caalley logo

The alley for Indian Chartered Accountants

IRDAI Information and Cyber Security Guidelines, 2023
 
Ref No: IRDAI/GA&HR/GDL/MISC/88/04/2023 

24th Apr, 2023

To,

All Insurers, Insurance Intermediaries and IIB, 

SUB: IRDAI Information and Cyber Security Guidelines, 2023.

  1. IRDAI vide Circular ref: IRDAI/IT/GDL/MISC/082/04/2017 dated 07th Apr, 2017 has issued guidelines on Information and Cyber Security for Insurers, which were later extended to all Insurance Intermediaries vide Circular ref: IRDA/GA&HR/GLD/MISC/184/09/2022 dated 02nd Sep, 2022.
  1. Considering the wide-spread adoption of digital technologies and the concurrent increase in cyber security incidents, the revised Guidelines are hereby issued in order to enable the insurance industry to strengthen their defenses as well as related governance mechanism to deal with such emerging cyber threats.
  1. The IRDAI Information and Cyber Security Guidelines, 2023 are attached as Annexure – A.
  1. All Insurers including FRBs, Insurance Intermediaries covering Brokers, Corporate Agents, Web Aggregators, TPAs, IMFs, Insurance Repositories, ISNP, Corporate Surveyors, MISPs, CSCs and Insurance Information Bureau of India (IIB) shall adhere to the said Guidelines. Those entities who have already completed security audit for FY 2022-23 shall ensure compliance with these guidelines from next financial year. 
  1. The IRDAI Circular ref: IRDAI/IT/GDL/MISC/082/04/2017 dated 07th Apr, 2017, Circular ref: IRDA/IT/CIR/MISC/301/12/2020 dated 29th Dec, 2020, Circular ref: IRDA/GA&HR/GLD/MISC/184/09/2022 dated 02nd Sep, 2022 and Circular ref: IRDAI/GA&HR/GDL/MISC/211/10/2022 dated 11.10.2022 are superseded by these guidelines. 

        

(P.S. Jagannatham)

Chief General Manager (Admin & HR)

Annexure – A

IRDAI Cyber Security Guidelines 2023

Annexure - I Applicability of NIST Framework to All Regulated Entities

Annexure - II Classification of Insurance Intermediaries

Annexure - III Auditors Report [in .docx format]

Annexure - IV Eligibility Criteria for the Audit firm

Annexure - V & VI Text of Audit Certificate

  

Go to IRDAI Acts & Regulations

  

Read more on:
Don't miss an update!
Subscribe to our newsletter