IMPLEMENTATION OF MANAGEMENT STANDARDS
0700 12 070
Home|Accents | WLA Securit...
Your rating 0 from 0 votes


WLA Security Control Standard - security controls in the lottery industry

The WLA Security Control Standard (WLA SCS) is an information security management framework developed by the World Lottery Association (WLA), a global association of lottery operators. It was created specifically for the lottery industry to help lottery operators, technology providers and other stakeholders improve the security of their information systems and data. Security plays a critical role in maintaining the confidence of lottery participants. It is therefore particularly important that an organisation with a lottery and sports betting business develops and maintains a complete and documented security environment.

The WLA SCS is the only internationally recognised standard for the lottery sector. It helps WLA members gain a level of security control in accordance with generally accepted good practices. The WLA SCS provides a comprehensive list of controls and measures to protect information and minimize security risks in the lottery industry. This framework covers a wide range of information security aspects including risk management, access management, information protection, encryption, physical security and more.

An integral part of WLA SCS are annexes that focus on specific areas of information security, including specific controls for lottery game operators, lottery technology providers, and for multijurisdictional games:
  • Annex A (G Controls): applicable to all organizations in the lottery industry, regardless of their status as operators or technology providers. Included here are the general information security controls that are necessary for all industry participants to ensure a minimum level of protection for information and information systems.
  • Annex B (L Controls): applicable to lottery operators. These include additional measures and procedures to manage risks. These are controls that relate to the management of the secrecy of lottery games, the handling of bets and winnings, the protection of lottery terminals and other specific aspects of the operator's activities.
  • Annex C (S Controls): applicable to lottery technology and software solution providers. These include specific measures and requirements for the protection of information systems and services provided by technology providers to lottery operators. This includes the security of lottery platforms, betting systems, risk management and other technical aspects.
  • Annex D (M Controls): applicable to multijurisdictional lottery games. Specific measures and controls are included here to manage the risks associated with the interweaving of different legal and technical frameworks. 
The WLA SCS sets a baseline for information security management system, an integral part of which is the ISO/IEC 27001 standard for information security management, supplemented by lottery-specific security controls representing current good practices.

It should be noted that both information security frameworks focus on protecting the confidentiality, integrity and availability of information. But while ISO/IEC 27001 has a broad scope and includes general principles and methods for managing information security that apply to all types of organizations, WLA SCS 2020, on the other hand, is focused on the lottery industry and includes the management of confidentiality and accountability to players. Both standards require the identification of information security assets and risks, the development of policies and procedures to manage risks, and the establishment of measures to reduce risks to acceptable levels.

WLA SCS certification is carried out by accredited certification bodies. Depending on the scope and controls implemented, certification may be granted as follows:
  • Level 1: includes basic controls that apply to all organizations in the lottery industry. Certification at this level indicates that the organisation meets minimum information security requirements.
  • Level 2: includes more stringent controls that are specific to lottery operators. Certification at this level indicates a higher level of information security assurance and compliance with complex regulatory requirements. From October 2020, WLA members who complete a WLA SCS assessment and hold a valid and current ISO/IEC 27001 certificate will be awarded WLA SCS Level 2 certification.
Implementing WLA SCS 2020 helps the lottery industry address data security and information systems to protect player privacy, prevent fraud and unauthorized access, and maintain customer and partner confidence. The Consejo team will help you develop and implement this valuable tool to improve information security and regulatory compliance in the lottery industry.
TAGS
WLA Security Control Standard WLA SCS ISO/IEC 27001 Information security management systems
News
27
02.24
Amendment 1: Climate action changes
Late last week, the International Organization for Standardization (ISO) announc...
05
02.24
Differences between NIS and NIS 2 directives
The European Union's cybersecurity rules, introduced in 2016, have been upda...
Accents
10
08.23
Standards for the protection of automotive security
The automotive industry has changed rapidly in recent years with the advent ...
28
07.23
WLA Security Control Standard - security controls in the lottery industry
The WLA Security Control Standard (WLA SCS) is an information security managemen...

Implementation of management standards

CONSEJO EOOD is a consulting company formed by a team of consultants with over 15 years of experience in management systems in the field of international standards. The focus of the company is the provision of consulting services in the development and implementation of management systems that meet the requirements of international standards for quality, the environment, safe working conditions, information security, good production practices based on international standards: ISO 9001, ISO 14001, ISO 45001, ISO 22000, ISO 27001, IFS Food, HACCP and others.

The CONSEHO team has participated in the realization of projects in all branches of the economy. The projects implemented by the CONSEHO team are over 1000, in the fields of production and design, construction, trade, information and communication technologies, transport and forwarding, hotel and restaurant industry, special production, energy, design, food industry, services, etc. The company has established a strict procedure for monitoring the compliance with the agreed requirements with the clients, both the terms of the contracts and the quality of service performance. The established working style of the company consists of developing real management systems together with our customers, on the basis of conducting multiple trainings and providing full assistance in the implementation process. Through its approach to work, CONSECO ensures and guarantees trouble-free certification of the built systems in extremely short terms.

See more
Partners
https://neterra.net/
https://www.gromahold.bg/dejnosti/
https://www.oktaxi.net/
https://www.softwaregroup.com/
https://www.scorpion-shipping.net/
https://www.dundeeprecious.com/
https://www.mumnet.com/
https://www.brenntag.com/
https://www.yettel.bg/
https://www.cetinbg.bg/
https://www.dhl.com/bg-en/home.html
https://ciela.bg/
https://datecs.bg/
https://bse-sofia.bg/
https://biseroliva.bg/
https://stemo.bg/bg/
https://www.enco-vending.com/
https://toto.bg/
https://www.geotechmin.com/biznes-napravleniya/minnodobivna-deinost/elatzite-med-ad
https://multiforce.bg/
https://www.ip-arch.com/
http://www.aviationservices.bg/
https://vipsecurity.bg/
https://etemgestamp.com/
https://www.orbit.bg/bg/
https://www.devin-bg.com/
https://next-consult.com
https://rdservices.org/
https://www.unimasters.com/bg_BG/
https://vp-brands.com/
https://cashcredit.bg/
https://www.office1.bg/
https://techno-class.com/
https://sportal.bg/