GC RTS Implementation

Following your gap analysis, URM can help you with any remediation work particularly in developing policies (e.g., IS Policy and supporting policies), processes and a suitable training programme.  Some of the policies and processes may be existing documents which need amending or refining, whereas others may need to developed from scratch.  Whichever it is, URM will ensure they are developed with 2 goals in mind.  Firstly, they will be tailored to match your culture and style and reflect what you actually do.  Secondly, our consultants will ensure that anything produced will fully meet the requirements of GC RTS.

Why URM?

Track record

URM is one of the UK’s most experienced and proficient information security auditors and has been conducting RTS audits for over a decade and has conducted hundreds of ISO 27001-related audits.  URM has an unparalleled track record of assisting over 400 organisations to achieve and maintain certification to ISO 27001 and as such is perfectly placed to not only conduct audits but conduct gap analyses and help organisations remediate any gaps identified.

Assessor Competence

The Gambling Commission requires that the annual security audit is conducted by an independent and suitably qualified auditor.  All of URM’s auditors hold one or more of the main recognised qualifications, e.g., ISO 27001 Lead Auditor, Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP).  A number also hold the Payment Card Industry Qualified Security Assessor (PCI QSA) qualification.  Furthermore, RTS audit reports are all peer reviewed before being submitted.

Achieving optimum balance

If used to remediate any gaps, URM’s goal is to achieve the optimum balance between meeting the RTS control requirements and ensuring the control (e.g., policy, process or other documentation) is tailored to your organisation’s size, culture and business objectives.

‍