UIDAI - AUA KUA Compliance Security AuditUIDAI's Guidelines for Compliance Security Audits of KYC User Agency (KUA) and Aadhaar Authentication Services (AUA)
As a CERT-In Empanelled Security Auditor, Security Brigade is authorised to help you understand, manage and comply with UIDAI Security Audit & Compliance requirements that are released on a periodic basis.
Any organisation that is looking to become an empanelled KYC User Agency (KUA) or looking to integrate with Aadhaar Authentication Services (AUA), is required to get a comprehensive security assessment and corresponding compliance certification from a CERT-In Empanelled Security Auditor.
As part of the latest requirements, AUAs and KUAs must ensure that their operations are audited by a CERT-In Empanelled Security Auditor on an annual basis and on a need basis to ensure compliance with UIDAI standards and specifications.
As per the latest UIDAI Information Security Policy for AUAs and KUAs, the following Information Security Domains and Related Controls need to be implemented and audited:
- Human Resources
- Asset Management
- Access Control
- Password Policy
- Physical and Environmental Security
- Operations Security
- Communications security
- Information Security Incident Management
- Change Management
Download Our Whitepaper to learn more about the UIDAI – AUA KUA Compliance Security Audit and how Security Brigade can help you comply with UIDAI’s information security mandates.