InterSystems Corporation

InterSystems IRIS Data Platform

InterSystems IRIS is a complete, unified platform that simplifies the development, deployment, and maintenance of real-time data rich solutions.

InterSystems IRIS combines a transactional-analytic processing engine for all data types; multiple, fully synchronized data models; native interoperability connecting disparate applications and data sources; and an open analytics platform.


  • Enterprise unified data platform. Data management interoperability transaction processing analytics
  • Automatic model consistency promotes Low Code. Enables different development patterns
  • Hybrid transactional/analytic database with ACID compliance for SQL/NoSQL
  • Data Models. Support Objects SQL multi-dimensional arrays document columnar
  • Enterprise Scalability. HA mirroring sharding and multi-node deployment options
  • Advanced analytics. Business Intelligence Spark UIMA PMML Natural Language Processing
  • Multi Workload. Complex queries scanning big data. Fast data ingestion
  • Flexible Cloud deployment including Hybrid SaaS PaaS plus on premise
  • Integration. Providing seamless service deployment and orchestration. Including devices IoT
  • Developer flexibility. Java Javascript .Net C++ XML JSON ODBC JDBC


  • Single Data Platform. Eliminates latency and duplicate data stores
  • Single development environment across all functionality. Developer productivity and efficiency
  • Concurrent transactional/analytical processing. Eliminates latencies delivers immediate insights
  • Less code, fewer system resources and less maintenance. Optimal DevOps
  • Vertical and horizontal scalability. Increased workloads data sizes/types users
  • Reduce infrastructure costs. Efficient data storage and simple fast installation
  • Integrated ESB or SOA. Revitalise legacy and create innovative solutions
  • Enables innovation. Machine learning predictive analytics Natural Language Processing
  • Government Security. Common Criteria 3 Certified all data document levels
  • Free online learning environment. Comprehensive online documentation. Global developer community


£5414 per unit per year

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 10


InterSystems Corporation

Alison Findlay

01753 855450

Service scope

Service scope
Service constraints No applicable constraints.

Refer to Service Definition, Pricing and License Terms.
System requirements
  • Cloud agnostic - public, private, hybrid
  • Servers - Windows, AIX, SUSE, Redhat, Ubuntu & Oracle Linux
  • Additional Development Platforms - CentOS and Apple macOS
  • Link to detailed requirements provided in Service Definition

User support

User support
Email or online ticketing support Email or online ticketing
Support response times InterSystems Worldwide Response Center is accessible 24 x7 via phone, email or web-based support portal. Our intention is to provide an immediate response. All contacts have a response within 30 minutes.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels InterSystems Technical Assistance Services are provided on a 24x7 basis as standard for customers with a software subscription license for InterSystems IRIS. The customer sets the priority and can elevate the priority at any time. InterSystems staff may elevate the priority but may not lower the priority without customer authorisation. Customer Problems: Crisis = Immediate/Continuous 24-hrs attention until resolution; High = Same customer business day resolution; Medium = resolution within 5 customer business days. Software Defects (Bug Fixes): Crisis = Immediate/Continuous 24-hrs developer attention until defect corrected or acceptable workaround; High = Fix tested and delivered to individual customer within 2 weeks and included in next maintenance release; Medium = Fix provided in next maintenance release. All supported customers have access to a named account manager and sales engineer as customer relationship points of contact. This is in addition to the problem management and escalation procedures of InterSystems Worldwide Response Centre.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started InterSystems provides extensive on-line learning materials and documentation.

Classroom training is available from the InterSystems office in Windsor covering all aspects of working with the InterSystems IRIS platform.

Onsite training is available on request.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction InterSystems IRIS provides connectivity which allows data to be extracted from the platform in a number of ways using either built in or third party ETL tools.
End-of-contract process This depends on the hosting option chosen, however, usually any data that is to be retained is extracted and then the platform is decommissioned.

Using the service

Using the service
Web browser interface Yes
Using the web interface Users may manage, configure and operate all aspects of the InterSystems IRIS platform, assuming that a specific user has the appropriate development or administrative role(s). The customer decides which roles should be assigned to specific users.

This includes creation and configuration of IRIS instances as well as any business logic, APIs and data structures.Some aspects are more easily maintained using the Eclipse based IDE that is available alongside the web based management portal.
Web interface accessibility standard None or don’t know
How the web interface is accessible The web interface provides a comprehensive mechanism to configure, manage and operate the InterSystems IRIS data platform. It is accessible from any mainstream browser and is restricted to a specific InterSystems IRIS instance.
Web interface accessibility testing The InterSystems IRIS Web portal is aligned with and conforms to common accessibility standards. InterSystems is aware of the standard and the importance of accessible tools, and are WCAG 2.0 level AA compliant with several of our products, but have not yet tested or audited Accessibility with InterSystems IRIS’ Management Portal.
What users can and can't do using the API InterSystems IRIS provides many APIs. These are available to configure and manage the platform including continuous integration and operational management.

