As a CERT-In Empanelled Security Auditor, we help customers by carrying out a comprehensive Website Security Audit and help them achieve CERT-In Certification for the websites.
A Security Certificate from a CERT-In Empanelled Security Auditor is required by a wide range of Indian Compliance Standards and Regulatory Requirements. These include:
- RBI Cyber Security Compliance
- CERT-IN Website Security Audit & Certification
- System Audit Report for Data Localization (SAR)
- UIDAI – AUA KUA Compliance Security Audit
- ISNP Security Audit
- SEBI Cyber Security and Cyber Resilience Framework
- VSCC Certificate for SBI – Vendor Site Compliance Certificate
From CERT-IN Website Security Audit to Certification
The journey to CERT-IN certification involves a comprehensive audit process that scrutinizes every nook and cranny of your digital infrastructure.
- Initial Assessment: A bird’s eye view of your current security posture.
- In-Depth Analysis: Delving deeper into your website’s architecture and data handling processes.
- Vulnerability Assessment: Identifying potential weaknesses and areas for improvement.
- Reporting: A detailed report outlining findings and recommendations.
- Re-Testing & Certification: Final round of testing to verify all fixes, and issuing the CERT-In Website Security Certificate.
CERT-In Security Audit Baseline Requirements
CERT-In has provided a set of Baseline Requirements to serve as the minimum-security assurance baseline
expected across the Cyber Information Infrastructure of organisations and form the criterion for conduct of Cyber Security Audits.
The key sections of these baseline security controls include:
- Management
- Protection
- Detection
- Response
- Recovery
- Lesson Learnt & Improvements