Connect with us

Headlines of the Day

SEBI mandates cyber security audit for KRAs

As per a mandate by SEBI, the KYC Registration Agencies (KRAs) will have to conduct a comprehensive cyber audit at least twice in a fiscal year. They will also have to submit a statement from the Managing Director and Chief Executive Officer certifying compliance by them with SEBI’s cyber-security related guidelines and notices issued periodically, SEBI said in a circular on Monday.

The new rules say that KRAs will have to identify and classify critical assets based on their sensitivity and criticality to business operations, services and data management. SEBI said the critical assets should include business-critical systems, Internet-facing applications/systems, systems containing sensitive data, sensitive personal data, sensitive financial data, personally-identifiable information data, among others. It added that all ancillary systems utilised to access or communicate with critical systems, must also be classified as critical systems. The KRAs’ boards are also required to approve the list of critical systems now.

‘’To this end, KRA must maintain an up-to-date inventory of its hardware and systems, software and information assets (internal and external), details of its network resources, connections to its network and data flows,’‘ SEBI said. The Hindu BusinessLine

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Copyright © 2022 Communications Today

error: Content is protected !!