We currently are accredited/compliant with
NIST
In 2023 IRIS Connect won a contract with the US government agency: HHS (Dept Health and Human Services), Administration for Children and Families (ACF), Office of Head Start (OHS). As part of the federal requirements, IRIS Connect has implemented 300 tailored NIST security controls as required for a FIPS 199 categorization of moderate, based on the US government's classification of data they would be uploading to IRIS Connect.
The security controls are from the NIST Special Publication 800-53 Revision 5, Security and Privacy Controls for Information Systems and Organizations. The National Institute of Standards and Technology (NIST) Special Publication 800-53 is a set of recommended security and privacy controls for information systems and organizations to help meet the US government's Federal Information Security Management Act (FISMA) requirements.
NIST controls cover 20 areas as shown in Table 1
Cyber Essentials and Cyber Essentials Plus
Cyber Essentials Certificate 2025
At IRIS Connect, the security and integrity of our systems and data are of paramount importance. That’s why we are proud to be certified under the UK government’s Cyber Essentials scheme—a recognised standard that demonstrates our commitment to safeguarding against the most common cyber threats. This certification validates that we have implemented robust security controls across our IT infrastructure, including firewalls, secure configuration, access control, malware protection, and patch management.
Click this link to access the Cyber Essentials digital certificate
Cyber Essential Plus Certificate 2025
Taking our commitment even further, we have also achieved Cyber Essentials Plus certification. This advanced level includes a rigorous, independent technical audit to verify the effectiveness of our cyber security measures. It provides assurance to our users, partners, and stakeholders that we don't just follow best practices—we proactively test them to ensure our systems remain secure. These certifications reflect our ongoing dedication to data protection, risk management, and continuous improvement in cyber resilience.
Click here to access the Cyber Essentials Plus digital certificate
Healthcare
Data Security and Protection Toolkit (DSPT)
The iConnect DSPT can be viewed here
Digital Technology Assessment Criteria (DTAC)
The iConnect DTAC responses are avaliable upon request. Contact our Support team to request this.