security-requirements

UKGC RTS — Security requirements

Scope

UKGC формулирует security baseline для critical systems (customer sensitive data, RNG outcome systems, gamble state storage, ingress/egress points, communication networks).

ISO baseline

• UKGC security summary базируется на Annex A ISO/IEC 27001:2022.
• Документ явно отмечает замену ISO/IEC 27001:2013 на 2022.

Control groups

• Organisational controls (политики, IAM, supplier security, incident planning/response, evidence, independent review).
• People controls (awareness/training, remote working, event reporting).
• Physical controls (equipment protection, media handling, secure disposal).
• Technological controls (auth, malware, backup, logging, cryptography, SDLC, change management, environment separation).

Slot impact

Слоты зависят от security как от инфраструктурного обязательства: RNG fairness, game state integrity и wallet/account protection. См. security-requirements-iso27001.