Aiimi Ltd

Aiimi Insight Engine – Digital Applications

Insight Engine is our unique discovery platform. It works alongside you, using artificial intelligence to swiftly and securely serve you relevant information and insight. Bring enterprise search and insights to your low-code and no-code platforms with Aiimi Insight Engine for Digital Applications. Sample applications and APIs, widgets and technical support.


  • Enterprise Search
  • Content Discovery including Legal Discovery
  • Content Analytics
  • GDPR and PCI Risk Dashboarding and Mitigation
  • Document Summarisation
  • Topic Extraction
  • SharePoint Enterprise Insight Web Part
  • Sample Low Code Applications
  • Application API


  • Find content across multiple sources quickly and easily
  • Find data alongside documents in one search
  • Access enterprise search from low-code and no-code apps
  • Speed up development with sample applications for PowerApps and BettyBlocks
  • Provide access to unstructured and structured data
  • Extend access to enterprise information to field and mobile workers


£33,000 to £33,000 a unit a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

5 7 1 2 4 0 4 3 2 4 8 3 7 2 8


Aiimi Ltd Matt Eustace
Telephone: +447919330081

Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
No significant constraints.
System requirements
Requires either Windows or Linux operating systems

User support

Email or online ticketing support
Email or online ticketing
Support response times
P1 - 30 Minutes
P2 - 2 Hours
P3 - 4 Hours
P4 - 8 Hours
Within UK business hours.
User can manage status and priority of support tickets
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Onsite support
Support levels
Support is provided by our UK based service desk and by dedicated DevOps engineers. We provide support at 10% of the license cost (note that example license pricing provided here includes this 10%). DevOps engineers are aligned to specific customers and provide personalised support.
Support available to third parties

Onboarding and offboarding

Getting started
There are two sets of users that are involved in the Insight Engine onboarding process; Insight Engine administrators (i.e. those responsible for administering the Insight Engine service for their respective organisation), and end users (i.e. those who will use the service to perform their role).

For Insight Engine administrators, user friendly, high quality documentation and guidance materials are provided and cover the following areas: installation, configuration, testing, and security. FAQ’s and help pages are also available.

Knowledge articles and demonstration materials exist for core Insight Engine Applications designed to educate and raise awareness to end users with an engaging overview of what the platform functions are, for what purpose, and how these can be used. Moreover, user experience is a core focus for all Insight Engine product development efforts, ensuring the service is as intuitive and easy to use as possible.

End users and administrators also have access to an online Insight Engine community whereby knowledge articles are shared. This also exists as a forum for sharing questions and getting in touch with dedicated Aiimi Insight Engine experts who are on hand to offer best practice guidance and advice.
Service documentation
Documentation formats
End-of-contract data extraction
The service does not hold the original data, it's simply an index of the text from the source, therefore there is no need to extract the index.

The index may be enriched with metadata by Insight Engine , or by users of the software. This information can be provided at the end of the service term in CSV format as part of the service close down. There is no charge for provision of this information.
End-of-contract process
Included in the price of the contract:

At the end of the contract, Insight Engine components and Elastic will be uninstalled and all access to applications revoked.

Elastic components will be removed from the instance:
- The Elastic instance will be closed down and the data held will be deleted.
- Customer can retain all main indices within Elastic in CSV format. These exports contain the indices, the data outputs from the crawling and enrichment, text content and specify any classification applied to documents. Data can be exported using a CSV export utility that will output the attributes of documents enabling the administrator to select what attributes to be exported :
- Elastic nodes will be closed down and removed from any servers it is installed.
- Elastic service will be closed down
- Kibana service will be closed down

The Insight Engine components that will be removed include:

Insight Engine Logs:
- Log production will cease
- Historic Insight Engine logs will be deleted

Insight Engine services that will be uninstalled:
- Insight Engine Source Agent
- Insight Engine Enrichment
- Insight Engine Security
- Insight Engine Content Agent

Applications made inaccessible:
- Insight Engine
- Kibana

Using the service

Web browser interface
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The web interface is fully responsive to the client form factor.
Service interface
User support accessibility
WCAG 2.1 A
What users can and can't do using the API
The service provides two APIs, the Search API which can be used to build applications (e.g. Low Code) applications that interface with the service, and the Data Science API (a licensed module) that allows full access to the service for analytics and reporting purposes.
API documentation
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Customisation available
Description of customisation
The branding, colour scheme, data sources and data enrichment processes can all be customised. This customisation is carried out by Aiimi's DevOps engineers.


