Gaming Innovation Group (GiG) has secured an ISO 27001 recertification for four of its primary products, and will remain accredited for a further three-years, subject to an annual surveillance audit.
The recertification will cover the group’s PAM platform, frontend development & CMS solution, its sportsbook platform and data platform, whilst the firm has also been awarded certification for its GiG Beach head office in Malta and its Spanish and Latvian offices.
By holding the certification, GiG will also be able to ‘smoothly onboard employees’ for its platform department in all three locations while keeping its operations in line with the ISO accreditation’s rules of conduct.
ISO27001 uses a top-down, risk based approach to assessment, identifying specifications and requirements for comprehensive information security management systems (ISMS).
The certification is accepted by regulatory bodies as an attestation to organisation’s ISMS, allowing GiG to ‘optimally and centrally evidence its dedication to information security’.
By streaming its compliance with regulatory requirements, GiG aims to secure more time for its teams to focus on developing its product portfolio in order to add more value for its partners and their customers.
“At GiG we continue treating digital trust as a priority, holding our information security processes and controls to a very high standard,” Diane Abela, Director of Information Security at GiG.
“The ISO 27001 standard demands continuous improvement, year-on-year, and obtaining our re-certification for another three years reaffirms our continued improvement and investment in information security towards our partners and regulators.”
GiG first acquired the certification for its frontend development & CMS solution in February 2021, which Abela explained highlighted the effective underlying processes and approaches to information security in place at GiG.
You can read more about it in this exclusive interview with SBC.
“ISO 27001 goes a step above and beyond in that it assesses your underlying processes and approaches to security,” Abela told us at the time. “I would say that it exemplifies a state of mind. It assesses whether, as a company, you put security at your very core.”
She concluded by adding: “Invest in information security – don’t treat security as a tech issue. You can have the most secure tech in the world, but if your processes are not secured and your employees are not trained in security then there is no point in having that ultra-secure technology. Security needs to be present in every tier of your business.”