https://www.taxtmi.com/circulars?id=65612 MIIs must classify and maintain Board approved inventories of critical assets and perform periodic VAPT covering all critical systems, using CERT In empaneled firms; final VAPT reports, after standing committee approval, must be submitted to the regulator and vulnerabilities remediated promptly with closure compliance filed within three months. MIIs must conduct VAPT before commissioning new critical systems, undertake periodic cyber audits, submit MD/CEO compliance declarations with audit reports, amend governance instruments as necessary, and report implementation status to the regulator immediately. en-us Fri, 20 May 2022 00:00:00 +0530 Sat, 21 May 2022 11:45:00 +0530 TaxTMI RSS Generator https://www.taxtmi.com/circulars?id=65612 MIIs must classify and maintain Board approved inventories of critical assets and perform periodic VAPT covering all critical systems, using CERT In empaneled firms; final VAPT reports, after standing committee approval, must be submitted to the regulator and vulnerabilities remediated promptly with closure compliance filed within three months. MIIs must conduct VAPT before commissioning new critical systems, undertake periodic cyber audits, submit MD/CEO compliance declarations with audit reports, amend governance instruments as necessary, and report implementation status to the regulator immediately. Circulars SEBI Fri, 20 May 2022 00:00:00 +0530 https://www.taxtmi.com/circulars?id=65612