10 Del. Admin. Code § 206-17.0
Current through Reigster Vol. 28, No. 6, December 1, 2024
Section 206-17.0 - Monitoring of OperationsInternal Audit
17.1 Each agent shall maintain an internal audit function either through a separate on-site department, or through the use of corporate internal audit, or through the outsourcing of this function. The internal audit function shall maintain its independence through an organizational reporting line that is outside the management of the gaming operation. The director of the function shall report directly to the license holder, a corporate executive outside the property, or to an independent audit committee.17.1.1 The internal audit function shall operate with audit programs, checklists, or reports which, at a minimum, address the regulations and MICS and properly document the work performed, the conclusions reached, the resolution of all exceptions, and any other additional information as required by the director. Reports documenting audits performed shall be maintained for a minimum of five years and shall be made available to the Director on request.Periodic Security Audits
17.2 The technology provider shall: 17.2.1 Have the external interface of the website scanned for known vulnerabilities at least once every six months by an expert third party.17.2.2 Have the external interface of the website subjected to penetration testing at least annually by an expert third party.17.2.3 Submit the resulting reports of vulnerability scanning and penetration testing to the Director no later than one month after the date of the scan or penetration test.10 Del. Admin. Code § 206-17.0
17 DE Reg. 317 (9/1/2013) (Final)