Skip to Main Content
0
United Kingdom
Select regional store:
Secure your business from cyber threats this winter. Test your vulnerabilities now. Find out more
Gambling > Gambling Commission > Gambling Commission Security Audit
Gambling Commission Security Audit

Gambling Commission Security Audit

Leave a review
SKU: 4584
Format: Consultancy

Meet the requirements of the Gambling Commission with IT Governance’s annual security audit service.

With a wealth of experience, our team of ISO 27001 Lead Auditors, many of whom also hold CISA, CISM or CISSP certificates, are qualified to carry out independent information security audits as required by the Gambling Commission.

For more information about this service or to get a tailored quote for your organisation, please enquire below and one of our experts will be in touch shortly.Enquire about this service

You may also be interested in

Comprising an initial gap analysis phase and an independent audit, this service will enable you to undertake your Gambling Commission security audit with confidence.
Gambling Commission Security Audit – Standard Service
Gambling Commission Security Audit Managed Service
Gambling Commission Security Audit – Managed Service
Prepare for your Gambling Commission security audit by addressing nonconformities with the help of our expert ISO 27001 Lead Auditors.
Gambling Commission Security Audit - Remediation Service
Gambling Commission Security Audit - Gap Analysis
Gambling Commission Security Audit - Gap Analysis
Description

Gambling Commission Security Audit

The Gambling Commission requires all remote gambling operator licensees to complete an annual third-party security audit against particular sections of ISO 27001, and submit a report as evidence of compliance.

IT Governance is suitably qualified to assess licensed remote gambling providers against the applicable ISO 27001 clauses as set out under Section 4 of the Remote gambling and software standards (RTS).

We will perform an audit against the selected ISO 27001 security controls that apply to the following “critical” systems as defined by the Gambling Commission:

  • Electronic systems that record, store, process, share, transmit or retrieve sensitive customer information, e.g. credit/debit card details, authentication information, customer account balances.
  • Electronic systems that generate, transmit, or process random numbers used to determine the outcome of games or virtual events.
  • Electronic systems that store results or the current state of a customer’s gambling history.
  • Points of entry to and exit from the above systems (other systems that are able to communicate directly with core critical systems).
  • Communication networks that transmit sensitive customer information.

On completion of the annual security audit we will provide you with a report that is suitable for submission to the Gambling Commission.

”IT Governance consultant, Inzamam Khokhar, conducted our Gambling Commission Security audit in November 2022. The auditor was calm, professional, and knowledgeable on the legislation which aided for the audit to be completed successfully in a timely manner.”

- Jill Moore, Lottery Manager at Your Hospice Lottery

What's included

What does the security audit include?

In line with the requirements of the Gambling Commission, we will deliver the following as part of the security audit:

  • Determine the scope of testing.
  • Review relevant policies, procedures and documents.
  • Review IT systems.
  • Assess the effectiveness of security controls.
  • Conduct interviews with key stakeholders and staff members.
  • Gather evidence from specific areas, including network security settings, user control access and training records.
  • Develop a management plan to resolve issues that were identified.
  • Provide an executive summary including the key audit findings.
  • Produce a security audit report that meets the requirements of the Gambling Commission.

Customer Reviews

Please login to your account to leave a review.
PROTECT YOUR
BUSINESS
THIS WINTER
Loading...