For UK multi-academy trusts
One platform for every operation.
And complete control of both.
The unified operations platform for UK multi-academy trusts. IT service management, estates compliance, governance & risk, asset tracking, and KCSIE compliance — all in one place.
Self-hosted on your infrastructure, or fully managed by us. Perpetual licence. No per-user fees.
Live demo: portal.alresfordmat.uk — the real product running for our founding trust, with synthetic data. Or get a 7-day private instance, your branding, your structure.
Open
42
Awaiting triage
3
SLA breach risk
2
CSAT (30d)
94%
Triage 3 → 4 → 3
#OAK-2042
Projector lamp blown — Y10 Sci
#OAK-2044
SIMS export failing
#OAK-2046
NetworkWifi keeps dropping — Y9
Network 7 → 8
#OAK-2031
VPN slow — staff
#OAK-2018
AP offline — M-block
SLA · 4h 12m
#OAK-2046
P3Wifi keeps dropping — Y9
SLA · 7h 42m
Estates 5
#OAK-2027
Heating cold — D-block
#OAK-2024
Light fixture — gym
#OAK-2009
PAT test — kitchen
Scheduled · 18 Oct
Seven products, one platform
Built around how a trust actually operates — not how a generic ITSM vendor thinks an enterprise should.
Each product stands alone. They share data, design, and a single sign-in — so your IT, estates, governance, safeguarding, and finance teams stop emailing spreadsheets at each other.
Helpdesk + ITSM
Tickets, SLAs, knowledge base, automation, change requests, problems, projects, service catalogue. Built around how a trust actually fields requests.
See how it works →
Single Central Record
KCSIE-mandated checks per staff member with matrix view + auto-flagging on expiry. Audit-ready exports for inspection day.
See how it works →
Estates compliance
Sites, buildings, rooms, PAT/EICR/asbestos schedules, contractor register, room bookings.
See how it works →
IT asset management
Device register, software licences, lifecycle tracking, stocktakes, on-prem network discovery.
See how it works →
Governance & risk
Risk register, policies with version history, KCSIE/Cyber Essentials/ISO 27001 controls + evidence.
See how it works →
Health & Safety
Incidents + RIDDOR, accident book, risk assessments with review cycles, COSHH, DSE, fire drills, first-aider cover, educational visits.
See how it works →
People register
One controlled staff record — engagements, qualifications with expiry, emergency contacts. The source the SCR and H&S check against.
See how it works →
AI, built in
AI that assists the work — off by default, private by design.
Every AI feature is off until you switch it on per workspace. Bring your own Azure / OpenAI key at provider cost — no markup — or use managed credentials. Free text is PII-redacted before any model call; executive context is aggregated counts only.
AI ticket triage
Classifies new tickets against your ticket types and departments and only fills blanks — it never overwrites a human's call.
Reply copilot
Surfaces the top KB articles and similar resolved tickets, with an optional AI-drafted first reply the agent edits and owns.
Ask AI
Staff self-serve answers from your published knowledge base in the help drawer — deflection before a ticket is ever raised.
Keystone Intelligent Assist
Natural-language Q&A for executives over an aggregated trust snapshot — "what risks if we take on another school?" — citing your own data.
Anomaly insights
A daily heuristic scan flags volume spikes, SLA-breach elevation and compliance overdues — deduped so persistent issues don't flood the dashboard.
Weekly headteacher briefing
A Friday digest per school — helpdesk, compliance and governance in a few paragraphs, with a recommended action.
Per-workspace monthly cost caps. Nothing leaves your install except the redacted prompt to the model provider you chose. How the privacy model works →
The wedge
Enterprise software wasn't built for trusts. So we built one that was.
Generic ITSM vendors price per agent and think your "users" are knowledge workers. Trust operations don't fit that mould — your safeguarding lead is not a "ticket creator", your caretaker is not a "service consumer", and your CFO doesn't budget per-seat for compliance.
Enterprise SaaS
- £35–£90 per agent per month
- Per-seat pricing for any "user"
- Data in someone else's cloud
- Workflow shaped for IT support, retrofitted
- Vendor lock-in via proprietary export formats
- Generic vocabulary (case / requester / agent)
KeystoneOps
- One-time licence + optional 20% maintenance
- Unlimited users, unlimited agents
- Self-hosted, or hosted by us — your choice
- Workflow shaped around the school year
- Standard Postgres + open API; export anywhere
- MAT vocabulary — academy, DSL, KCSIE, Ofsted
Why trust a new vendor
We're new. So we de-risk it structurally, not with logos.
KeystoneOps launched in 2026 — we won't pretend otherwise, and we won't show you a wall of customer logos we don't have. Instead, the things that usually make a new vendor risky are designed out: you can hold the source and the database yourself, so your operations don't depend on us still being here in five years.
It's built and run by a Head of IT inside a real UK multi-academy trust — the same problems, the same KCSIE deadlines, the same Ofsted week. The story behind it →
Source code included
Licensed trusts get the source. It's built-in escrow: if we ever disappeared, you keep running, modifying and self-hosting it. No vendor can lock you in to software you hold.
You hold the data
Self-host and your database never leaves your tenancy. Either way you get a full export plus the schema — no proprietary format, no exit fee, no hostage situation.
Perpetual ownership
A one-time licence you own outright. Maintenance is optional and renewable on your terms — decline it at any boundary and the software keeps working.
Prove it before you commit
A 7-day private instance on your own structure, the live demo portal, radically transparent pricing, and an FAQ that answers the awkward questions — verify everything before a contract.
Who it's for
Different jobs, different lenses on the same platform.
For CEOs
Board-level risk, vendor independence, defensible evidence.
Read the pitch →
For CFOs
Perpetual licence, no per-seat tax, one 5-year TCO line.
Read the pitch →
For business managers
You run the eval — transparent pricing, procurement pack.
Read the pitch →
For IT directors
Self-hosted, named integrations, full API surface.
Read the pitch →
For DPOs
Data residency, audit log, GDPR control evidence.
Read the pitch →
For DSLs
KCSIE part 5 controls, audit-ready SCR exports.
Read the pitch →
For headteachers
Less admin drag, safeguarding evidence on demand.
Read the pitch →
Plays nicely with
Identity
- Microsoft Entra ID
- Google Workspace
- LDAP / Active Directory
Comms
- Slack
- Microsoft Teams
- Email-to-ticket
Data
- Wonde MIS sync
- REST API for everything else
See it running on your trust's data.
A 7-day private instance, fully populated with your academy structure, your branding, your departments. Sent to you by email with a written walkthrough — explore it at your own pace, no pressure, no slide deck.
Live demo at portal.alresfordmat.uk — the real product, our founding trust's instance, populated with synthetic data.