Cookies on the Gambling Commission website

The Gambling Commission website uses cookies to make the site work better for you. Some of these cookies are essential to how the site functions and others are optional. Optional cookies help us remember your settings, measure your use of the site and personalise how we communicate with you. Any data collected is anonymised and we do not set optional cookies unless you consent.

Set cookie preferences

You've accepted all cookies. You can change your cookie settings at any time.

Skip to main content
  1. Home
  2. About us
  3. Information Security Policy

Policy

Information Security Policy

The Information Security Policy for the Gambling Commission.

Published
20 March 2025

Last updated
24 April 2025 - Changes

Document actions
Print or save (opens in new tab)

  1. Contents
  2. 8 - References

8 - References

8.1. Regulations

  • UK General Data Protection Regulation (GDPR)
  • The Data Protection Act 2018
  • Privacy and Electronic Communications Regulations (PECR)
  • Freedom of Information Act 2000
  • The Computer Misuse Act (1990)
  • Public Records Act 1958.

8.2. Compliance Standards and Guidance

  • ISO/IEC 27001 and ISO/IEC 27002
  • Government Functional Standard GovS 007: Security
  • Public Services Network (PSN) compliance
  • NIST Cybersecurity Framework
  • Cyber Essentials
  • Information Commissioner’s Office (ICO)
  • Government Security Classification Policy
  • National Cyber Security Centre (NCSC).
Previous section
7. Policy review - Information Security Policy Next section
9. Version history - Information Security Policy
Is this page useful?
Back to top