The Woods Group is delighted to announce its successful accreditation against the Gambling Commission Remote Technical Standards (RTS).
In order to gain accreditation, The Gambling Commission states that all remote operating licence holders are required to comply with their technical standards and requirements relating to the timing and procedures for testing as defined in the Licence Conditions and Codes of Practice (LCCP).
It is also specified that an annual security audit must be carried out to assess compliance against the security requirements of the RTS. The security requirements are based on relevant sections of ISO/IEC 27001:2013.
The scope of the security audit is required to cover the following critical systems:
- Electronic systems that record, store, process, share, transmit or retrieve sensitive customer information, e.g. credit/debit card details, authentication information, customer account balances;
- Electronic systems that generate, transmit or process random numbers used to determine the outcomes of games or virtual events;
- Electronic systems that store results or the current state of a customer’s gambling history;
- Points of entry to and exit from the above systems;
- Communication networks that transmit sensitive customer information.
The Woods Group team has worked over many months on the procedures, policies and infrastructure that underpin this accreditation. We then underwent a rigorous, external and independent audit by Ultima Risk Management (URM) who are a Qualified Security Assessor (QSA). We continue to work with URM on maintaining, auditing and refining our process framework going forward.
This accreditation underlines the commitment of Woods to the protection of data and to being at the forefront of Gambling Commission compliance and adherence.
For more information about how we achieved this accreditation please read the full GC RTS case study.
For more information about our rigorous security procedures, polices and Gambling Commission compliance standards please get in touch.
