AdvocateKhoj
Login : Advocate | Client
Home Post Your Case My Account Law College Law Library
    

Information Technology (Certifying Authorities) Rules, 2000

31. Audit. -

(1) The Certifying Authority shall get its operations audited annually by an auditor and such audit shall include inter alia,-

i. security policy and planning;

ii. physical security;

iii. technology evaluation;

iv. Certifying Authority’s services administration;

v. relevant Certification Practice Statement;

vi. compliance to relevant Certification Practice Statement;

vii. contracts/agreements;

viii. regulations prescribed by the Controller;

ix. policy requirements of Certifying Authorities Rules, 2000.

(2) The Certifying Authority shall conduct,-

(a) half yearly audit of the Security Policy, physical security and planning of its operation;

(b) a quarterly audit of its repository.

(3) The Certifying Authority shall submit copy of each audit report to the Controller within four weeks of the completion of such audit and where irregularities are found, the Certifying Authority shall take immediate appropriate action to remove such irregularities.





Information Technology (Certifying Authorities) Rules, 2000 Back






Client Area | Advocate Area | Blogs | About Us | User Agreement | Privacy Policy | Advertise | Media Coverage | Contact Us | Site Map
powered and driven by neosys