wbp equipContact Us

Information Security Overview

Approved by: Ian Chadwick — 26/01/2026

Commitment

Information security is fundamental to trust, resilience, and responsible technology delivery at WBP Equip. We are committed to protecting the confidentiality, integrity, and availability of information — including personal data, proprietary technology, and business-critical assets.

Governance and Oversight

Information security is managed as part of our broader governance, risk, and compliance framework. Senior management takes responsibility for setting the direction, resourcing, and oversight of our security arrangements. Security considerations are integrated into business planning, technology development, and operational decision-making.

Risk-Based Approach

We adopt a risk-based approach to information security, proportionate to our size, stage, and operational model. Security decisions are informed by consideration of:

  • the sensitivity and classification of data and systems;
  • the nature and purpose of technology use;
  • the potential impact of security incidents; and
  • the evolving threat landscape.

Access Control and System Protection

We implement appropriate access controls to protect information and systems. These include role-based access, authentication requirements, activity monitoring, and secure configuration practices. Access is restricted to authorised individuals and reviewed as appropriate.

Secure Development and Operations

Our technology development processes incorporate security considerations. These include environment separation, secure handling of data during development and testing, change management practices, and review of third-party components.

Third-Party and Supplier Security

Where third parties have access to systems or data, security considerations are factored into supplier selection and ongoing oversight. Contractual safeguards and appropriate due diligence support our approach.

Incident Awareness and Response

We maintain an awareness of security risks and have proportionate arrangements for the identification, containment, escalation, and resolution of security incidents. Lessons from any incidents are used to strengthen our security posture.

Training and Awareness

We recognise the importance of human factors in information security. Individuals involved in our operations are expected to act in accordance with security policies and to maintain an awareness of common threats and good practices.