• Oxford: +44 (0)1865 877830 
  • Manchester: +44 (0)161 713 0176 
  • Edinburgh: +44 (0)131 541 0118 
  • New York: +1 646-781-7580 
  • Bucharest: +40 316 301 707 
  • Tokyo: +81 (3) 4588 8181 

Gambling Commission ISO 27001 Annual Audit

You are here

The Gambling Commission, which regulates all gambling in the UK, specify that all licensed remote gambling operators and gambling software operators must comply with a number of security standards that apply to the following critical systems:

  • Electronic systems that record, store, process, share, transmit or retrieve sensitive customer information, e.g. credit/debit card details, authentication information, customer account balances
  • Electronic systems that generate, transmit, or process random numbers used to determine the outcome of games or virtual events
  • Electronic systems that store results or the current state of a customer's gamble
  • Points of entry to and exit from the above systems (other systems that are able to communicate directly with core critical systems)
  • Communication networks that transmit sensitive customer information

In addition, the Gambling Commission requires that all licence holders have regular Annual Security Audits undertaken by an independent security firm that is suitably qualified to test compliance with ISO 27001.

Dionach is fully conversant with the 'Remote and Gambling Software Technical Standards' (RTS) and we provide Annual Gambling Commission Audits using qualified ISO 27001 consultants that assess against the applicable ISO 27001 clauses as set out under Section 5 of the Security Requirements.

The output of a Dionach Gambling Commission ISO 27001 Annual Auditis a report with a non-technical overview of the impacts and likelihood of the most serious security issues, coupled with full details of the audit undertaken, more comprehensive descriptions of the individual issues, and recommendations for resolution. This Gambling Commission Annual Audit Report is suitable for provision to the Gambling Commission.

Dionach also assist organisations in achieving compliance with the Gambling Commission Security Requirements and, for those operators that process payment cards, Dionach is a PCI QSA and so we can enable you to comply with the requirements of PCI DSS, the Payment Card Industry Data Security Standard.

Contact us now for a free no-obligation initial consultation