IRDAI sets up panel to relook Guidelines on Cybersecurity

The Insurance Regulatory and Development Authority of India (IRDAI) has set up the working group committee so as to relook its information and security guidelines. The need to set up the panel was felt in the aftermath of exponential increase in cyberattacks across the world amid the ongoing covid-19 pandemic.


  • The economic situation particularly the financial sector has seen an exponential increase in cyber-attacks amid the pandemic.
  • The rising threat of the cyberattacks has necessitated the Regulators to relook into the Cyber Security Guidelines.
  • These guidelines will be applicable to all the regulated entities to protect financial systems.

What are those guidelines?

  • As per the guidelines, the Insurers’ Risk Management Committee will be responsible for an annual comprehensive assurance audit.
  • The committee will also be responsible for conducting the Vulnerability Assessment & Penetration Test (VA&PT).
  • After the audit has been done, they are required to report the findings to IRDAI.

Role of working group committee

  • The committee will review if the applicability of the guidelines for the insurers can be extended to other entities under regulatory measures of IRDAI.
  • It will also look after how one can apply the Guidelines to the extent applicable to entities who are accessing the Insurers IT System.
  • It will further consider whether there is a need to update guidelines to cover the cyber security issues in fintech solutions, work from remote location, mobile-based applications, and cloud sourcing.


The regulators had issued guidelines on cybersecurity in April 2017 under its governance mechanism. The guidelines also included the Board-approved Information & Cyber Security Policy, Information Security Committee (ISC), Cyber Crisis management plan (CCMP) and Appointment of Chief Information Security Officer (CISO).


Leave a Reply

Your email address will not be published. Required fields are marked *