205 CMR 143.12 - Network Security

As part of its internal controls submission in accordance with 205 CMR 138.01, a gaming licensee shall annually submit an infrastructure and data security plan to the Commission for review and approval. The plan should employ best practices (i.e., NIST SP 800-53 or ISO/IEC 27001) for protecting infrastructure and data.


205 CMR 143.12
Adopted by Mass Register Issue 1267, eff. 8/15/2014. Amended by Mass Register Issue 1312, eff. 5/6/2016. Amended by Mass Register Issue 1343, eff. 7/14/2017. Amended by Mass Register Issue 1356, eff. 1/12/2018. Amended by Mass Register Issue 1399, eff. 9/6/2019.

State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.

No prior version found.