logotype
ISNP Security Audit
Home ISNP Security Audit

ISNP Security Audit

RNR, as a CERT-In Empaneled Security Auditor, is licensed to assist you in understanding, managing, and complying with IRDA’s Cyber Security regulations, as announced in the IRDA’s Guidelines on Insurance E-Commerce on March 9, 2017

As a security auditor certified by CERT-IN, RNR has the authority to assist you in comprehending, managing, and adhering to the cyber security requirements set forth by IRDA. These requirements are outlined in IRDA’s guidelines on insurance e-commerce, which were published on March 9, 2017. If an insurance agency intends to establish an electronic platform, it must comply with the following stipulations as defined by IRDA.

Any insurance agency interested in establishing an electronic platform must meet the IRDA's requirements, which are as follows:
  • Implementation of Internal Monitoring Controls for Data Processing Systems
  • Board approved annual security review of the controls, systems, procedures and safeguards by a CERT-IN empanelled security auditor.
  • Compliance to ISO/IEC 27001 – Information Security Management System
  • Reporting of any adverse findings that impact policy holders with the IRDA

What we do

RNR provides a comprehensive ISNP Security Audit for an organization’s information security management system (ISMS) to assess its compliance with the Indian National Single Window (INSP) Security Policy. The audit is conducted by a qualified auditor and covers all aspects of the ISMS.

The ISNP Security Audit is an important part of ensuring the security of an organization’s information assets. By undergoing the audit, organizations can demonstrate their commitment to security and compliance with the ISNP Security Policy. And we at RNR are happy to give you all the support.

What is Application Security?

Effective Security Testing Safeguards your Applications from Cyber Threats & Vulnerabilities

The rnr application security testing helps in identifying vulnerabilities in your applications. It provides comprehensive coverage for your web and mobile application infrastructure and online services. By doing so, it helps reduce risks and ensures compliance with regulatory requirements. Our approach goes beyond simply scanning for software defects. We also focus on identifying and prioritizing the most vulnerable parts of your online application. Additionally, we provide practical solutions to address these vulnerabilities.

Leave us message

How May We Help You!

      Service Request Form

      Select Service(s) You Want:

      Information & cyber security program strategy & roadmapEnterprise & cyber security risk assessment & managementThird party risk managementVirtual CISO serviceCyber security awareness programPhishing simulation programThreat modelingUser access governance & certificationIncident management and response planISO 27001/22301/27701/9001RBI master directionNHB cyber security guidelinesIRDAI cyber security guidelinesNIST FrameworkSOC1/SOC2Data localization as per RBI circular of storage of payment system dataCIS frameworkInternal audit managementCloud assessment as per CISDesigning cloud security architectureCSPM security monitoringGap assessment as per applicable guidelinesNetwork architecture reviewFirewall rule reviewFirewall configuration reviewSystem hardening checksVulnerability assessment program managementWeb application penetration testingMobile application penetration testingInfrastructure vulnerability assessmentAPI vulnerability assessmentAPI fuzzingRed teaming ExerciseData protection advisoryData flow diagramDigital personal data protection acData protection controls implementationData discovery and classificationDesigning of data protection policyData governance programDigital personal data protection acGap assessmentArticulation of policy and proceduresISO 27001/22301/27701/9001, PCI-DSS, SOC1/SOC2, COBIT, COSO, HIPPA, RBI, IRDAI, NIST, Data Localization, CISGRC tool implementationArticulation of BCP plan and strategyCrisis management planBCP/DR planning and implementationImplementation of BCMS standard (ISO 22301)Conducting actual and tabletop DR drillsFunctional recovery planGRC resource deployment onsite/offsiteSecurity services resource deployment onsite/offsite

      Contact Details:

      Name (required):

      Organization Name (required):

      Email (required):

      Contact No (required):

      Detail about the requirement (optional):