IT Auditing & Assurance
Get in Touch with NAME
The depedncy on technology is directly correlated to the constantly evolving risks. IT related risks are deemed critical to all entities, whether regulated or non-regulated, because of its implications to its operations, reputation, regulatory compliance and financial commitments. Our auditing and assurance practices ensure you comply with the latest regulations and remain risk-focused.
IT Audit & Assurance Services
There is a multitude of threats that can exploit vulnerabilities. CSB Group offers tailored audits, process reviews and risk evaluations of automated information processing systems. When needed, our professionals work hand in hand with a team of individuals, all specialised in their respective fields and areas based on the systems under review. Our professionals have been involved in various online businesses including the remote gaming industry since its inception in Malta in 2004.
Our IT assurance practices will ensure that you:
- are aligned with your organisation’s strategies;
- remain risk-focused;
- promote sound IT controls;
- create and maintain solid cybersecurity mechanisms;
- ensure the timely resolution of audit deficiencies;
- maintain an effective and cost-efficient risk management methodologies; and
- comply with the latest regulations and benchmarked practices.
Our IT experts/ IT security specialists will collaborate with you in building an audit plan which is suitable to your business and will endeavor to maximize your potential to address security, compliance and overall risks.
Services offered in Malta
Malta Gaming Authority review engagements
- systems and compliance reviews under the terms of reference issued by the Malta Gaming Authority These statutory reviews requirements to remote gaming licencees are offered to those who seek to be licenced or to maintain an active license with the Authority.
UKGC ISO/IEC 27001:2013 information security assessments
- Section 1.10 of the Security standards – annual security audits of the UKGC’s Testing Strategy for compliance with remote gambling and software technical standards, dated June 2017, sets out the Commission’s current requirements for the timing and procedures for testing.
- Accordingly, the UKGC mandates the remote gaming licencees to undergo an annual security audit conducted by an independent and suitably qualified auditor. The testing strategy to be implemented by the auditor is based on the relevant sections of ISO/IEC 27001: 2013 which are summarised in chapter 4 of the UKGC’s Remote Gambling and Software Technical Standards (‘RTS’), dated June 2017.
Readiness assessments in preparation for:
- the systems and compliance reviews performed by the MGA; and
- the UKGC ISO/IEC 27001:2013 information security audits.
ISO/IEC 27001 Information Security Management System assessments
CSB Group can assist the management in building a framework for continuous compliance and sustainability over your information systems operations. The results would lead to streamlined and more efficient processes with the benefit of cost savings.
Information systems operations is an area that encompasses the daily support of a business’s information system hardware and software environment, which include:
- networking – infrastructure & security (firewalls, switches, access-points, intrusion detection system (IDS), intrusion prevention system (IPS), penetration testing)
- servers & virtualizations – strategy, security & administration(service levels, access control – physical & logical)
- storage & backup
- environmental controls (water and smoke detectors, handheld fire extinguishers, fire suppression systems, fireproof walls /floors and ceilings of a computer room, electrical surge protectors, wiring placed in electrical panels and conduit, uninterrupted power supply, documented and tested emergency evacuation plans, humidity and temperature control)
We assess our clients’ aptitude against the ISO/IEC 27001 standards, the only auditable international standard that defines the requirements of an Information Security Management System.
Preparation of Systems Documentation for Online Businesses
CSB Group has been involved in various online businesses including the remote gaming industry since its inception in Malta back in 2004, by assisting international clients and well-renowned brands with the submission and pursuance of remote gaming license applications with the Malta Gaming Authority (MGA). CSB Group has through the years gained the relevant experience whilst realising that clients have individual requirements, providing a professional consultancy service that is tailor-made to each and every client.
As part of the gaming application process with the MGA, the applicant needs to provide extensive documentation and information on the proposed Control System and Gaming System. Without the necessary guidance, this can be a laborious and frustrating process. The details provided must be accurate, realistic and achievable since the MGA will appoint an independent third party reviewer to conduct a Systems Audit to ensure the Systems Documentation complies with the MGA regulations and guidelines. Control complexity will vary according to the business model and scale of the applicant’s operations, however, the Authority insists on comprehensive and extensive documentation. Our involvement during the Systems Documentation will enable the applicant to dedicate the necessary efforts towards the strategic and marketing functions, which are of utmost importance prior to going live with the operations. As the Systems Documentation preparation cannot be achieved without access to the applicant’s financial, operational and technical team, our team would need to work hand in hand with the applicant’s key representatives to ensure detailed and concise Systems Documentation.