https://www.taxtmi.com/circulars?id=65650 Mutual Funds and AMCs must identify and classify critical assets and maintain an up-to-date inventory approved by Boards/Trustees. They are required to conduct periodic VAPT using CERT-In empanelled organisations, submit final VAPT reports to SEBI after Technology Committee approval within one month, remediate vulnerabilities immediately and file closure compliance within three months. VAPT or scanning is required before commissioning new critical systems. All cyber incidents must be reported to SEBI within six hours and quarterly reports submitted within fifteen days of quarter-end; entities must perform two cyber audits per year and provide an MD/CEO compliance declaration. en-us Thu, 09 Jun 2022 00:00:00 +0530 Thu, 09 Jun 2022 17:03:00 +0530 TaxTMI RSS Generator https://www.taxtmi.com/circulars?id=65650 Mutual Funds and AMCs must identify and classify critical assets and maintain an up-to-date inventory approved by Boards/Trustees. They are required to conduct periodic VAPT using CERT-In empanelled organisations, submit final VAPT reports to SEBI after Technology Committee approval within one month, remediate vulnerabilities immediately and file closure compliance within three months. VAPT or scanning is required before commissioning new critical systems. All cyber incidents must be reported to SEBI within six hours and quarterly reports submitted within fifteen days of quarter-end; entities must perform two cyber audits per year and provide an MD/CEO compliance declaration. Circulars SEBI Thu, 09 Jun 2022 00:00:00 +0530 https://www.taxtmi.com/circulars?id=65650