Cyber security requirements mandate annual VAPT by certified vendors and timely remediation, plus annual cyber audit and executive certification. Stock Brokers and Depository Participants must classify and inventory critical assets, including ancillary systems, obtain board-level approval of critical systems, and perform annual VAPT and comprehensive annual cyber audit. VAPT must be done by CERT In empanelled organisations, with the final report submitted to Exchanges/Depositories within one month after Technology Committee approval; vulnerabilities must be remediated promptly and closure compliance submitted within three months. Vulnerability scanning and penetration testing are required before commissioning new critical systems. Entities must submit an MD/CEO/partner/proprietor declaration of compliance and report implementation status to Exchanges/Depositories within ten days; Exchanges/Depositories must amend bylaws and notify members.
Cases where this provision is explicitly mentioned in the judgment/order text; may not be exhaustive. To view the complete list of cases mentioning this section, Click here.
Provisions expressly mentioned in the judgment/order text.
Cyber security requirements mandate annual VAPT by certified vendors and timely remediation, plus annual cyber audit and executive certification.
Stock Brokers and Depository Participants must classify and inventory critical assets, including ancillary systems, obtain board-level approval of critical systems, and perform annual VAPT and comprehensive annual cyber audit. VAPT must be done by CERT In empanelled organisations, with the final report submitted to Exchanges/Depositories within one month after Technology Committee approval; vulnerabilities must be remediated promptly and closure compliance submitted within three months. Vulnerability scanning and penetration testing are required before commissioning new critical systems. Entities must submit an MD/CEO/partner/proprietor declaration of compliance and report implementation status to Exchanges/Depositories within ten days; Exchanges/Depositories must amend bylaws and notify members.
Full Summary is available for active users!
Note: It is a system-generated summary and is for quick reference only.