Information Security Accreditation to be Offered by eCOGRAPublished February 4, 2017 by Lee R
Private operators are lining up to gain certification and increase their viability for licensing across all regulated markets.
In an important development for iGaming, online gambling regulators are increasingly encouraging licensees and service providers to obtain professional standard ISO 27001 certification for management of the information in their security systems.
ISO 27001 from eCOGRA
ISO 27001 certification is to be offered by eCOGRA. The independent online gambling testing and compliance advisory company has been authorised to offer accredited International Standards Organisation ISO 27001 certifications for Information Security Management Systems (ISMS).
Integrating into Regulation Models
Many national jurisdictions, particularly in Europe, are writing this certification into their licensing regulations already.
The CEO of eCOGRA Andrew Beveridge said this week:
"Jurisdictions such as Denmark, Great Britain, Portugal, Romania and Spain already waive certain security auditing requirements...enabling the independent testing and certification process to be expedited with potentially significant cost and effort savings” for licensed auditors.
Purpose of ISO
ISO 27001 has been designed as a framework for business processes to identify, manage and reduce risks to information security, a framework which eCOGRA director Tex Rees revealed has already engaged a significant amount of major suppliers and operators.
Requirements of eCOGRA
Rees further provided a glimpse into the significant infrastructure undergirding the certifications, disclosing that providing the ISO 27001 certifications required eCOGRA as an organization to obtain ISO/IEC 17021-1:2015 accreditation from the United Kingdom Accreditation Service (UKAS) as “a prerequisite for accredited certification bodies in order to prove that they are competent to carry out third-party certifications and audits of ISMS."
The UKAS accreditation is further complemented by in-house resources at eCOGRA' according to a “multi-disciplined assessment, testing, compliance and technical teams, which have Big 4 international audit firm and online gambling industry experience dating back to 2003.”
Credentials In Support
Professionals on the eCOGRA security management and certification team in-house possess credentials ranging from CISA, CISSP, CEH to ISO 27001 Lead Auditor and Implementer.
Transparency Increases Efficiency
The comprehensivity of the guidelines should unify licensing requirements in the current diverse regulation landscape should provide a new level of transparency to increase operator preparedness substantially.