IRDA Audit

The key objectives of the IRDA Cybersecurity framework are to ensure that a Board approved Information and Cyber Security policy is in place with all insurers, to ensure that necessary implementation procedures are laid down by insurers for Information and Cyber Security related issues, to ensure the preparedness to mitigate information and cyber security related risks, and ensure that an in-built governance mechanism is in place for effective implementation of the Information and cyber security framework.

The guidelines are applicable to all insurers regulated by IRDA and to all data created, received, or maintained by insurers, wherever these data records are and whatever form they are in while carrying out their designated duties and functions. The guidelines mandate that the Insurers’ Risk Management Committee should be responsible for an annual comprehensive assurance audit, including conducting VAPT and reporting the findings to IRDA. As a CERT-IN empanelled body, Shieldbyte Infosec can help insurers understand, manage, and comply with IRDA’s Cyber Security requirements as published in the IRDA’s guidelines on information and cyber security for insurers.