Cybersecurity Risk Compliance in India

Authors

  • Commander Mukesh Saini Xitiz Cyber Security Solutions Pvt. Ltd.

Keywords:

Cybersecurity risk management, The Companies Act 2013, Auditing Standards, Compliance, Auditor’s reports, Vulnerability Assessment and Penetration Testing (VAPT), Cyber Hygiene, Incident Management, Awareness.

Abstract

The Cyber risk to all Companies is real and present.  It impacts not only financially but also adversely to the company’s reputation and its brand. The Companies Act 2013 has made the Board of Directors responsible for appropriately manage risk to the company (S. 134), while auditors are accountable for reporting any risk to the company (S. 177). The Auditing standard AAS 29 (SA 401) requires computer security auditing. Therefore annual auditor’s report will be incomplete without assessing Cybersecurity risk management policy and its implementation. The Auditors may seek experts help to complete the effective audit. Therefore Cybersecurity risk management is a statutory 4compliance requirement.

Author Biography

Commander Mukesh Saini, Xitiz Cyber Security Solutions Pvt. Ltd.

Commander Mukesh Saini(Retd.)

Managing Director

Xitiz Cyber Security Solutions Pvt. Ltd.

Downloads

Published

2018-07-27

Issue

Vol. 1 No. 1 (2018): National Journal of Cyber Security Law

Section

Articles