Iris is a quality and security conscious organization and has maintained steady progress in its quality management and information security management programs over the years as reflected in its assessments and certifications, namely 

  • Quality Management: Certified to ISO 9001 since 2002 and upgraded to ISO 9001:2015 since September 2015
  • Software Process Maturity: Assessed for SEI’s CMMI DEV Maturity Level 3 in 2009, CMMI institute's CMMI SVC Maturity Level 3 in 2016” and for CMMI institute's CMMI SVC Maturity Level 5 in 2017
  • Information Security Management: Certified to ISO 27001:2005 since 2009 and upgraded to ISO 27001:2013 since 2015.
  • SSA Infosystems (IRIS) service delivery processes have been assessed under Trust Service Principles issued by AICPA (SOC2 report).
ISO 9001 is a worldwide standard for quality management systems with its emphasis on key processes for delivering products/services to customers.

ISO 27001:2013 is an information security standard that was published in September 2013 superseding ISO/IEC 27001:2005. ISO 27001 is a worldwide recognized standard which formally specifies a management system that is intended to bring information security under explicit management control.

The Capability Maturity Model Integration (CMMI®) from the Software Engineering Institute (SEI), Carnegie Mellon, is a process improvement model that provides the essential elements to build effective and mature processes. 

The New York & New Jersey Minority Supplier Development Council, Inc. (The Council), established in 1973, is a vital link between major corporations and minority business enterprises (MBEs). Serving the New York and New Jersey region, the Council is one of the 23 regional affiliates of the National Minority Supplier Development Council, Inc. (NMSDC). Iris Software is certified as an MBE-owned company by the NMSDC and the State of New Jersey under the Minority and Women Certification Program.

SOC 2 is an auditing procedure that ensures your service providers securely manage your data to protect the interests of your organization and the privacy of its clients.