INFOSEK
Infosek manages the full SEBI CSCRF compliance lifecycle for stockbrokers, DPs, AMCs, and MIIs — from gap analysis to annual cyber audit representation. We work to your SEBI deadline, not a generic timeline.
Identify control gaps against the SEBI framework and receive a clear, prioritised remediation roadmap.
Complete IS policy documentation, control frameworks, and audit trail management aligned to SEBI requirements.
Vulnerability assessment and penetration testing conducted at the SEBI-mandated half-yearly cadence with full remediation support.
Full documentation preparation, auditor coordination, and query response support for your SEBI annual cyber audit.
SEBI-mandated IAAP accessibility audit covering your investor-facing portals and applications to ensure regulatory compliance.
Direct liaison with SEBI on compliance queries, plus complete SOP drafting for incident response and breach reporting.
SEBI's Cyber Security and Cyber Resilience Framework applies across the capital markets ecosystem. If you are regulated by SEBI, you have mandatory cybersecurity obligations.
NSE, BSE registered brokers obligated to meet SEBI CSCRF controls, annual cyber audits, and half-yearly VAPT mandates.
NSDL and CDSL registered DPs required to implement cybersecurity frameworks, IS audits, and investor-portal accessibility audits.
Mutual fund AMCs and portfolio managers mandated to secure investor data, systems, and operations under SEBI's cybersecurity framework.
Stock exchanges, clearing corporations, and depositories with the most stringent SEBI cybersecurity obligations and board-level reporting requirements.
Choose a package that matches your entity size and regulatory category. All packages are fully managed — we handle everything from gap analysis to audit representation.
For small brokers and DPs with basic SEBI CSCRF requirements
For mid-size brokers, AMCs, and DPs with complex systems
For large brokers, MIIs, and entities with multiple licenses
Starting price. Scope varies by entity size and regulatory category.
SEBI's Cyber Security and Cyber Resilience Framework (CSCRF) applies to all SEBI-regulated entities — stockbrokers, DPs, AMCs, RTAs, and MIIs. It mandates specific cybersecurity controls, annual cyber audits, VAPT, and incident reporting.
Initial gap analysis: 2–3 weeks. Full implementation and audit readiness: 2–4 months depending on entity size. We work to your SEBI deadline, not a generic timeline.
Yes. We prepare all documentation, coordinate with empanelled auditors, respond to audit queries, and support post-audit remediation if needed. You never face the auditor alone.
Post-audit remediation is one of our most common engagements. We identify root causes and prepare you for re-audit — typically within 60–90 days. We've helped entities go from a failed audit to a clean opinion in a single cycle.
Book a free 30-minute assessment. We'll assess your current compliance posture and give you a clear action plan — no jargon, no sales pitch.
