12 August 2024


Notifications & Circulars

Securities and Exchange Board of India

04.04.2024

Capital Market

SEBI Obtains ISO/IEC 27001:2022 Certification for its Information Security Management Systems

MANU/SPRL/0006/2024

SEBI has successfully obtained the ISO/IEC 27001:2022 certification for the following:

(1) Information Security Management System at the Primary Data Centre,

(2) Security Operations Control (SOC) and Network Operations Control (NOC) Operations and

(3) Information Security Management System at the Disaster Recovery site.

The Certification was obtained after rigorous evaluation by the certification body under accreditation of National Accreditation Board for Certification Bodies (NABCB), a member of International Accreditation Forum (IAF).

International Organisation for Standardisation - ISO/ International Electrotechnical Commission- IEC 27001:2002 is an internationally recognized standard for ISMS that enables organizations to identify, prevent, and defend potential security vulnerabilities. As stated by ISO on its website [www.iso.org/standard/27001], ISO/IEC 27001 "promotes a holistic approach to information security: vetting people, policies and technology. An information security management system implemented according to this standard is a tool for risk management, cyber-resilience and operational excellence".

As part of its continuous commitment to set benchmarks for cyber security standards in the Indian Securities Market, it was decided to obtain ISO/IEC 27001:2022 certification by ensuring that SEBI's information technology systems meet the standards of a comprehensive evaluation and audit process undertaken by the certification body accredited by NABCB.

This certification underscores SEBI's commitment to continuous improvement and enhancement of its systems and controls to achieve Confidentiality, Integrity, and Availability (CIA) of data and operations.

Tags : Certification Security Management

Share :