<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type="text/xsl" href="https://www.taxtmi.com/rss_sitemap/rss_feed_blog.xsl?v=1750492856"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
  <channel>
    <title>Modification in Cyber Security and Cyber resilience framework of Qualified Registrars to an Issue and Share Transfer Agents (“QRTAs”)</title>
    <link>https://www.taxtmi.com/circulars?id=65624</link>
    <description>QRTAs must identify and classify critical assets-including systems with sensitive or PII data-and maintain an approved inventory; conduct VAPT (covering servers, networking and security devices) at least annually (or biannually for designated protected systems) using CERT In empaneled organisations; submit Technology Committee approved VAPT reports to SEBI within one month; remediate vulnerabilities immediately and report closure within three months; perform pre commissioning testing of critical systems; carry out biannual cyber audits and furnish an MD/CEO compliance declaration with audit reports; implement measures and report status to SEBI within ten days, effective immediately.</description>
    <language>en-us</language>
    <pubDate>Fri, 27 May 2022 00:00:00 +0530</pubDate>
    <lastBuildDate>Fri, 27 May 2022 18:16:00 +0530</lastBuildDate>
    <generator>TaxTMI RSS Generator</generator>
    <atom:link href="https://www.taxtmi.com/rss_feed_blog?id=680399" rel="self" type="application/rss+xml"/>
    <item>
      <title>Modification in Cyber Security and Cyber resilience framework of Qualified Registrars to an Issue and Share Transfer Agents (“QRTAs”)</title>
      <link>https://www.taxtmi.com/circulars?id=65624</link>
      <description>QRTAs must identify and classify critical assets-including systems with sensitive or PII data-and maintain an approved inventory; conduct VAPT (covering servers, networking and security devices) at least annually (or biannually for designated protected systems) using CERT In empaneled organisations; submit Technology Committee approved VAPT reports to SEBI within one month; remediate vulnerabilities immediately and report closure within three months; perform pre commissioning testing of critical systems; carry out biannual cyber audits and furnish an MD/CEO compliance declaration with audit reports; implement measures and report status to SEBI within ten days, effective immediately.</description>
      <category>Circulars</category>
      <law>SEBI</law>
      <pubDate>Fri, 27 May 2022 00:00:00 +0530</pubDate>
      <guid isPermaLink="true">https://www.taxtmi.com/circulars?id=65624</guid>
    </item>
  </channel>
</rss>