Skip to Main Content
This website uses cookies. View our cookie policy
United Kingdom
Select regional store:
Spend And Save! Receive A Free Corporate Gift Card Up To The Value Of £100 This December. Find Out How >>
Gambling Commission Security Audit

Gambling Commission Security Audit

SKU: 4584
Format: Consultancy

Meet the requirements of the Gambling Commission with IT Governance’s annual security audit service.

With a wealth of experience, our team of ISO 27001 Lead Auditors, many of whom also hold CISA, CISM or CISSP certificates, are qualified to carry out independent information security audits as required by the Gambling Commission.

Call us on +44 (0)333 800 7000 or email us to enquire about our Gambling Commission Security Audit service today.



The Gambling Commission requires all remote gambling operator licensees to complete an annual third-party security audit against particular sections of ISO 27001, and submit a report as evidence of compliance.

IT Governance is suitably qualified to assess licensed remote gambling providers against the applicable ISO 27001 clauses as set out under Section 5 of the Remote gambling and software standards (RTS).

We will perform an audit against the selected ISO 27001 security controls that apply to the following “critical” systems as defined by the Gambling Commission:

  • Electronic systems that record, store, process, share, transmit or retrieve sensitive customer information, e.g. credit/debit card details, authentication information, customer account balances.
  • Electronic systems that generate, transmit, or process random numbers used to determine the outcome of games or virtual events.
  • Electronic systems that store results or the current state of a customer’s gambling history.
  • Points of entry to and exit from the above systems (other systems that are able to communicate directly with core critical systems).
  • Communication networks that transmit sensitive customer information.

On completion of the annual security audit we will provide you with a report that is suitable for submission to the Gambling Commission.

What does the security audit include?

In line with the requirements of the Gambling Commission, we will deliver the following as part of the security audit:

  • Determine the scope of testing.
  • Review relevant policies, procedures and documents.
  • Review IT systems.
  • Assess the effectiveness of security controls.
  • Conduct interviews with key stakeholders and staff members.
  • Gather evidence from specific areas, including network security settings, user control access and training records.
  • Develop a management plan to resolve issues that were identified.
  • Provide an executive summary including the key audit findings.
  • Produce a security audit report that meets the requirements of the Gambling Commission.

Contact us now for a free, no-obligation, initial quote.

Please email us or telephone +44 (0)333 800 7000 today to speak with a member of our team.

Related services

Ensure you achieve a successful audit

IT Governance can also help you meet the Gambling Commission security audit requirements or address any nonconformities following an audit. See our Gambling Commission Security Audit Gap Analysis and our Gambling Commission Security Audit Remediation Service for more details.

Safeguard your payment card data in compliance with the PCI DSS

IT Governance is also a qualified PCI QSA and we can help operators that process or store payment card data comply with the Payment Card Industry Data Security Standard (PCI DSS). If you would like to know more, email us today.

Customer Reviews

(0.00)stars out of 5
# of Ratings: 0