9911796707
TMI BlogModification in Cyber Security and Cyber resilience framework of KYC Registration Agencies (KRAs)X X X X Extracts X X X X X X X X Extracts X X X X ..... tion Agencies (KRAs) 1. SEBI vide circular SEBI/HO/MIRSD/DOP/CIR/P/2019/111 dated October 15, 2019 prescribed framework for Cyber Security and Cyber Resilience for KYC Registration Agencies. 2. In partial modification to Annexure A of SEBI circular dated October 15, 2019 , the paragraph-11, 40, 41 and 42 shall be read as under: 11. KRAs shall identify and classify critical assets base ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... l carry out periodic vulnerability assessment and penetration tests (VAPT) which inter-alia include critical assets and infrastructure components like Servers, Networking systems, Security devices, load balancers, other IT systems pertaining to the activities done as KRAs etc., in order to detect security vulnerabilities in the IT environment and in-depth evaluation of the security posture of the ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... on of final VAPT report. 42. In addition, KRAs shall perform vulnerability scanning and conduct penetration testing prior to the commissioning of a new system which is a critical system or part of an existing critical system. 3. Further, the KRAs are mandated to conduct comprehensive cyber audit at least twice a financial year. All KRAs shall submit a declaration from the MD/ CEO certifying ..... X X X X Extracts X X X X X X X X Extracts X X X X ..... approval of the competent authority. 9. This circular is available on SEBI website at www.sebi.gov.in under the categories Legal Framework and Circulars . Yours faithfully, Sapna Sinha Deputy General Manager Market Intermediaries Regulation and Supervision Department Tel. no.:022 2644 9748 email id: [email protected] - Circular - Trade Notice - Public Notic ..... X X X X Extracts X X X X X X X X Extracts X X X X
|
