Accreditation and Industry Standards for AIMS

Home | About | Accreditation and Industry Standards for AIMS

Accreditation and compliance are essential for organisations managing sensitive data, ensuring security, transparency and confidence in software that underpins critical funding programmes. At AIMS, we maintain rigorous quality and information security standards to give funders peace of mind.

ISO 27001:2022 Information Security Management System

ISO/IEC 27001:2022 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system.

It also includes requirements for the assessment and treatment of information security risks tailored to the needs of AIMS grant management software and our AIMS clients.

As part of the certification process, we have been formally assessed by Amvito, an internationally accredited certification body based in Dublin, and have been deemed to comply with the requirements of this standard.

Organisational and technical controls are required to ensure compliance. These include the controls and processes required for:

  • Access control
  • Secure authentication
  • Management of technical vulnerabilities
  • Data leakage prevention
  • Secure development and system change control
  • System security testing
  • Information security incident management
  • Business continuity management
  • Supplier management

ISO 27001:2022 Surveillance Audit Dec 2025

“Based on the results of this audit and the system’s demonstrated state of development and maturity, continued management system certification is recommended.”

– External Auditor, Dec 2025

ISO 27001 Badge for AIMS Grant Management Software

ISO 9001:2015 Quality Management System

AIMS maintains an internal Quality Management System (QMS) based on the ISO 9001:2015 standard. The adoption of a quality management system is a strategic decision for an organisation that can help to improve its overall performance. 

ISO 9001:2015 specifies the requirements for a quality management system to demonstrate our ability to provide AIMS products and services consistently. It also requires us to enhance client satisfaction through the effective application of the system, including risk assessment, policies and procedures for continual improvement, quality awareness and the assurance of conformity with client, statutory, and regulatory requirements.

AIMS QMS is based on the following quality management principles, and we apply the PDCA (Plan-Do-Check-Act) cycle and risk-based thinking.

  • Customer focus
  • Leadership
  • Engagement of people
  • Process approach
  • Improvement
  • Evidence-based decision-making
  • Relationship management
Grant Management Software Compliance

Data Protection Compliance (GDPR & Privacy)

AIMS maintains comprehensive data privacy and information security policies and provides awareness training to all staff on data protection and information security. Extensive penetration and security testing of each AIMS release ensures that we make every effort to deliver a highly secure solution to organisations. We recognise that the privacy of personal data is central to our clients’ operations. AIMS is registered as a Data Processor with the Data Protection Commissioner and responds in accordance with the established Personal Data Security Breach Code of Practice. 

Protection of customer personal data and intellectual property is a mandatory requirement of both our ISO standards.

  • ISO 27001:2022 Information Security Management System (Clause A.5.34 Privacy and protection of personal identifiable information)
  • ISO 9001:2015 Quality Management System (Clause 8.5.3 Property belonging to customers or external providers)

The functions provided by AIMS support your compliance with data protection regulations, including the EU General Data Protection Regulation (GDPR).

The AIMS solution itself is compliant with GDPR requirements.

Product features specifically designed to support personal data protection include:

  • Any data fields on client configurable forms can be flagged as personal data
  • External users can consent to the storage of their personal information
  • Internal users can view their personal data consent and communication consent flags
  • Users can view their full profile and application personal data
  • Allow external users to cancel their draft applications

In addition, we are proud that AIMS grant management software allows users full control of their personal data at all stages. We provide the functionality for consent to be requested when and where required.  We understand that data protection is an organisation-wide issue, and we provide transparency in the collection, storage and use of data and its security.  AIMS allows internal users to cancel applications in batch, obfuscate user data on request or in batch, supporting the right to be forgotten and efficient archiving of data, which works alongside our data security functions. 

Cyber Essentials certificate Amtivo ISO 27001 Certified
General Enquiries
 
© AIMS Software Ltd 2026
Web design by Creatomatic
This website uses cookies
This site uses cookies to enhance your browsing experience. We use necessary cookies to make sure that our website works. We’d also like to set analytics cookies that help us make improvements by measuring how you use the site. By clicking “Allow All”, you agree to the storing of cookies on your device to enhance site navigation, analyse site usage, and assist in our marketing efforts.
Privacy Policy >Cookie Policy >
These cookies are required for basic functionalities such as accessing secure areas of the website, remembering previous actions and facilitating the proper display of the website. Necessary cookies are often exempt from requiring user consent as they do not collect personal data and are crucial for the website to perform its core functions.
A “preferences” cookie is used to remember user preferences and settings on a website. These cookies enhance the user experience by allowing the website to remember choices such as language preferences, font size, layout customization, and other similar settings. Preference cookies are not strictly necessary for the basic functioning of the website but contribute to a more personalised and convenient browsing experience for users.
A “statistics” cookie typically refers to cookies that are used to collect anonymous data about how visitors interact with a website. These cookies help website owners understand how users navigate their site, which pages are most frequently visited, how long users spend on each page, and similar metrics. The data collected by statistics cookies is aggregated and anonymized, meaning it does not contain personally identifiable information (PII).
Marketing cookies are used to track user behaviour across websites, allowing advertisers to deliver targeted advertisements based on the user’s interests and preferences. These cookies collect data such as browsing history and interactions with ads to create user profiles. While essential for effective online advertising, obtaining user consent is crucial to comply with privacy regulations.