Independence of resources
The application is scaled according to data volume and user load. Discovery loading is multi-threaded and can be scaled up and down to avoid impact on other services and users. Customers are segregated at Hypervisor level and allocated dedicated resources appropriate to their expected usage.


Service usage metrics
Metrics types
The application provides an interface for service analytics which provides the following metrics:
- Page popularity
- Volume of users by month and by function
- Volume of searches
- Search performance
- User feedback
- Usage by department
- Search term usage
Reporting types
Real-time dashboards


Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Data can be exported in JSON format on request to our DevOps engineers by raising a ticket through the support desk.

Data can be exported by end users by adding records to a collection and then using the Export functionality within the UI to create a CSV extract,
Data export formats
  • CSV
  • Other
Other data export formats
Data import formats
  • CSV
  • Other
Other data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
If hosted in Azure, Google or Amazon datacentres, we provide a 99.99% uptime SLA for the application (agreed maintenance windows excepted). The solutions ability to crawl new source data or to be accessible from the customer network is covered to the perimeter of the Aiimi provided facility, e.g. we do not provide an SLA for customer network connections. Customers receive support service credits when SLAs are not met.
Approach to resilience
Insight Engine can be provisioned in Azure, AWS and GCP environments as well as on-premises, each with similar approaches to resilience. An Aiimi implementation will include our best practice resilience measures, including taking advantage of geographical and in-datacentre resilience features provided by the datacentre. Examples include ensuring that multiple machines are used to support the service, each patched and maintained at different times and with independent power, cooling and network connections. The service itself makes use of stateless connections, load balanced web application servers and sharded indexes. Background activities such as source system crawls and metadata enrichment processes can run on any available server, providing resilience for back-end services. The resilience approach appropriate to your chosen infrastructure provided will be discussed prior to implementation.
Outage reporting
We routinely monitor the health of our elasticsearch cluster through Kibana Monitoring to ensure that the cluster is in a healthy state and performing as expected. Aiimi will also monitor dashboarding offered by cloud providers e.g. Google Stackdriver Monitoring or Azure Monitor. These dashboards allow us to track the performance of our hardware and software in real time. E-mail alerts are also setup to notify Administrators, should any metrics exceed pre defined thresholds.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Aiimi Insight Engine uses domain independent authorisation for management and support interface access. These logons only allow access to the management interfaces and full audit is recorded for all management actions.

A starters movers, leavers process is used to control and audit who is authorised to access systems and this is provided on a 'need to know' basis rather than access being granted to all support and service staff to all systems.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
Our security practices are accredited to Cyber Essentials Plus and aligned to the ISO27001 annex A controls. Aiimi is currently undergoing ISO27001 certification.
Information security policies and processes
Aiimi has an Information Governance Committee which is responsible for generating and reviewing data security and policies. The policies are then reviewed by the board and distributed to staff by the HR team. Information governance and data protection clauses are also included in staff contracts and updated with employee data privacy notices on a regular basis in-line with changes in the security policy.

Our policies are in-line with ISO27001 and communicated to staff in a number of ways:
- Monthly all staff briefings for the latest information security concerns
- Regular automated information security tests
- Electronic information security training with assessments. This is focussed on the staff role
- Ad-hoc staff updates related to current concerns

Aiimi has an annually reviewed risk management framework that is agreed with the board, which guides the activities of the information governance committee who implement policy changes to cater for current risks. The IGC meet as a committee once a quarter, or on demand if required.

