The Client is a high-frequency sports betting company based in the UK. Its main purpose is to provide statistical analysis models and software to enable online sports gambling by its Directors. Given the nature of its business, the portability of its core IP and the ease of access to its trading capital, the Client is concerned about systems security in general and theft of IP in particular. They engaged Pragma to review its security and provide a set of recommendations for improvement.

The scope of service included an operational risk review focusing on the use of technology, governance, policies and processes, and identification of any long-term structural vulnerabilities. The audit consisted of an initial workshop to understand the Client's background and agreement on a documented standard ISO27000 series and industry best practice, followed by onsite and offsite reviews. We also conducted a technical risk review that provides a detailed point-in-time review of the technical security of the AWS platform.