IRIS CAPITAL LIMITED

Innervision by IRIS - LOIS Lease Accounting Solution

LOIS Lease Accounting (LLA) is a cloud-based application designed specifically to address the accounting requirements of the IFRS 16 and FASB ASC 842 accounting standards.

Features

  • Calculate and track ROU assets and liabilities
  • Perform lease modifications, in-life changes and remeasurements
  • Facilitate accurate financial reporting and accounting
  • Run amortisation schedules, journal entries and disclosure summaries
  • Robust and accurate audit trail
  • Powerful suite of standard and advanced reports

Benefits

  • Consolidate critical lease data - unified platform and data repository
  • Ensure lease portfolio consistency
  • Calculate and track ROU assets and liabilities
  • Perform lease modifications, in-life changes and remeasurements
  • Facilitate accurate financial reporting and accounting
  • Run amortisation schedules, journal entries and disclosure summaries
  • Achieve and maintain compliance with IFRS 16 or ASC 842

Pricing

£4,000 a unit

  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

9 5 4 3 6 2 7 4 9 5 6 3 2 1 2

Contact

IRIS CAPITAL LIMITED

Kay Hartigan

07531965487

kay.hartigan@iris.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
None
System requirements
Modern web browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
In line with individual agreed/contracted SLAs
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
No
Support levels
Innervision provide support by email during business hours.
Fault logging facilities via email are provided 24x7.
SLAs are based on severity and impact of the issue.
SLAs to be included as part of an agreed contract.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Each client is allocated a dedicated Implementation Manager for the duration of the implementation phase.
The Implementation Managers are accountants who can interpret your requirements and guide you through the implementation process using a tried and tested model.
Training is provided throughout the implementation phase.
Post implementation, clients are placed in hyper-care for a period of 3 months, after which they transition to our Support model.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
We provide export reports and a comprehensive API for data extraction.
End-of-contract process
Once termination of a contract is confirmed, Innervision grants the customer a period of 30 days access to LLA to allow transfer of lease data as required.
At the expiry of this 30 days, Innervision will delete all customer data from LLA

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
No
Designed for use on mobile devices
No
Service interface
No
API
Yes
What users can and can't do using the API
All features are available via API, dependant upon licensing.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
Each customer SaaS is independent and resourced as per agreed SLA

Analytics

Service usage metrics
Yes
Metrics types
Service metrics will be included as part of agreed contract / SLAs
Reporting types
Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Encryption of all physical media
  • Other
Other data at rest protection approach
ACL to source devices
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
GUI and/or API
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON
  • Excel
Data import formats
  • CSV
  • Other
Other data import formats
  • JSON
  • Excel

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Total uptime across any 30-day period will never drop below 99.9%
Approach to resilience
Multiple levels based on cost point, including load balanced, multi-az, HA etc.
Outage reporting
All outages will be reported by email.
Outages are identified as planned maintenance, emergency maintenance, or application issues. In addition, the designated implementation manager or account manager will proactively contact customers as appropriate.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
User profiles are based on explicit roles
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI Assurance UK Ltd
ISO/IEC 27001 accreditation date
12/06/2018
What the ISO/IEC 27001 doesn’t cover
Nothing
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
ISO 9001:2015
ISAE 3402 assurance report

Innervision have established and maintain a framework to ensure security strategies are aligned with and support business objectives, provide assignment of responsibilities and manage risks.
Information security policies and processes
Innervision is governed by an integrated suite of information security policies.
Under the top level Information Security Policy itself are second-level documents with specific focus on areas such as acceptable use, data protection, password management, disaster recovery and many others

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Innervision has a robust and established process for change management which is monitored regularly
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Regular online scanning, Peer Review, static code analysis
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Logs data is consumed by SEIM and alerts raised via rules.
Incident management type
Supplier-defined controls
Incident management approach
Innervision has a documented incident management policy and process, which have been implemented and assessed in accordance with the current ISO 27001 standard.
All incidents are promptly reported into a central ticketing system which ensures that each is promptly assigned to an appropriate resource, and its progress tracked (and escalated, as required) to resolution

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£4,000 a unit
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Access to the system for 2 weeks to model test data

Service documents

Return to top ↑