SEBI Cyber Security & Audit

As a CERT-In Empaneled Security Auditor, QRC will help you understand and comply with the guidelines prescribed in the SEBI Cyber Security and Cyber Resilience Framework on a periodic basis. The SEBI Cyber Resilience Framework is crucial to comply with all Stockbrokers, Depository Participants, Mutual Funds, Asset Management Companies (AMCs), Stock Exchanges, Clearing Corporations and Depositories.

The SEBI circular SEBI/HO/MIRSD/CIR/PB/2018/147 directed that all stockbrokers must comply with the SEBI cyber security framework to maintain robust cyber security and cyber resilience framework to protect the integrity of data and privacy. The main objective of the audit is :

• Monitor the activities of the stock exchange and ensure integrity and privacy of data is maintained.

• Safeguard the rights of the investors

• Ensure that Cyber Security and Cyber Resilience Framework is robust

• Ensure compliance with SEBI guidelines and ToR (Terms of Reference)

• Curb fraudulent practices by maintaining a balance between statutory regulations and self-regulation.

The audit governs data created, received or maintained by trading entities and wherever these data records are and whatever form they are in, while carrying out their designated duties and functions.  The following outlines the key provisions for consideration:

• Identify and Protect

• Detect and Respond

• Remediate and Recover

Understanding the importance of having a third-party auditor to ensure your compliance, as a CERT-IN empaneled body, QRC ensures that it fits your requirements and budget and creates more value to help you remain SEBI cyber security compliant.