ITESOFT Invoice Processing

ITESOFT’s invoice processing solution reduces costs, manages payment schedules and ensures a reliable audit trail. With omnichannel capture it processes all invoice formats automatically. Unmatched reading rates are achieved through AI and a mutualised supplier base and a highly customisable workflow implemented on a BPM platform provides maximum flexibility.


  • Capture of all inbound invoices reducing environmental impact
  • Mutualised Supplier Database increases straight through processing
  • Paper, Email, EDI and Portal formats supported
  • Automated reading of all header and footer fields
  • Additional fields available for OCR as required
  • Automatic ERP integration
  • Fraud Detection Services validate conformity of invoice document
  • Coding and Approval workflows for non PO invoices
  • Matching to PO's and discrepancy handling
  • Full audit trail


  • Reduce invoice processing time
  • Guaranteed automation rates of over 85%
  • Reduce manual workload
  • Digitial storage of images saves office space
  • Eliminate manual data processing
  • Seamless ERP integration
  • Increased spend control against budget
  • Flexible workflows to support compliance needs


£0.18 per unit

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11



Nick Dunnett

01252 741500

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Planned maintenance occurs outside of standard UK office hours. Notification is provided to all users in advance.
System requirements Licence based on invoice volume

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response time is with 4 business hours
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels ITESOFT will use commercially reasonable efforts to deliver a service available at all time. The service is monitored 24/7 to achieve this. Support for any other issues is available during UK office hours with a 4 hour response time.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Onsite training and user documentation are provided to help users start with the service
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Data can be extracted on request at the end of the contract and is provided via SFTP
End-of-contract process There are no exit costs at the end of the contract

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service No difference.
Customisation available Yes
Description of customisation Additional fields can be either automatically read (OCR) or manually entered to documents.

Customisation of ERP integration is possible. Integration can be by flat file, API, or web service.

All customisations must be carried out by ITESOFT.


Independence of resources Resource allocation is based upon the customer's volumes, which is monitored and scaled up accordingly.


Service usage metrics Yes
Metrics types Document volume, OCR rates, Throughput, Bottlenecks.
Reporting types Real-time dashboards


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Data is exported in real-time to an SFTP site for collection by service users.
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON
  • XML
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Goal of 100% availability outside maintenance periods
Approach to resilience Rely in MicrosoftAzure datacentres that brings by-design physical redundancy (power, network)
Moreover each bit of data is stored three times in the main datacenter and three times in a datacentre located 1000-km far
Service redundancy and scalability brings the ultimate level of resiliency.
Outage reporting Email alert sent by ITESOFT support

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Personal identification (no generic admin account)
IP restriction
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Rely on MS Azure hosting which has many certifications

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Security policy and governance can be provided on request (confidential, require NDA)
Information security policies and processes ITESOFT’s security policy details the practices and procedures followed within the business to ensure that all information pertaining to customers, partners and staff is securely handled, stored and processed. Within the organisation this is managed by the Chief Information Officer with board responsibility managed by the Deputy CEO.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach - history of all changes (who/what/when/why) and linked to the functional work units (feature/task)
- mandatory code review by architect before commit
- independant testing department (security, regression, functionnal)
- regular security trainings (owasp top 10 and others) to every people contributing to the service
Vulnerability management type Supplier-defined controls
Vulnerability management approach - Multiple perimeter analysis (live analysis and campaign based)
- Pentests
Protective monitoring type Supplier-defined controls
Protective monitoring approach - Multiple perimeter analysis (live analysis and campaign based)
- Pentests
Incident management type Supplier-defined controls
Incident management approach A specific division of the company operates the service and common event monitoring, detection and handling have defined processes in this organization
Incident reports are reported via the support which can handle and route security incident with the appropriate priority

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £0.18 per unit
Discount for educational organisations Yes
Free trial available Yes
Description of free trial All standard functionality is included

Any customisations to export file and additional fields

Limited to 2 weeks

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