Annual & Security Audits
The ever-changing nature of the online gaming world means changes are often necessary, and occur frequently for certified gaming products. Annual Audits (or annual re-certifications) are required by various gaming jurisdictions worldwide, in order to cater for the increasing need for proper and effective change management. Some of the main areas that require annual re-certification include, but are not limited to: Random Number Generators (RNGs), Games, Platforms, Information Systems Security (ISS) and RTP monitoring processes. iTech Labs has been conducting these Annual Audits for various jurisdictions, including Italy, Denmark, UK and Spain.
Each gaming jurisdiction has varying Annual Audit requirements. While some require gaming products to be audited annually, others require audits to be conducted only every 2 years. The key focus, however, remains the same across the board – to ensure that changes to the product are properly and effectively managed, thus ensuring the product remains compliant with the regulations.
Most online gaming jurisdictions require Information Systems Security Audits to be performed as part of a compliance verification process.
The ISO/IEC 27001:2013 Standard is the main point of reference for the Information Systems Security Audit requirements set by most gaming jurisdictions worldwide. It specifically addresses the need for ensuring the integrity, availability and confidentiality of sensitive company information.
The main areas covered in Security Audits include, but are not limited to: information backup, access control, disaster recovery, incident management procedures, the security of the software development cycle, network security controls and security in supplier relationships. iTech Labs also provides Penetration Testing and Vulnerability Assessments for the jurisdictions that require the identification and correction of high-risk and medium-risk vulnerabilities, as part of their online gaming standards.
iTech Labs has been conducting Information Systems Security audits for various jurisdictions including: Italy, Denmark, the UK, Portugal and Spain. These audits work to ensure that security standards are being applied effectively within companies, to protect confidential information assets and business data.