase of the software, user training, either face-to-face or online, is provided.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
The client will be provided the underlying SQL databases upon contract completion. Spreadsheet formats of the data can also be produced for client records.
End-of-contract process
All data can be extracted via Excel, XML, CSV or SQL Query.
General Assistance with the extraction process is covered within the maintenance helpline.
Import of the data into alternate system may be subject to additional charges

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
System available for use on mobile via the browser using responsive design.
Service interface
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
Web-based software accessed from any major browser. System is built using the Microsoft stack in ASP.NET using the MVC framework
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
User groups include visually impaired with specific assistive technology integrated
What users can and can't do using the API
Data export API that can export the data in xls, csv, XML, JSON.
API documentation
API documentation formats
  • HTML
  • ODF
  • PDF
API sandbox or test environment
Customisation available
Description of customisation
Fully customisable using the standard user interface.
Users with administrative permissions can customise the system.
System also allows for local administrator access for lower level users to customise only those areas they are responsible for


Independence of resources
Each end customer is typically provided with their own service machine to ensure their peak demand is satisfied. Within each instance, caching is used throughout the system to reduce demand on the database and increase the speed of user access. For the Monte Carlo analysis, there is a separate dedicated server on which it is run.


Service usage metrics
Metrics types
Instantaneous and historical usage of license pools.
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data can be exported to spreadsheet and presentation formats. Users can upload their own templates for additional custom exports. Data Export API with export to JSON and XML. These files can be read directly by external applications such as R, Python, Tableau, Power BI etc.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • Excel
  • Powerpoint
  • JSON
  • XML
  • MS Project
  • Tableau
  • Power BI
Data import formats
  • ODF
  • Other
Other data import formats
  • Excel
  • MS Project

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Multiple options for guaranteeing availability are available, from cold start backup servers to hot mirroring.
Approach to resilience
Available on Request.
Outage reporting
Email alerts.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
IRIS software employs a role-based authorization within the system, where only an identified subset have access to management interfaces.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications
Any other security certifications
US Department of Defence Certificate of Networthiness

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
IRIS is fully aligned with ISO 27001 and the CSA CCM standards. We follow the standards set out for the Microsoft Azure platform set out here:
Additional details can be obtained through the audit reports available from the Service Trust Portal at
Information security policies and processes
Security is taken extremely important and is in the direct purview of the IT Director. Staff report directly about security matters and there is a no blame, and a report all, approach to security. This ensures that staff have not got any disincentives to report actual and potential security threats for further actioning.

In this environment staff feel comfortable checking the previous work of other staff members during regular security audits.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
All changes are tracked using BitBucket and Microsoft's Team Foundation Service (TFS). No change can be made without being logged and as all builds, and tests, are automated, no release can be made without a change being recorded. From initial request to release is all performed, and tracked, within BitBucket and TFS. In the development early stages automated builds and tests act as gateways. A final manual test is run before release.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Staff subscribe to multiple security mailing lists and websites to keep abreast of the latest in security vulnerabilities.
When patches are released we update our own systems first. If there are no regressions we update our production servers. Security patches are typically approved within hours if there are no immediate regressions. If there are we investigate the scale and make a judgement as to the impact of the security vulnerability versus the scale of the patch regression. This typically happens on the day of release.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Intrusion detection software runs on all servers to monitor for suspicious activity. Anti-virus and anti-malware scans run regularly as well. On detection of a compromise resolution is the priority and all relevant staff are re-tasked to the job of resolution. Our preferred solution would be to restore from clean backups where possible onto a clean virtual machine, which leaves the original virtual machine free for forensics (In simulations this would take at most an hour).
Incident management type
Supplier-defined controls
Incident management approach
The preferred method by which users can report events is through their assigned support contact who will provide up to date incident reports throughout the resolution process.
The staff have a number of predefined processes mostly designed to get the customer back up and running as quick as possible whilst allowing root cause analysis to be performed at a slower pace with no affect on the customer.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

IRIS Intelligence Ltd. supports a number of initiatives in the fight against climate change. This includes:
- Implementing a green procurement policy throughout our supply chain
- Climate friendly practices such as encouraging remote working, active travel and ensuring offices are equipped with recycling facilities and energy saving devices
- Pro-bono support for innovative start-ups seeking to limit and reduce the negative impact of human activity on the environment
- Direct financial support through monetary contributions that, for example, plant sufficient trees to ensure every IRIS employee is offsetting the carbon footprint of two or more individuals and remove plastic from the Ocean equivalent to two or more individuals. As a result, we are proud to declare that each IRIS staff member has a negative footprint for both Carbon Emissions and Plastic Pollution
Equal opportunity

Equal opportunity

IRIS Intelligence Ltd. is committed to equal opportunities in employment and service delivery. The policies and practices of IRIS Intelligence Ltd. aim to promote an environment that is inclusive and free from all forms of unlawful discrimination and values the diversity of all people. At the heart of our policy, we seek to treat people equally, fairly and with dignity and respect. IRIS Intelligence Ltd. will take every reasonable and practical step to ensure that no person working for IRIS Intelligence Ltd., all job applicants, former employees, or any member of the public using IRIS Intelligence Ltd.’s premises or services will receive less favourable treatment (direct discrimination) or will be disadvantaged by requirements or conditions that cannot be shown to be justifiable (indirect discrimination) because of; are perceived to be; or, are associated to any of the following: We will take proactive steps to ensure that the policy is known to all employees, potential employees, and organisations that we work with. We will also ensure that equal opportunity, diversity, and inclusion is embedded in all our policies, procedures, day to day practices and external relationships.


£10 to £50 a person a month
Discount for educational organisations
Free trial available
Description of free trial
14 day limited demonstration version

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.