Gambling Commission Audits_
The UK Gambling Commission’s Remote Technical Standards must be continually adhered to in order for UK based gaming operators to meet licensing conditions. As qualified assessors, we can help get you certified quickly and easily.
What are Gambling Commission Audits?
The UK Gambling Commission’s Remote Technical Standards (RTS) must be adhered to on a continual basis for a gaming business with a UK license. The RTS is based on ISO 27001 controls, and are designed to ensure that operators handle personal data and the operation of random number systems in a secure, integral manner.
What does the Remote Technical Standard cover?
The UK Gambling Commission’s Remote Technical Standards document is based on ISO27001 and covers the following security requirements:
- A.5 – Security Policy
- A.6 – Organisation of Information Security
- A.7 – Human Resources Security
- A.8 – Asset Management
- A.9 – Access Control
- A.10 – Cryptography
- A.11 – Physical and Environmental Security
- A.12 – Operations Security
- A.13 – Communications Security
- A.14 – Systems Acquisition, Development and Maintenance
- A.15 – Supplier Relationship
- A.18 – Compliance
Why use 2-sec?
We take a bespoke, approach to assessment for each of our clients:
Industry leading cyber security experts – We have worked with cyber security industry standards long before Gambling Commission audits were introduced in 2014, including ISO 27001, PCI DSS, PA-DSS, Cyber Essentials and IASME.
Fully accredited – At both a corporate and an individual level including CREST, QSA, PCI DSS, PA-QSA, CE+, IASME, CHECK, CISSP, CISA, CISM, SANS-GIAC and CEH.
Commitment to understanding your business – We will take adequate time to understand your business, operations and process to accurately scope your Gambling Commission assessment.
Multiple assessment routes – We offer a range of methods of certification according to your situation, to ensure onsite assessment are conducted in the most efficient manner.
Dedicated Customer Success Manager – We know that you’ll have a lot of questions throughout this accreditation process, so you’ll have direct phone and email contact with your own go-to person.
Clear communication – Our mission is to ‘simplify security’. We will communicate our recommendations to you in a clear and jargon-free way.
How audits work
UK Gambling Commission audits focus on a set of 45 controls, designed to protect personal information and random number generation systems. These controls apply to a defined scope, which could your whole company, or part of your company depending on your needs. Our audit services are conducted as follows:
Prior to assessment, it is key that all parties agree the same scope, so that there are no surprises later.
Once the scope is defined, we will perform a high level gap analysis, to ensure the 45 controls operate at a basic level.
Remediation steps may be required depending on the above findings. We will help you work through these, so that the scope is ready for a formal audit.
A well prepared audit, on a correctly defined scope, is a breeze. In most cases we can conduct the onsite element in one or two days, plus incorporate any visits to offshore locations.
We will then compile a report and submit to the Gambling Commission on your behalf.
For more information
There is a wide variety of Gambling Commission information produced by the UK government, which may be found here: