Cybersecurity

Introduction:

Cyberspace has become a game-changer in the digital age and has impacted every facet of human life. There are severe threats that may cause systemic harm to entities and organizations in ‘critical sectors’ of the nation, further impacting national security, economy, public health, and safety.

There is a need to strengthen the cyber security aspects of Critical Sector Entities (CSEs) to prevent the impact due to exploitation of any vulnerabilities and build cyber resilience in their delivery of critical functions of the nation like power generation, transmission & distribution, banking, financial services and insurance, telecommunication, government services under Digital India mission, transportation, health, and strategic capabilities.

CSEs need to protect their Critical Information Infrastructure (CII) comprising various computer systems, networks, applications, and data, the incapacitation or destruction of which shall have a debilitating impact on national security, economy, public health, or safety.

National Critical Information Infrastructure Protection Centre (NCIIPC), a unit of the National Technical Research Organisation (NTRO), is a government organisation created under Section 70A of the Information Technology Act, 2000 (amended 2008), through gazette notification dated 16 Jan 2014. NCIIPC has been designated as the national nodal agency for the protection of CII.

The Quality Council of India (QCI) has developed a Conformity Assessment Framework (CAF) for the Cyber Security of Critical Sector Entities, with NCIIPC as the Scheme Owner (SO) and QCI as the National Accreditation Body & Scheme Manager to manage the scheme on behalf of NCIIPC. The CAF for the cybersecurity of CSEs comprises the following Schemes:

1. Certification Scheme for Cyber Security Management System (CSMS) (Level 1,2,3)
2. Inspection Scheme for Information Technology and Industrial Control Systems (IT/ICS)
3. Personnel Certification Scheme for Cyber Security Professionals
4. Accreditation Scheme for IT/ICS Consultancy Organisations (COs)
5. Accreditation Scheme for IT/ICS Training Bodies (TBs)

QCI has developed the CAF through multi-stakeholder consultation that has considered the national legal and regulatory mandates to create a robust, cyber security ecosystem at the national level. The CAF has been designed in a manner by which CSEs can adequately address the three pillars i.e. processes, people, and technology within their organizations.

Schemes

Cyber Security Management System Scheme for Basic Technical Criteria (Level 1)

Cyber Security Management System Scheme for Supplementary Technical Criteria (Level 2)

Cyber Security Management System Scheme for Additional Technical Criteria (Level 3)

Personnel Certification Scheme for IT/ ICS Cyber Security Professionals

Inspection Scheme for IT and ICS

Accreditation Scheme for IT /ICS Cyber Security Consultancy Organisations

Accreditation Scheme for IT/ICS Training Bodies

Documents

CRM| Personnel Certification Scheme for IT/ICS

CRM| CSMS Scheme for BTC (Level 1)

CRM| CSMS Scheme for STC (Level 2)

CRM| CSMS Scheme for ATC (Level 3)

CRM| Inspection Scheme for IT and ICS

CRM| Accreditation Scheme for IT/ICS Cyber Security Consultancy Organisations

CRM| Accreditation Scheme for IT/ICS Training Bodies

CONTACT

For more information, please write to us at padd_schemes@qcin.org

Phone: 011-35354120, 011-35354226

For filling out the application form, please register at https://paddscheme.qci.org.in/register 

Close Search Window