RSM Malta is authorised by the Malta Gaming Authority (MGA) and UK Gambling Commission (UKGC) to carry out system, compliance and information security audits.
MGA Systems Audit
A systems audit is carried out as part of the MGA’s licensing process. RSM Malta will base its testing on the MGA’s systems audit checklist including but not limited to:
- Gaming System;
- Internal Procedures;
- Player Protection.
MGA Compliance Audit
A compliance audit is typically an annual requirement aimed at ensuring that operational and business controls are effective. RSM Malta will base its testing on the MGA’s compliance audit framework including but not limited to:
- Standing Information;
- Human Resources;
- Financial Analysis;
- Public Domain;
- Information Technology;
- Gaming Operation;
- Modification History.
During the course of performing systems and/or compliance audits, RSM Malta will carry out its testing by performing verbal enquiries, onscreen observations, reperformance of functions, and review of documentation and reports.
UKGC Security Audit
An information security audit is typically carried out within 6 months of an operator’s commencement of trading and having previously obtained their gaming licence from the UKGC. The information security audit is based on security best practices emanating from the ISO 27001 and is based on section 5 of the remote gambling and software technical standards (RTS). Such information security audit may include (but not limited to) testing in the following areas:
- Information Security Policies;
- Organisation of Information Policy;
- Human Resources Security;
- Asset Management;
- Access Control;
- Physical and Environmental Security;
- Operations Security;
- Communications Security;
- System Acquisition, Development and Maintenance;
- Supplier Relationships;
Our team has significant experience in information security assurance and consultancy. RSM Malta will provide you with a high quality and effective service that meets your needs in an efficient and timely manner.