Iowa Admin. Code r. 491-13.6 - Testing

Current through Register Vol. 44, No. 20, April 6, 2022

(1) Initial testing. All equipment and systems integral to the conduct of sports wagering and advance deposit sports wagering shall be tested and certified for compliance with commission rules and the standards required by a commission-designated independent testing laboratory. Certification and commission approval must be received prior to the use of any equipment or system to conduct sports wagering. The commission may designate more than one independent testing laboratory.
(2) Change control. The licensees and advance deposit sports wagering operators shall submit change control processes that detail evaluation procedures for all updates and changes to equipment and systems to the administrator for approval. These processes shall include details for identifying criticality of updates and determining of submission of updates to an independent testing laboratory for review and certification.
(3) Annual testing.
a. A system integrity and security risk assessment shall be performed annually on the advance deposit sports wagering system.
(1) The testing organization must be independent of the licensee and shall be qualified by the administrator.
(2) The system integrity and security risk assessment shall be completed no later than March 31 of each year.
(3) Results from the risk assessment shall be submitted to the administrator no later than 30 days after the assessment is completed. Results shall include a remediation plan to address any risks identified during the risk assessment.
(4) The risk assessment shall be conducted in accordance with current and accepted industry standard review requirements for risk assessments.
(5) The risk assessment shall include a review of licensee controls. Review of controls shall include but not be limited to a comparison of licensee controls to industry standard and best practice controls, and an audit of the licensee processes for compliance with those controls.
b. At the discretion of the administrator, additional assessments or specific testing criteria may be required.

Notes

Iowa Admin. Code r. 491-13.6
Adopted by IAB August 28, 2019/Volume XLII, Number 5, effective 7/31/2019 Amended by IAB April 8, 2020/Volume XLII, Number 21, effective 5/13/2020 Amended by IAB February 9, 2022/Volume XLIV, Number 16, effective 3/16/2022

The following state regulations pages link to this page.



State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.