Regulatory compliance and audits
We offer the following regulatory audits and certifications to stay secure and be compliant !!
Compliance is an important part of a cyber security program.
Heavily regulated industries are often a bigger target for cybercriminals because of their highly valuable data, e.g., patient data in healthcare, financial data in banking, identity data in government.
Cybersecurity laws and regulations are to ensure that organizations data is safe. This applies to all regulated industries that are overseen by state, central and regulatory bodies like CERT & GDPR
While meeting compliance requirements doesn’t guarantee organization is secure, it provides a solid foundation for security practices. Noncompliance will lead to fines and other penalties.
Risk based assessment to determine the focus of the audit, and to identify which areas are out of scope.
Audit workplan, in which the timing and resourcing of the audit is agreed with manage-ment.
Audit tests performed to validate evidence as it is gathered, as well as audit work papers documenting the tests performed.
The audit evidence should be sorted, filed and reviewed in relation to the risks and control objectives.
Audit findings & recommenda-tion with action plan
Recommendations to address CERT-In requirements
Internal Computer technology system clocks synchronized with NTP
ICT Systems must connect with Network Time Protocol (NTP) server of National Informatics Centre (NIC) or National Physical Laboratory (NPL)
Ensure the enterprise pick any atomic server or synchronize with NIC or NPL
Ensuring records are maintained and having a point of contact
Organizations ensuring all CERT-In interactions have a single point of contact (POC)
Customer must designate the point of contact for interacting with CERT-In CSIRT/IT security incident manager is mandatory
Incident reporting framework
Ensure reporting cyber security incidents to the Indian Computer Emergency Response Team (CERT-In) as per the methods and formats published on CERT’s website
Security monitoring is essential to identify security incidents either through captive or outsourced security Operations Center (SOC) Customers are to report cyber security incidents to CERT-In within six hours
SOP to capture logs and following reporting and retention policy
Enable logs of all ICT systems and maintain them securely for a rolling period of 180 days Essential logs FW, IPS, Web/DB/Mail/ Proxy/FTP, APP, ATM Switch, IoT, SSH, VPN logs
From the incident response and analysis perspective, both successful as well as unsuccessful events shall be recorded
Would you like to know more…