Published on: 2019-07-17


Leading operators realise the benefits of ISO/IEC 27001 certification

London 17 July 2019 – Penningautomatförening (Paf) and Kindred Group (formerly Unibet) have become the latest organisations to be certified by the accredited testing laboratory eCOGRA for compliance with the information security standard published by the International Organisation for Standardisation (ISO) and the the International Electrotechnical Commission (IEC), known as ISO/IEC 27001:2013 standards for Information Security Management Systems.

This certification now places Paf and Kindred Group amongst a limited number of online gambling organisations that have achieved this prestigious certification, demonstrating their commitment to protecting the security of their customers’ and other stakeholders’ data.

Shaun McCallaghan, Chief Executive Officer at eCOGRA, said that his organisation is experiencing significant demand for accredited ISO/IEC 27001 certification as the online gambling industry becomes increasing regulated and willing to go the extra mile to implement best practice security standards.

“It is evident that many online gambling regulators have already moved towards requiring license holders, as well as their relevant software suppliers, to obtain ISO/IEC 27001 certification, and these licensing jurisdictions are prepared to waive certain security auditing requirements if the relevant parties are ISO/IEC 27001 certified.”

This effectively expedites the licensing process and can open a faster route to market for these operators and software suppliers.

McCallahgan added that eCOGRA continues to invest and build on its already extensive information security experience and expertise in order to support the ISO/IEC 27001 auditing and certification team.

eCOGRA is the only online gambling test laboratory that is accredited to offer this key certification and is currently conducting ISO/IEC 27001 compliance reviews for various leading industry organisations, with certifications previously awarded to companies such as bet365, Betway and Bede Gaming.


Founded 2003 to establish and improve operational standards and player safety requirements in the online gambling space, eCOGRA has amassed a wealth of experience in implementing international best practice standards and requirements and ensuring these are maintained through regular review and monitoring.

eCOGRA acts as a regulatory audit partner to over 100 multi-jurisdictional operators, software providers and other relevant service providers in the online gambling industry. The independent testing laboratory is staffed by a team of professional auditors with Big 4 auditing firm experience, information security experts, test engineers and responsible gambling specialists.

eCOGRA is the only online gambling testing laboratory authorised to offer operators and service providers accredited ISO/IEC 27001 certifications for ISMS and Alternative Dispute Resolution (ADR) services. The company is an approved testing laboratory with several online gambling jurisdictions.

The company has been awarded the United Kingdom Accreditation Service’s (UKAS) ISO accreditation ISO/IEC 17025:2017: General Requirements for the competence of testing and calibration laboratories for Great Britain, Denmark, Sweden and Switzerland. The company has also been awarded accreditation for ISO/IEC 17020:2012: Requirements for the competence of bodies performing inspection and for the impartiality and consistency of their inspection activities for Sweden and Switzerland.

eCOGRA holds ISO/IEC 17021-1:2015 accreditation which is a prerequisite for carrying out third-party ISO/IEC 27001 audits and accredited certifications of Information Security Management Systems (ISMS).

For more information about eCOGRA’s testing and certification services, please visit