Information Security Statement

FireText shall be committed to the protection of the information assets and supporting assets as defined within the Scope of the Information Security Policy. FireText has created its Information Security Management System (ISMS) in accordance with the international Information Security Management Systems standard ISO/IEC 27001 this framework shall be followed for all information security related activities, and FireText shall seek to retain external certification against this standard.

The Scope of Registration is:

The provision of mobile messaging communications including: sending mobile messages, message reporting, contact management, mobile message replies, email to SMS, sub accounts and bespoke mobile messaging projects within the UK and overseas.

Objectives

The objectives of Information Security Policy are listed below:

  • To direct the design, implementation and management of an effective Information Security Management System (ISMS), which ensures that FireText's information assets are properly identified and recorded, and afforded suitable protection at all times.
  • To ensure the confidentiality, integrity and availability of FireText's information assets, and supporting assets (including information systems) as defined within the Inventory of Assets.
  • To ensure that all vulnerabilities, threats and risks to information assets and supporting assets are formally identified, understood, assessed and controlled in accordance with FireText's documented Risk Assessment Methodology.
  • To ensure that FireText's employees, contractors and third party users comply with this Information Security Policy, and all other ISMS documentation, through the provision of effective information security training, awareness and ongoing monitoring activities.
  • To ensure that FireText is able to maintain full compliance with all applicable legislation, regulations and contractual requirements, and any supporting management system certifications, including transitioning to updated versions (for example ISO 27001:2022).
  • Continually monitor, review and improve the ISMS, in accordance with the Management Review Policy, by undertaking regular reviews, internal audits and other related activities, and taking prompt corrective actions and implementing improvement opportunities in response to the findings of these activities.
  • Continually maintain and adhere to the Statement of Applicability, in accordance with the Management Review Policy, by undertaking regular reviews and ensuring adherence as the business develops and grows.

Last updated December 2023