Innervision by IRIS - LOIS Lease Accounting Solution

LOIS Lease Accounting (LLA) is a cloud-based application designed specifically to address the accounting requirements of the IFRS 16 and FASB ASC 842 accounting standards.


  • Calculate and track ROU assets and liabilities
  • Perform lease modifications, in-life changes and remeasurements
  • Facilitate accurate financial reporting and accounting
  • Run amortisation schedules, journal entries and disclosure summaries
  • Robust and accurate audit trail
  • Powerful suite of standard and advanced reports


  • Consolidate critical lease data - unified platform and data repository
  • Ensure lease portfolio consistency
  • Calculate and track ROU assets and liabilities
  • Perform lease modifications, in-life changes and remeasurements
  • Facilitate accurate financial reporting and accounting
  • Run amortisation schedules, journal entries and disclosure summaries
  • Achieve and maintain compliance with IFRS 16 or ASC 842


£4,000 a unit

  • Free trial available

Service documents


G-Cloud 12

Service ID

9 5 4 3 6 2 7 4 9 5 6 3 2 1 2



Kay Hartigan


Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
System requirements
Modern web browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
In line with individual agreed/contracted SLAs
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Support levels
Innervision provide support by email during business hours.
Fault logging facilities via email are provided 24x7.
SLAs are based on severity and impact of the issue.
SLAs to be included as part of an agreed contract.
Support available to third parties

Onboarding and offboarding

Getting started
Each client is allocated a dedicated Implementation Manager for the duration of the implementation phase.
The Implementation Managers are accountants who can interpret your requirements and guide you through the implementation process using a tried and tested model.
Training is provided throughout the implementation phase.
Post implementation, clients are placed in hyper-care for a period of 3 months, after which they transition to our Support model.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
We provide export reports and a comprehensive API for data extraction.
End-of-contract process
Once termination of a contract is confirmed, Innervision grants the customer a period of 30 days access to LLA to allow transfer of lease data as required.
At the expiry of this 30 days, Innervision will delete all customer data from LLA

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
Designed for use on mobile devices
Service interface
What users can and can't do using the API
All features are available via API, dependant upon licensing.
API documentation
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment
Customisation available


Independence of resources
Each customer SaaS is independent and resourced as per agreed SLA


Service usage metrics
Metrics types
Service metrics will be included as part of agreed contract / SLAs
Reporting types
Regular reports


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Encryption of all physical media
  • Other
Other data at rest protection approach
ACL to source devices
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
GUI and/or API
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON
  • Excel
Data import formats
  • CSV
  • Other
Other data import formats
  • JSON
  • Excel

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Total uptime across any 30-day period will never drop below 99.9%
Approach to resilience
Multiple levels based on cost point, including load balanced, multi-az, HA etc.
Outage reporting
All outages will be reported by email.
Outages are identified as planned maintenance, emergency maintenance, or application issues. In addition, the designated implementation manager or account manager will proactively contact customers as appropriate.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
User profiles are based on explicit roles
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
BSI Assurance UK Ltd
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
ISO 9001:2015
ISAE 3402 assurance report

Innervision have established and maintain a framework to ensure security strategies are aligned with and support business objectives, provide assignment of responsibilities and manage risks.
Information security policies and processes
Innervision is governed by an integrated suite of information security policies.
Under the top level Information Security Policy itself are second-level documents with specific focus on areas such as acceptable use, data protection, password management, disaster recovery and many others

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Innervision has a robust and established process for change management which is monitored regularly
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Regular online scanning, Peer Review, static code analysis
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Logs data is consumed by SEIM and alerts raised via rules.
Incident management type
Supplier-defined controls
Incident management approach
Innervision has a documented incident management policy and process, which have been implemented and assessed in accordance with the current ISO 27001 standard.
All incidents are promptly reported into a central ticketing system which ensures that each is promptly assigned to an appropriate resource, and its progress tracked (and escalated, as required) to resolution

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks


£4,000 a unit
Discount for educational organisations
Free trial available
Description of free trial
Access to the system for 2 weeks to model test data

Service documents

Return to top ↑