SUPPORT SFLC.IN

Information Technology (Information Security Practices and Procedures for Protected System) Rules, 2018

Salient Features:

  1. All organisations having “Protected System” (under Section 2(k) of the Information Technology Act, 2000; primarily covers government organisations) shall constitute an Information Security Steering Committee (ISSC) under the chairmanship of CEO/MD/Secretary.

  2. Mandate of ISSC includes approving information security policies of Protected Systems; setting mechanisms for timely communication of cyber incidents; sharing information security audits etc.

  3. Nominate Chief Information Security Officer (CISO) as provided in “Guidelines for Protection of Critical Information Infrastructure”

  4. Establish, monitor and continually improve Information Security Management System (ISMS) of the Protected System.

PrintLinkedIn

Related Posts

Comments on the draft Telecommunications (Telecom Cyber Security) Rules, 2024

SFLC.in organised “AI in Focus: Navigating Risk, Regulation and Responsibility”

APAAR ID: One Nation, One Student ID! What About Privacy?

SFLC.in at 6th Digital Citizen Summit 2024, by the Digital Empowerment Foundation