RESTON, Virginia - November 6, 2007- The Kentucky Lottery Corporation (KLC) has become the first lottery in North America to receive the World Lottery Association (WLA) Security Control Standard certification along with ISO/IEC 27001:2005 certification from BSI Management Systems, an information security management systems certification body.
ISO/IEC 27001: 2005 establishes the requirements for an internationally recognized information security management system (ISMS). This standard was originally developed by British Standards, as ISO 17799-1:2000, and later adopted by the International Organization for Standardization (ISO). Companies can gain certification to ISO/IEC 27001:2005. To do so companies must implement an information security management system by identifying information security risks and implementing appropriate controls to manage those risks. The effectiveness of this system is then monitored on an on-going basis, along with a continual review to the risks. The WLA certification process, of which the ISO/IEC 27001:2005 certification is a part, requires an extensive examination of security controls already in place at the KLC. The certification reinforces to customers through an independent third-party that the KLC operates an effective ISMS in accordance with the requirements of the standard.
“It’s imperative that an organization such as ours develops and maintains a visible and documented security environment to retain the trust and support of players and other stakeholders,” said KLC President and CEO Arch Gleason. Gleason also serves as president of the WLA. “Through obtaining this certification, players can have a very high level of confidence in the management of our security systems to make sure our games are operated with the utmost integrity.”
BSI performed on-site assessments, examined KLC’s documented procedures, and audited its overall operations. To determine continued compliance with ISO/IEC 27001:2005, BSI will periodically conduct routine audits of KLC's ISMS and related operations.
The WLA certification process is led by the KLC’s Senior Vice President of Internal Audit & Information Security Gale Vessels and Senior Vice President of Security Bill Hickerson. This rigorous audit examines security policies, organizational security, personnel security, physical and environmental security, systems and network security, access controls, systems development and maintenance, and plans for business continuity in the event of a disaster.
“By earning ISO/IEC 27001:2005 certification, KLC is further demonstrating its commitment to information security,” said Gary Pearsons, President of BSI Management Systems America. “To be the first lottery in North America to attain this is a real achievement. By formalizing their management system and using ISO/IEC 27001:2005 as an extra set of eyes, the KLC will be able to improve security and continually assure customers that they are doing everything they can. The company’s employees are committed and use well organized processes – ISO/IEC 27001:2005 certification can only serve to improve an already top-of-the-line business.”
###
About BSI Management Systems
BSI is the world's leading management systems certification body. Founded in 1901, BSI has certified more than 60,000 locations in nearly 90 countries. Many 'Global 500' companies have chosen BSI as their preferred ISO 9001:2000, ISO/TS 16949:2002, ISO 14001:2004 or ISO/IEC 27001:2005 certification body. BSI's certification experience covers virtually every industrial and commercial sector (i.e. automotive, aerospace, chemical and allied processes, IT/software, and service). BSI Management Systems America, Inc. is headquartered in Reston, Virginia, with offices in Toronto, Canada, and Mexico City, Mexico to serve the North American market. BSI is truly a pioneering organization.
About The Kentucky Lottery
Voters in Kentucky approved a constitutional amendment to create a state lottery in 1988. Sales started in 1989, and since inception, more than $2.6 billion in proceeds have been returned to the state. All proceeds now fund college grant, scholarship and literacy programs in the Commonwealth, with 708,000 grants and scholarships worth $817,000,000 provided to Kentucky’s brightest and most deserving students since 1999. In its 17 years of operation, the KLC has sold more than $10 billion in tickets and has paid more than $6 billion in player prizes.
BSI Management Systems
12110 Sunset Hills Road, Suite 200
Reston, VA 20190-5902
www.bsiamericas.com
