Gambling Commission Security Audit

The remote gambling and software technical standards (RTS)

Our team of highly experienced security consultants can guide your organisation through the remote gambling and software technical standards (RTS) audit with a minimum of fuss.

Gambling cover v2

RTS Security Compliance

If you are a UK-based organisation that holds a remote gambling license with the UK’s Gambling Commission, you are required to complete an annual security audit against the remote gambling and software technical standards (RTS). This yearly audit must be completed by a third-party auditor and follows a subset of technical controls found in ISO27001.

As highly experienced ISO27001 implementors, our team of security consultants are expertly placed to help guide you through the process, start to finish.

RTS Technical Controls

If you are familiar with ISO27001, then you may be familiar with the technical controls in which the RTS is audited. These controls include:

  • A.5 - Information Security Policies
  • A.6 - Organisation of information security
  • A.7 - Human resource security
  • A.8 - Asset management
  • A.9 - Access control
  • A.10 - Cryptography
  • A.11 - Physical and environmental security
  • A.12 - Operations Security
  • A.13 - Communications Security
  • A.14 - System acquisition, development and maintenance
  • A.15 - Supplier relationships
  • A.16 - Information security incident management
  • A.18 - Compliance

Scope of the RTS

The UK Gambling Commission has identified which systems it deems most critical in achieving its aims with the following areas falling into scope:

  • Electronic systems that record, store, process, share, transmit or retrieve sensitive customer information, for example, credit or debit card details, authentication information, customer account balances
  • Electronic systems that generate, transmit, or process random numbers used to determine the outcome of games or virtual events
  • Electronic systems that store results or the current state of a customer’s gambling history
  • Points of entry to and exit from the above systems (other systems that are able to communicate directly with core critical systems)
  • Communication networks that transmit sensitive customer information.

How Vertical Structure Can Help

Our team comprises highly experienced security consultants from various industry backgrounds. The makeup of this team not only provides a unique approach to projects but also delivers on our customer-centric mantra. Using this approach, we will guide and inform you at every step of the way, helping to develop your confidence and understanding of the various processes and changes needed to secure your organisation when it comes to information security.

Our team are suitably qualified holding certifications as ISO27001 Lead Auditors, ISO27001 Lead Implementers, Certified Information Security Managers, and Chartered Cyber Security Professionals.

Our Process

We employ a tried and tested process for achieving compliance against the remote gambling and software technical standards (RTS).

  1. Scoping
  2. Gap Analysis
  3. Remediation

  4. Audit

The yearly remote gambling and software technical standards (RTS) audit is a fantastic way to introduce baseline information security into organisations operating in the UK gambling industry. Not only does it demonstrate to customers your commitment to safeguarding their data, but is also a great first step should you ever consider working towards the larger ISO27001 certification.

Keith Anderson (Lead Cyber Security Consultant)

Ready to Get Started?

If you would like to hear more about how we can help you, please feel free to get in touch and our team will happily discuss your needs.

Need help?

Email Us
email hidden; JavaScript is required

Or send us a quick message

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.