Incident management is handled by our service desk and a formal procedure governs how incidents are handled.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Instances of Insight Engine hosted by Aiimi will be commissioned on Azure infrastructure in a customer resource group and the change management approach for that instance will be agreed with the customer. Based upon a template that defines the annual maintenance windows, KPIs, SLAs, RPO and RTO for the instance, change management activities will be governed by those requirements. Application releases and code components are managed in GitHub and all releases are penetration tested in-house on QA environments and again when released to a customer environment.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Aiimi deploys two key mechanism for assessing threats to the application. First is a peer code review by developers trained in secure software development. Training is provided by KnowBe4. The second is through the use of AppCheck to perform vulnerability scans on internal deployments of Insight Engine. These are performed monthly and the output reports are fed into the development backlog.
Patches to security issues are immediately prioritised for development and can be released outside the standard release cycle. High risk security patches are applied by our DevOps team within two days of being issued, or according to customer schedule.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Protective monitoring is only commissioned by Aiimi where we host the application on our customer's behalf in Microsoft Azure datacentres. We use Microsoft Antimalware for Azure Cloud Services and Virtual Machines to identify compromises. Aiimi responds within 30 minutes to an alert, whether that is a potential compromise or an incident.
Incident management type
Supplier-defined controls
Incident management approach
The Aiimi Service Desk processes are determined by the Incident Management tool in use and based on the ITIL V3 framework. Incidents are logged, classified, categorized, prioritized, assigned for investigation and investigated until resolved. Customers log incidents via a dedicated email address, a dedicated landline phone number or an on-line portal.
Routine events are handled through scheduled maintenance windows. Recurring issues are logged as Problem tickets for root cause analysis.
Periodic reports are generated using the Incident Management tool and used by customers and internal teams for trend analysis, performance review and continual service improvement.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

Aiimi reached net zero in 2019, being certified in that year as a Carbon Neutral Plus company, and we are currently working to offset all of our emissions since the company founded in 2013. Aiimi Goes Green is our green initiatives body and working with our supply chain, we are aiming to encourage and enable our supply chain to also go net zero to their founding. We have commitments from all of our major services partners to work with us on this. We are also B-Corp Pending, aiming to complete B-Corp in 2022.
Tackling economic inequality

Tackling economic inequality

Aiimi has a range of initiatives to tackle inequality of various forms. Our Aiimi Giving programme aims to help those most in need by raising money to fund charity work, particularly in poorer areas and communities. This includes funding UK Youth who nurture young people providing training and opportunity to some of the most disadvantaged young people in the UK. We also work closely with St Mungo's charity helping people back into work after hardship. We run back to work sessions directly with the charity and teach skills such as coding and use of Office applications. Our apprenticeship programme is aimed at encouraging those who have not been through the traditional routes into IT, including those who are retraining after losing their jobs during the pandemic.
Equal opportunity

Equal opportunity

We are a proud signatory of the Tech Talent Charter and submit our diversity data annually to this non-profit organisation, which works to address inequality in the UK’s tech sector. In addition to this, we partner with the Global Equality Collective to survey our diversity and employee engagement and we will publish gender and race statistics as part of our commitment to transparency and continual improvement. Our goal is to ensure our company diversity reflects the clients we serve. Our diversity and equal opportunity initiatives include:
- Training to remove bias from decisions, including in interview process
- Training on Diversity, Equity and Inclusion as part of the onboarding process. What does this mean to us as individuals, but also what does it mean to Aiimi as an organisation
- Collecting our diversity data and using it to set tangible goals
- Holding diversity events to increase understanding and improve inclusivity within Aiimi, the tech industry, and the local community, with topics such as unconscious bias and allyship
- Gathering feedback from Aiimi’s team to assess our employment policies and practices
- Hosting our own ‘Code First: Girls’ courses to encourage women and non-binary people into tech
- A signatory of the Business in the Community equality charter, Race at Work, which sets out five calls to action to ensure ethnic minority employees are represented at all levels in the organisation
- A signatory of the Tech Talent Charter, which aims to address inequality in the UK tech sector whilst driving inclusion and diversity in a practical and measurable way
- Build a platform for both Aiimi team members and external speakers to share their experiences of DE&I in the workplace, for example, holding Disability and Autism awareness sessions with local charities to build our knowledge in these areas


Looking after our staff is our number one priority. Our Wellbeing initiative has evolved and grown with Aiimi, and now encompasses a huge range of resources to support our employee’s physical and mental health. From 24/7 access to free counselling, to monthly workshops on topics like imposter syndrome and coping with anxiety, to yoga and meditation, discounted gym membership, and personal training sessions. We also have 14 Mental Health First Aiders at Aiimi, all fully trained to support staff in times of need and help us look out for each other. We’ve made it easy to locate help using our “Meet the Team” intranet pages. Email for more information.


£33,000 to £33,000 a unit a year
Discount for educational organisations
Free trial available
Description of free trial
For complex requirements we will run a 6 step proof of technology, usually over a 3 week period. This includes design sprint, user journey mapping, configuration and proof of technology.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.