Pennsylvania Code
Title 58 - RECREATION
Part VII - GAMING CONTROL BOARD
Subpart L - Interactive Gaming
Chapter 809a - INTERACTIVE GAMING PLATFORM REQUIREMENTS
Section 809a.8 - Security policy requirements

Universal Citation: 58 PA Code ยง 809a.8

Current through Register Vol. 54, No. 44, November 2, 2024

Interactive gaming certificate holders and interactive gaming operators shall adopt and maintain a Board-approved information security policy which describes the certificate holder's or licensee's approach to managing information security and its implementation. This policy is required in addition to any similar requirements that may be imposed as part of the certificate holder's or licensee's internal controls. The information security policy must:

(1) Conform to the standards of the most recent version of the NIST cybersecurity framework.

(2) Be reviewed annually as well as when significant changes occur to the interactive gaming system or the processes which alter the risk profile of the interactive gaming system.

(3) Be approved annually by the certificate holder's or operator's management.

(4) Be communicated to all employees and relevant external parties.

(5) Delineate the responsibilities of the certificate- holder's or licensee's staff and the staff of any third parties for the operation, service and maintenance of the interactive gaming system and its components.

Disclaimer: These regulations may not be the most recent version. Pennsylvania may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.