ISNP SECURITY AUDIT |

ISNP SECURITY AUDIT

In today’s digital world, both buyers and sellers are becoming more interested in e-
commerce. Even in the insurance sector, registered participants are investigating online
marketplaces for their goods. As a result, on March 9, 2017, the Insurance Regulatory
and Development Authority of India (IRDA) released rules for insurance e-commerce.
These guidelines primary goal is to provide uniform principles for carrying out insurance
e-commerce operations. According to these rules, anybody wanting to sell insurance
online must build up an internet platform called the Insurance Self-Network Platform
(ISNP) and abide by all the rules laid down for it.

What is an Insurance Self-Networking Platform (ISNP) Audit?

On March 9th, 2017, the Insurance Regulatory and Development Authority of India (IRDA) released rules for insurance e-commerce, IRDA/ INT/ GDU ECM/ 055/03/2017. These guidelines' primary goal is to provide uniform principles for carrying out insurance e-commerce operations.

ISNP, short for Insurance Self Network Platform, is a digital platform that may be created by any applicant with the authority's approval.

To unify the procedures for carrying out insurance e-commerce operations, the Insurance Regulatory and Development Authority of India (IRDA) released guidelines. The following conditions must be met by any Insurance Agency intending to build up an Electronic Platform in accordance with the new rules. 055/03/2017 IRDA/ INT/ GDU ECM

The recommendations were developed to harmonise the internet insurance industry's e- commerce regulations. According to the rules, anybody wishing to sell insurance online must establish up an ISNP and abide by all IRDA guidelines in order to engage in insurance e-commerce activity. The following configuration options are available for ISNP:

Website (desktop or mobile version)

smartphone application

Both

Insurance companies, aggregators, and intermediaries are required to adhere to IRDA of India's Insurance Self Service Network Platform ISNP rules. The following are the main goals of an ISPN audit:

Internal Monitoring Controls for Data Processing Systems Implementation

Board-approved yearly security evaluation by a CERT-IN or CISA auditor of the controls, systems, procedures, and safeguards

Adherence to the Information Security Management System, ISO/IEC 27001

Reporting to the IRDA any adverse effects that influence policyholders

Scope of application

Existing ISNP insurers and insurance intermediaries who have previously
established their own ISNPs or insurance portals for the sale and servicing of insurance products are required to abide by these rules. They are obligated to abide by these rules.
An external CERT-In Empanelled Company or CISA Auditor must examine the functioning of the ISNP and the controls, system, process, and safeguards put in place by the ISNP at least once each year.

The applicant must provide the Board or its subcommittee with the CERT Auditor's report and the ISNP's information security management system for review.

Objective

To put internal control monitoring measures into place for data processing systems.
established their own ISNPs or insurance portals for the sale and servicing of insurance products are required to abide by these rules. They are obligated to abide by these rules.
A cert-in empanelled security auditor is authorised by the board to conduct a yearly security examination of the controls, systems, processes, and protections.

To guarantee adherence to the information security management system standard, iso/iec 27001

To guarantee that the irda is informed of any unfavourable results that affect policyholders.

How is an ISNP audit conducted?

Audit is carried out as a comprehensive technical evaluation.

Includes a process assessment for information security

Includes if cyber security measures are applicable

Includes verifying the technical standards required by the IRDA

By looking at evidence and server records.

Audit Report for ISNP

A thorough report on the gap analysis

Who must engage in which tasks in order to comply with the IRDA will be specified in the report.

Wherever practicable, the report shall include specifics on what must be done and by whom.

Estabizz Fintech provides the ISNP audit service, which is tailored to the IRDA's requirements for ISNP Audits. Our procedure combines the IRDA scoping standards to guarantee adherence to the audit guidelines for the IRDA.
To assist firms in meeting their changing Data Security and Privacy demands, our specialists provide experience that is unrivalled in the market. As stated in the IRDA's Guidelines on Insurance E-Commerce, we guarantee to assist you in comprehending, managing, and complying with the criteria for cyber security.
Estabizz Fintech is a highly technological business that places a strong emphasis on constant service quality improvement. Because of this, our consumers like us and it helps us maintain the highest level of quality.

overview The methodologies connected with NPA by an Asset Reconstruction Company Following capacities are performed by ARC according to RBI Notification Registration requirements for an Asset Reconstruction Company Criteria for Registering an Asset Reconstruction Company Registration Process of an Asset Reconstruction Company Documents needed for Registration of an Asset Reconstruction Company How to contact Estabizz