Tuesday, November 18, 2025 | 04:45 AM ISTहिंदी में पढें

Home / Industry / News / Cert-In makes annual cybersecurity audit mandatory for companies

Cert-In makes annual cybersecurity audit mandatory for companies

The guidelines by Cert-In allow sectoral regulators to mandate audits more frequently if needed, Cert-In said

premium

The new guidelines, aimed at tightening cyber hygiene across sectors, come amid a surge in digital threats and a rising number of breaches targeting critical infrastructure.

Aashish Aryan New Delhi

4 min read Last Updated : Jul 28 2025 | 12:01 AM IST

Listen to This Article

In a first, the Indian Computer Emergency Response Team (Cert-In) has made it mandatory for private and public-sector organisations that own or operate digital systems, processes, or infrastructure, to undergo a comprehensive third-party cybersecurity audit at least once a year.

This is the first such directive for the private sector.

The guidelines by Cert-In allow sectoral regulators to mandate audits more frequently if needed, Cert-In said.

In a set of guidelines issued for all public-sector and private companies, Cert-In has stated cybersecurity audits should adopt a risk-based and domain-specific approach, aligning with the business context, threat landscape, and operational priorities

Topics : Computer accessories cybersecurity cybersecurity apps Cyberspace security