Wigwam Digital Ltd

Website setup, testing and hosting service with provision of a CMS, ongoing support and training

Wigwam Digital's offering includes brand setup, dynamic XML sitemaps, wireframe creation, front-end and back-end website setup, including compatibility, accessibility and performance testing. The provision of a CMS and full training is offered, along with ongoing support and secure hosting in a UK-based data centre.


  • Full branding and website setup service including marketing consultation
  • User journey mapping to help understand your target audience
  • Focus on user experience, making navigation easy and intuitive
  • Split testing to explore user preferences
  • Embedded analytics (Google Analytics) to monitor user behaviour
  • Support and maintenance including, updates, security patching, bug fixing
  • Social media integration, including Twitter, Facebook, Mailchimp, Google Maps
  • Cloud hosting in UK based data centre in London
  • Accessibility testing, compatibility testing and operating system testing
  • Daily or weekly site backups, SSL certificates as standard


  • Website setup and branding
  • Responsive websites across IOS and android devices and browsers
  • On-page Search Engine Optimisation (SEO)
  • CMS training, including provision of video and document resources
  • Custom WordPress plugin creation to meet your requirements
  • Custom Wordpress theme setup, ensuring consistency throughout your website
  • Content creation, content review, copywriting, proof-reading, and language testing
  • Agile and flexible service delivery
  • Web security, firewall, spam filters, penetration testing
  • Built with GDPR compliance and data privacy in mind


£400 to £800 per person per day

  • Education pricing available

Service documents

G-Cloud 11


Wigwam Digital Ltd

Janis Brix



Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints None
System requirements None

User support

User support
Email or online ticketing support Email or online ticketing
Support response times All tickets will be responded to within 1 hour of receipt
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Critical Website Impact = 12 hour fix
Significant Website Impact = 24 hour fix
Nominal Business Impact = 2 working day fix
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started A full training package is offered and delivered on-site to up-skill your current workforce and website content administrators to update the website if required. This covers:

• Use of the CMS, site editing and page creation etc
• Site features and functionality
• Uploading and downloading documentation and data
• Analytics and reporting on site usage, traffic, user behaviour and user demographics where collected
• Links to social media, site promotion and marketing principles
• The issue and fault logging process

We also provide a suite of training guides. This will be both a document resource as well as an online resource, and we will create a “help” area within the CMS for your administrators to navigate to as a first port of call. This will ensure new starters or infrequent users will have the relevant information at hand to act as site administrators. Additionally we offer online video tutorial support.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction Our project handover includes:

· Files and Designs
· Website Documentation and Training Guides
· IP Handover: A formal handing over of all intellectual property is signed off.
· Access to the Website and Analytics: Administrators within your organisation will be provided with access to the CMS

A handover report will also be produced, including a summary of the development process, key findings from the testing phases and how they impacted upon the website and a report of all plugins and extensions used.
End-of-contract process Full handover of all designs, IP and access to the website. Details can be found within our service definition document and pricing schedule.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Compatible across mobile devices including iPhone, iPad, Tablet (Android) and Android smartphones
Service interface Yes
Description of service interface Typically our sites are built using Wordpress CMS
Accessibility standards WCAG 2.1 AA or EN 301 549
Accessibility testing We offer a full audit of the site features and navigation to ensure that our sites are accessible to those with disabilities and on devices using assistive technology.
Customisation available Yes
Description of customisation Full details of all optional elements of the service can be found in the Service Definition document.

We offer custom built Wordpress templates, plugins, web apps and tools to meet each buyer's bespoke requirements.


Independence of resources We have a robust delivery model for the provision of support and maintenance


Service usage metrics Yes
Metrics types We can create bespoke analytics reports and have these automatically generated for your administrative team. These are highly customisable can include metrics such as:

• Number of users and sessions
• Session duration
• Operating systems
• Device models
• Geography
• First launches
• Demographic data including: Age / Gender / Interests / Language
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency Never
Protecting data at rest Other
Other data at rest protection approach Access to data and systems is password protected and limited to authorised personnel. We operate a completely paperless organisation, ensuring no physical records are kept.
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach All data can be accessed and exported through the CMS
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Our hosted service is offered with 99.99% service up-time
Approach to resilience Available upon request
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels Ongoing management over user access is typically handed over to the buyer following project completion
Access restriction testing frequency Never
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach We work in accordance with our data protection and information security policies. These are available upon request.
Information security policies and processes A) All information assets must be used and managed in accordance with relevant legislation, which includes but is not limited to Data Protection and Human Rights legislation, and
b) Relevant guidance from definitive sources such as the International Organization for Standardization (“ISO”) and The National Cyber Security Centre (“NCSC”) will followed wherever possible, and
c) The Senior Information Risk Owner (“SIRO”) will oversee the corporate approach to Information Risk Management which in turn will underpin the Company’s management of information security and governance, and
d) All information assets will have an Information Asset Owner (“IAO”) who will be accountable for ensuring that information assets are used and protected appropriately and in line with Company policies, and
e) Staff and Contractors will be provided with appropriate training, education and awareness to enable both policy and best practise to be followed.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Undisclosed
Vulnerability management type Undisclosed
Vulnerability management approach Undisclosed
Protective monitoring type Undisclosed
Protective monitoring approach Undisclosed
Incident management type Undisclosed
Incident management approach Undisclosed

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £400 to £800 per person per day
Discount for educational organisations Yes
Free trial available No

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