MRI Software Limited

Version X

Version X is focused on user experience, featuring flat menu structures, intuitive navigation, data mobility, and task-driven search capability. The software is secure, powerful and one of the industry’s most flexible platforms. Featuring industry-leading data visualisation and busines intelligence. This modern, mobile interface will empower you to maximise business performance.


  • Powerful search capability with MRI.GO
  • Simple anaylsis with comprehensive reporting tools and dashboards
  • High-flexibility delivered through MRI Application Toolkit
  • Interfaces with your existing software ecosystem
  • Support, online training resources and User Group events
  • Access key information on-the-go with data mobility and device freedom


  • Single source-of-the-truth for all asset related information
  • Task-driven search capability makes navigating data simple
  • Real-time performance indicators on-the-go, supporting business decisions
  • Oranise and analyse your data with highly-flexible reporting tools
  • Build tailored worflows that align with your business processes


£40000 per instance per year

  • Education pricing available

Service documents

G-Cloud 11


MRI Software Limited

Steven Fox

020 3861 7171

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints Planned maintenance is typically scheduled outside of regular business hours.
System requirements
  • One of the following: Internet Explorer—Version 11
  • Chrome—Latest two versions
  • Firefox—Latest two versions
  • Safari—Latest two versions
  • Microsoft Edge

User support

User support
Email or online ticketing support Email or online ticketing
Support response times MRI’s Global Client Support group will make every reasonable effort to ensure that submitted cases are assigned the proper level of Severity. Submitted cases will be responded to in the order in which they are received, with consideration given for higher Severity levels. Response Time is the time it takes before a Global Client Support agent makes initial contact with the individual who submitted case. Bundled Service (Normal Priority 6 Hours, Serious Priority 3 hours, Critical Priority Live Call Only) Concierge Standard (Normal Priority 4 Hours, Serious Priority 2 hours, Critical Priority Live Call Only)
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels We include support within our annual fee. Support includes a named Account Manager and a Client Support Helpdesk. The Client Support Helpdesk also serves as the contact for all cloud support requests for trained users.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Our training program is designed to help you achieve the maximum return on investment. During the implementation phase we will train your core project team to have a strong understanding of the system. Your project team will learn how data is structured in the solution, the available configuration options within the standard product and how the specific processes operate. This process involves reviewing your business processes as they are mapped to system functionality. We offer both classroom and webinar training. During this stage, well-designed and executed training helps your users of the system to become proficient and self-sufficient. After commencement of live use of the software, you will have access to a wealth of expertise via the support staff who are eager to assist with client questions and queries related to the system. You will also have access to our Client Portal for system documentation, user guides, video clips, forums, in addition to the client support team.
Service documentation Yes
Documentation formats
  • ODF
  • PDF
  • Other
Other documentation formats Word Document
End-of-contract data extraction Data can be returned as a Microsoft SQL Server backup file. Various options are available for delivery of files (e.g. secure FTP)
End-of-contract process Following termination of the contract (for whatever reason), buyer shall certify that it has returned or destroyed all copies of the applicable software and confidential information of supplier and acknowledges that its rights to use the same are relinquished. Buyer shall use its commercially reasonable efforts to remove all buyer data from any software or SaaS service prior to termination of the contract. Buyer may engage supplier to assist buyer in removing such buyer data at supplier''s then standard rates. If any buyer data remains in the software or SaaS service more than thirty (30) calendar days after the effective date of termination, supplier may, in its sole discretion and without notice, delete any and all buyer data.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service As a web-based technology, Platform X has no operational differences between mobile and desktop access.
MRI 10.4 is supported on the following devices and respective browsers:
- iPad 2 (iOS 7) or later with Mobile Safari
- Android tablet with the latest two versions of Chrome
- Windows 8 RT with Internet Explorer 11
What users can and can't do using the API Sandbox access to the API is available if required, although there may be an additional cost
API documentation Yes
API documentation formats
  • PDF
  • Other
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The MRI Toolkit empowers our clients to easily tailor the solution to further enhance the way they do business, not change it. This innovative solution allows users to easily customize web pages, views and menus as well as providing the ability to configure reports and workflows. This type of flexibility increases internal adoption, adds additional efficiency, and enables our clients to present information in the way their key stakeholders need to see it.
• Easily modify web pages, views, and menus
• Configure custom workflows
• Control how information is presented and assembled
• Create custom reports from scratch or modify an existing, standard report


Independence of resources Supplier monitors network, web, API, reporting and SQL load and flux in capacity as needed to accommodate growth in the environment. SaaS environments are monitored continuously and supplier will make adjustments to the application farms based on load criteria. Due to the unique and ever-changing needs of client it is not possible to outline any single solution that encompasses this aspect.


Service usage metrics Yes
Metrics types RI System Administrators have the ability to run reports to view usage metrics including successful/unsuccessful login and session termination through the user interface.


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Clients request data exports through the client portal or a phone call to the Global Client Support (GCS) team. A internal system is used to process the request and to indicate client confirmation and approval of the data export.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • Excel
  • RTF
Data import formats
  • CSV
  • Other
Other data import formats Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability We use commercially reasonable efforts to ensure availability twenty -four (24) hours a day, seven (7) days a week, except for: (a) planned downtime (of which we provide adequate notice and will schedule to the extent practicable during the weekend hours), or (b) any unavailability caused by circumstances beyond our reasonable control, including without limitation, Force Majeure events or internet service provider failures or delays. We host our solution in a UK-based Tier 3 data centre that is designed to deliver high availability.
Approach to resilience Available on request
Outage reporting Salesforce support desk is used to manage customer / support interaction for specific customer system issues. E-mail advisories are in place and used to alert multiple customers / contacts of unplanned outages.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels A limited number of Client Support Agents have access to the client data. Client-side personnel who have authority to manage security within the product have full visibility to each of these Client Support Agents and what security parameters they have. Our policy and process is to perform regular audits to verify that only the necessary personnel have access to client data.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information No audit information available
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications SSAE18 SOC 1 Type 2

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach MRI engages in a SSAE18 SOC1 Type 2 audit semi-annually.
Information security policies and processes We have a documented Information Security Policies and a dedicated Information Security Team work under the direction of our Information Security Council, which is responsible for assessing information security policies, technologies, and strategies. The Information Security Council in conjunction with the Information Security Team evaluates the role, scope, and size of the Information Security Team annually, based on our company size, our clients industries and the sensitivity of the data we house for those clients.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach SSAE18 Audit compliant
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Supplier engages in penetration testing, vulnerability scanning to assist in the discovery of potential threats. Upon completion of testing, supplier reviews and assesses potential and actual threats and creates and executes plans for mitigation and remediation.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Supplier responds to incidents via the Information Security Team and associated subject matter experts in a real-time, solution-driven environment.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach 6 Stage Process.
Stage 1 Discovery - Discovery of incident and reporting to security team
Stage 2 Evaluation - Initial review of the incident by the security team
Stage 3 Containment - Containment and assessment of the incident
Stage 4 Eradication - Removal of threat
Stage 5 Recovery - Restoration of services to operational state
Stage 6 Follow-Through - Post mortem documentation and review of policies

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £40000 per instance per year
Discount for educational organisations Yes
Free trial available No

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Terms and conditions pdf document: Modern Slavery statement
Service documents
Return to top ↑