Information Security Policy

WordPress Support Services & Website Maintenance

WP Tech Support® provides ongoing support and maintenance to WordPress websites. Our WordPress support services include WordPress Core and Plugin updates, security monitoring, off-site backups, support, and custom development.

WP Tech Support® recognizes the importance of information security as part of a strategy to deliver quality services to our customers. The primary purpose of our information security is to protect services and the confidentiality, integrity, and availability of the customer information we are supplied with. We have implemented an Information Security Management System (ISMS) in line with the requirements of ISO 27001:2022.

We are committed to continuously improving our systems, including satisfying all legal and applicable requirements relating to information security.

Our systems have been developed with continual improvement in mind, which is measured through our objectives.

Our information security objectives are set by senior management and reviewed at least annually to ensure they have been met and determine their ongoing relevance with the strategic direction of the business:

  • Follow and comply with all applicable legislation relating to the protection and security of the information we hold (including the EU General Data Protection Regulation (GDPR) and Data Protection Act 2018).
  • Ensure that customers have confidence in our information security and are safe in the knowledge that we are responsive to their security concerns.
  • Ensure that all risks relating to our systems are treated effectively and promptly.
  • Continuously review the market to ensure projected information security threats are risk-assessed and treated.
  • Implement actions to treat information security risks identified with new projects and our ongoing business strategy.

Senior management is responsible for ensuring that the requirements of ISO and our processes are adhered to, which is determined through our internal audit program. Responsibilities for different elements of the systems are delegated to appropriate personnel within the business or subcontracted where required.

Competent personnel audit our processes and systems to ensure we are meeting ISO requirements. Any deviations from the requirements are quickly corrected, and actions are implemented to prevent them from recurring.

This policy is:

  • Supported by other policies within our systems, which are communicated to all relevant personnel through the appropriate channels.
  • Our senior management reviews it annually to ensure it is still relevant to the business and our information security objectives. It is updated where applicable and re-issued to all appropriate personnel.
  • It is available to all business employees through our training and awareness program and on our website for all interested parties.

Issue 7: February 1, 2024