InterSystems IRIS enables the creation and management of new application APIs as part of implementing an Service Oriented Architecture (SOA), utilising either a Service or MicroService based approach.
API automation tools
  • OpenStack
  • Terraform
  • Puppet
  • Other
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
Command line interface Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
  • Other
Using the command line interface The user may exercise partial or complete control over the configuration and operation of InterSystems IRIS, dependent on their role(s) and permissions.


Scaling available Yes
Scaling type Manual
Independence of resources Each customer operates using their own versions(s) of InterSystems IRIS using dedicated instances and operating environments.

The InterSystems IRIS data platform can scale in a number of different dimensions in order to handle Petabyte data sets, very high rates of data ingestion and massive concurrent transactional and analytical workloads.

Further details of deployment architectures to suit specific workload mixes are available on request.
Usage notifications Yes
Usage reporting
  • API
  • Email
  • SMS


Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Databases
  • Configuration data
Backup controls InterSystems is not offering a managed service for InterSystems IRIS as part of this service. The platform offers built in capabilities to perform on-line backups of all data and code, as well as mechanisms to integrate with external backup mechanisms such as SAN snapshots.

InterSystems maintains reference backups of the InterSystems IRIS data platform. Users fully control the nature and frequency of backups of data and configuration dependent on the nature of the chosen Cloud deployment platform.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users schedule backups through a web interface
Backup recovery Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Dependent on chosen hosting option, however customers regularly choose to configure their environments to achieve between 99.99 and 99.999 uptime
Approach to resilience InterSystems IRIS includes in-built Synchronous and Asynchronous mirroring, suitable for the deployment of cost effective and robust HA and DR. This is usually combined with capabilities within the chosen hosting environment to provide very high levels of resilience. Further details may be found at the InterSystems Developer Community:
Outage reporting InterSystems IRIS is capable of generating a variety of different alerts, delivered by multiple mechanisms, dependent on the chosen Cloud hosting environment. Management of Enterprise deployments is often facilitated by using tools such as Nagios, which instrument aspects of the environment other than the core InterSystems IRIS solution. In such a case, reporting of outages or other operational issues is handled through the monitoring tool.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication This is dependent on the Cloud deployment options that are chosen and the security requirements of information to be managed within the InterSystems IRIS platform. Users for deployed solutions with sensitive data are often authenticated using multi factor authentication and access environments using restricted networks. However, a deployed application may authenticate users using a username/password combination. Frequently such authentication is often delegated to a trusted external source.
Access restrictions in management interfaces and support channels Management interfaces are provided via a locked down, dedicated Apache instance that is installed as part of InterSystems IRIS. Access to management facilities via this Apache instance is usually restricted to an encrypted VPN with 2-factor authentication. However this may be varied, dependent on the Cloud hosting option chosen and the sensitivity of the data within the platform.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Other
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Certification Europe
ISO/IEC 27001 accreditation date 20/04/2016
What the ISO/IEC 27001 doesn’t cover Activities performed outside of InterSystems UK.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards Cyber Essentials
Information security policies and processes InterSystems' Global Trust program uses a framework of controls based on ISO, HIPAA, NIST, APEC CBPR, and EU DPD/GDPR requirements. InterSystems UK is certified to ISO/IEC 27001.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Configuration Items (CIs) are identified and controlled using Configuration Management Data Base (CMDB) systems. Any updates to the CIs (performed via Change Control) are replicated in the records on the CMDBs. Change Management controls all changes to all services in InterSystems UK. Changes follow a standard process of Categorisation, Impact Assessment, Approval, Design/Build, Testing, Release, Closure. Configuration record updates are performed during the Change Management process.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Vulnerability Management within InterSystems UK is performed using processes which have been audited and certified to ISO/IEC 27001. Vulnerability scans are carried out proactively and the level of risk is determined for any issues identified. Vulnerabilities are also identified using a range of subscription monitoring services and software. Once an issue has been identified, appropriate corrective actions are developed and the impact of deployment established. The time taken to deploy any patch / update is consistent with the level of risk and the impact of deploying.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Protective Monitoring within InterSystems UK is performed using processes which have been audited and certified to ISO/IEC 27001. Monitoring is carried out of user activities, exceptions, faults and information security events and action identified consistent with the level of risk.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Incidents are managed within InterSystems UK using processes which have been audited and certified to ISO/IEC 27001. Incidents can be reported by anybody within the organisation to a single point where they are logged and details taken. Investigations are carried out and corrective actions identified based on an assessment of the impact and likelihood of occurrence. Root Cause Analysis is carried out post-incident to determine any preventative actions that can be taken to avoid recurrence. Details of incidents are reported to senior management to enable further discussion and planning.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Third-party
Third-party virtualisation provider Dependent on the chosen Cloud hosting option
How shared infrastructure is kept separate Where different organisations are hosted on the same infrastructure, their InterSystems IRIS environments are fully separated, running in different OS images with data in motion usually secured by TLS implementations specific to each organisation and data at rest in physically separate databases, on separate storage mount points that are secured by strong encryption using keys that are specific to each organisation.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £5414 per unit per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial InterSystems provides a range of no-risk options designed to allow prospective customers to learn more about IRIS Data Platform; explore the software itself; and then take steps towards becoming a customer or partner.

See Service Definition for details of the IRIS Experience


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