Information Security Policy

WordPress Support Services & Website Maintenance

WP Tech Support® provides ongoing support and maintenance to WordPress websites. Our services include WordPress Core and Plugin updates security monitoring, off-site backups, support and custom development.

WP Tech Support® recognizes the importance of information security as part of a strategy to deliver quality services to our customers. The primary purpose of our information security is the protection of services, and to the confidentiality, integrity and availability of the customer information we are supplied with. We have implemented an Information Security Management System (ISMS) in line with the requirements of ISO 27001:2013.

We are committed to continuous improvement of our systems, including satisfying all legal and applicable requirements relating to information security.

Our systems have been developed with continual improvement in mind, which is measured through our objectives.

Our information security objectives are set by senior management and reviewed at least annually to ensure they have been met, and determine their ongoing relevance with the strategic direction of the business:

  • Follow and comply with all applicable legislation relating to the protection and security of the information we hold (including EU General Data Protection Regulation (GDPR) and Data Protection Act 2018).
  • Ensure that customers have confidence in our information security, and are safe in the knowledge that we are responsive to their security concerns
  • Ensure that all risks relating to our systems are treated effectively and within a timely manner
  • Continuously review the market to ensure projected information security threats are risk assessed and treated
  • Implement actions to treat information security risks identified with new projects and our ongoing business strategy

Senior management is responsible for ensuring that the requirements of ISO and our processes are adhered to, which is determined through our internal audit programme. Responsibilities for different elements of the systems are delegated out to appropriate personnel within the business, or subcontracted where required.

Our processes and systems are audited by competent personnel to ensure we are meeting ISO requirements. Any deviations from the requirements are quickly corrected, with actions implemented to prevent them from recurring.

This policy is:

  • Supported by other policies within our systems, which are communicated to all relevant personnel through the appropriate channels.
  • Reviewed annually by our senior management to ensure it is still relevant to the business and our information security objectives. It is updated where applicable and re-issued to all relevant personnel.
  • Available to all employees within the business, through our training and awareness programme, and is displayed on our website for all interested parties.

Issue 6: February 1, 2023