RTS Gap Analysis
If your organisation is looking to operate a remote gambling product in the UK and needs to meet the security requirements of the RTS, URM is able to conduct a gap analysis of the security controls you have implemented against the control areas from the Standard. These control areas taken from ISO 27001 cover such topics as information security policies, human resource security, access control, cryptography, physical and environmental security, supplier relationships etc.
The focus of the gap analysis will be the controls that are protecting critical systems, e.g., electronic systems involved in processing payment card information or systems involved in the generation of random numbers or communication networks that transmit sensitive customer information. Following the gap analysis, URM will produce a report which will not only detail those areas where your organisation needs to develop or improve your control implementation but also recommendations on how to address any gaps.
Get in touch
Please note, we can only process business email addresses.
Why URM?
Track record
URM is one of the UK’s most experienced and proficient information security auditors and has been conducting RTS audits for over a decade and has conducted hundreds of ISO 27001-related audits. URM has an unparalleled track record of assisting over 400 organisations to achieve and maintain certification to ISO 27001 and as such is perfectly placed to not only conduct audits but conduct gap analyses and help organisations remediate any gaps identified.
Assessor Competence
The Gambling Commission requires that the annual security audit is conducted by an independent and suitably qualified auditor. All of URM’s auditors hold one or more of the main recognised qualifications, e.g., ISO 27001 Lead Auditor, Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP). A number also hold the Payment Card Industry Qualified Security Assessor (PCI QSA) qualification. Furthermore, RTS audit reports are all peer reviewed before being submitted.
Achieving optimum balance
If used to remediate any gaps, URM’s goal is to achieve the optimum balance between meeting the RTS control requirements and ensuring the control (e.g., policy, process or other documentation) is tailored to your organisation’s size, culture and business objectives.
ISO 27001:2022 - A.5 Organisational Controls (Legal, Regulatory and Contractual)
URM’s blog explains the legal, regulatory & contractual controls in ISO 27001 & how they can be implemented in full conformance with the Standard.
URM explains the 8 information security management controls included within the ‘Organisational controls’ theme and how to prepare for an audit of each control
URM’s blog explores why the access controls in ISO 27001 matter, and how to implement each control in full conformance with both the Standard and best practice.
URM’s blog explains the importance of the 5 supplier management controls in ISO 27001 & provides practical guidance on how to implement each control.