Independent online gambling testing facility solely authorised to offer accredited ISO/IEC 27001:2013 certifications for Information Security Management Systems
London 19 June 2017 – The online gambling software provider Bede Gaming Limited (‘Bede Gaming’) has become the latest company to engage the professional services of eCOGRA for certification of its Information Security Management System (‘ISMS’), and the provider has joined a limited number of industry players in achieving compliance with the well-known International Standards Organisation ISO/IEC 27001:2013 certification.
The achievement of certification was preceded by a rigorous audit of Bede Gaming’s ISMS by eCOGRA’s ISO/IEC 27001:2013 team, who presently form part of the only online gambling testing facility accredited to offer this industry-relevant certification.
Michael Brady, CEO of Bede Gaming, said that his company was proud to be among the few online gambling entities that have voluntarily undertaken certification against an internationally recognised information security standard, demonstrating the organisation’s commitment to security, trust and credibility.
eCOGRA CEO, Andrew Beveridge, commended the provider for its proactive stance to information security management, with mention that the certification had been achieved following a comprehensive audit of the organisation’s systems and processes, in which both companies worked closely throughout.
He revealed that there is growing interest in eCOGRA’s certification services as online gambling companies increasingly understand the significant value of conformance with the ISO/IEC 27001:2013 standard.
“Among the many company benefits flowing from the achievement of these higher standards are the following,” Beveridge said:
* Guards against security incidents, reducing costs and reputational damage;
* Prepares an organisation for readiness to comply with the General Data Protection Regulation (GDPR) principle that relates to processing personal data with appropriate security;
* Improves a company’s recovery capability in the event of major disasters;
* Enables constant monitoring to proactively identify information security risks, and has mechanisms to manage or reduce these risks;
* Creates a competitive advantage over less secure and uncertified rivals;
* Provides a significant third-party attestation that an organisation has successfully structured its processes into a management system that ensures confidentiality, integrity and availability of information assets pursuant to the requirements of regulators, applicable laws and business needs;
* Gives management confidence in the information security structure and operation of the organisation; and
* Streamlines operations: Many online gambling licensing and regulatory jurisdictions currently waive certain security auditing requirements if license holders are ISO/IEC 27001:2013 certified, enabling the independent regulatory testing and certification process to be fast-tracked with potentially significant cost savings, effort, and a quicker time to market.
ABOUT ISO/IEC 27001:2013
ISO/IEC 27001:2013 is an internationally recognised information security management standard which ensures organisations can apply a framework to business processes to help identify, manage and reduce risks to information security, and considers not only IT but various business operations.
In order to provide ISO/IEC 27001:2013 certifications, eCOGRA obtained ISO/IEC 17021-1:2015 accreditation from the United Kingdom Accreditation Service (‘UKAS’), a prerequisite for accredited certification bodies in order to prove that they are competent to carry out third-party certifications and audits of ISMS.
Founded fourteen years ago to establish and improve operational standards and player safety requirements in the online gambling space, eCOGRA has amassed a wealth of experience in implementing international best practice standards and requirements and ensuring these are maintained through regular review and monitoring.
The independent test laboratory is staffed by professional auditors with Big 4 auditing firm experience, information security experts, test engineers and responsible gambling specialists, and acts as a regulatory audit partner to many of the largest multi-jurisdictional operators in the online gambling industry, including bet365, 888, GVC, BetVictor, Kindred (Unibet), Danske Spil, Interwetten, 32Red, Betway, Casino Rewards Group, Penningautomatförening (Paf), Fortune Lounge and bet-at-home.
The company is an accredited testing agency with several jurisdictions, and has been awarded the UKAS accreditations ISO/IEC 17025:2005 – General requirements for the competence of testing and calibration laboratories, for the United Kingdom and Denmark, and ISO/IEC 17021-1:2015 – Requirements for bodies providing audit and certification of management systems.