Information Security Statement
FireText shall be committed to the protection of the information assets and supporting assets as defined within the Scope of the Information Security Policy. FireText has created its Information Security Management System (ISMS) in accordance with the international Information Security Management Systems standard ISO/IEC 27001:2017: this framework shall be followed for all information security related activities, and FireText shall seek to retain external certification against this standard.
The Scope of Registration is:
The provisions of SMS communications including: sending SMS, messaging reports, contact management, SMS replies, e-mail to SMS, sub accounts and bespoke SMS projects within the UK and overseas.
The objectives of Information Security Policy are listed below:
- To direct the design, implementation and management of an effective Information Security Management System (ISMS), which ensures that FireText’s information assets are properly identified and recorded, and afforded suitable protection at all times.
- To ensure the confidentiality, integrity and availability of FireText’s information assets, and supporting assets (including information systems) as defined within the Inventory of Assets.
- To ensure that all vulnerabilities, threats and risks to information assets and supporting assets are formally identified, understood, assessed and controlled in accordance with FireText's documented Risk Assessment Methodology.
- To ensure that FireText’s employees, contractors and third party users comply with this Information Security Policy, and all other ISMS documentation, through the provision of effective information security training, awareness and ongoing monitoring activities.
- To ensure that FireText is able to maintain full compliance with all applicable legislation, regulations and contractual requirements, and any supporting management system certifications (for example ISO/IEC 27001:2017).
- Continually monitor, review and improve the ISMS, in accordance with the Management Review Policy, by undertaking regular reviews, internal audits and other related activities, and taking prompt corrective actions and implementing improvement opportunities in response to the findings of these activities.
Last updated Jul 2020