About Gambling Commission Requirements
The Gambling Commission was set up under the Gambling Act 2005 to regulate commercial gambling in Great Britain. On 1 October 2013 they also took over the responsibilities of the National Lottery Commission to regulate the National Lottery under the National Lottery etc. Act 1993
On 1 November 2014 the Gambling (Licensing and Advertising) Act 2014 came into force. This Act requires any operator wishing to transact with, or advertise to, consumers in Britain to obtain an operating licence from the Gambling Commission.
The Gambling Commission will assess you in a transparent, accountable, proportionate, and consistent way. Using a risk-based approach, which focuses their resources on those issues and operators that potentially present the greatest risk to the licensing 0objectives. All commercial gambling operators which hold a licence under the Gambling Act must comply with that legislation and Licence conditions and codes of practice (LCCP).
More information can be found on Who The Gambling Commission Are and What They Do can be found on their website, www.gamblingcommission.gov.uk.
How ISO 27001 Will Help.
ISO 27001 is the internationally recognised standard for information security management.
This is not just IT security, ISO 27001 takes a business risk approach, as required by the Gambling Commission to all information assets of the organisation and creates a framework for managing threats to those assets.
The ISO 27001:2022 standard takes a risk management approach to information security and therefore requires the organisation to define a risk assessment methodology.
After assessing the threats to information assets, the standard provides 93 possible controls to apply, within Annex A.
ISO 27001 also requires consideration of legal and other requirements placed on the organisation, and this is become more relevant as Data Protection Laws are evolving across Europe, America and the world.
What WE Can Do.
We, Assent Risk Management have ISO 27001 consultants who can help you implement an Information Security Management System and achieve certification.
We will give you support; we will work with you to build a management system that fits with your organisation, building on the good work you are already doing and support improvements.