In today’s age of digitalization, e-commerce is the gaining the fancy of customers as well as sellers. Even in the insurance industry, the registered player is exploring the online platforms to sell their products. In light of that, Insurance Regulatory and Development Authority of India (IRDA) had issued guidelines relating to insurance e-commerce on 9th March 2017. The main objective of these guidelines is to set standardize rules for conducting insurance e-commerce activities. As per these regulations, anyone willing to sell insurance online is required to set-up a digital platform known as Insurance Self-Network Platform (ISNP) and follows all the regulations specified for it.
What is an Insurance Self-Networking Platform (ISNP) Audit?
The Insurance Regulatory and Development Authority of India (IRDA) had issued guidelines IRDA/ INT/ GDU ECM/ 055/03/2017 relating to insurance e-commerce on 9th March 2017. The main objective of these guidelines is to set standardize rules for conducting insurance e-commerce activities.
As per these regulations, anyone willing to sell insurance online is required to set-up a digital platform is known as Insurance Self-Network Platform (ISNP) and follows all the regulations specified for its Insurance Self-Network Platform refers to an electronic platform set up with a view to conducting insurance e-commerce activity. Such platforms can only operate after getting permission from IRDA.
ISNP can be set up in any of the following forms:
- Website Application (desktop or mobile version)
- Mobile Application
- These guidelines need to comply with by existing ISNP’s Insurer and Insurance Intermediaries who already set-up their own ISNP’s or insurance portals for selling and service insurance product. They are required to comply with these guidelines.
- The review of operation of the ISNP and the controls, system, procedure, and safeguards put in place by the ISNP, shall be carried out, at least once a year, by an external CERT-In Empanelled Company or CISA Auditor.
- The Applicant shall place the report of the CERT Auditor and the information security management system of ISNP before the Board or its sub-committee for their observation.
- To Implement Internal Monitoring Controls for Data Processing Systems.
- Board approved annual security review of the controls, systems, procedures, and safeguards by a CERT-IN Empanelled Security Auditor.
- To ensure compliance to ISO/IEC 27001 – Information Security Management System.
- To ensure reporting of any adverse findings that impact policy holders with the IRDA.
IRDA ISNP Audit Approach & Process
Xiarch is worked with the wholesome approach that deals with ISNP Compliance and we are also divided our working techniques to ensure compliance with IRDA Guidelines.
- Planning and preparation of the audit scope and objectives.
Risk Assessment and Business Process Analysis
- Assessment, measuring, managing, and controlling IT-related risks, thus enhancing the reliability of processes and the entire information system.
Audit Performance (Compliance and System Review)
- Assessment of controls over critical system platforms, network and physical components, IT infrastructure supporting relevant business processes.
- Report audit findings, conclusions, and recommendations of the audit in terms of conformance, non-conformance, and opportunities to improve.
What We Deliver ?
Xiarch offers the ISNP audit service specifically addressing the IRDA towards ISNP Audits. To ensure compliance with the IRDA Audit guidelines, our process incorporates the scoping guidelines from IRDA.
Our experts will furnish an itemized security evaluation report with legitimate remediation steps to be taken.
Distinguish Security Weaknesses inside your Digital Asset permitting you to proactively remediate any issues that emerge and improve your security act.
We also assured you that your assessments are executed by Qualified Experts.
Our group of security specialists holds industry capabilities, for example, CHECK Team Member and Team Leader, CEH, ECSA, OSCP, CISA, CISSP, and many more.
Compliance & Certification
We will help you with the Compliance & Certification process that deals with the understanding of various documentation having the implementation verification.
Xiarch is worked with the wholesome approach that deals with compliance process.
Why Xiarch ?
Xiarch is a CERT-IN Empanelled & ISO 9001:2015 | ISO 27001-2013 Licensed Cyber Security Company and IT Services Company with solutions providers in Information Security like VAPT Services, Penetration Testing Services, Vulnerability Assessment Services, Among our consumers we proudly work for Government Organizations, Fortune one thousand Companies and countless start-up companies. We are additionally Value Added Partners, Authorized Re-sellers & Distributor of Leading Web Application Security Testing Tools.
We are headquartered in Delhi and have branch presence in Gurugram and Mumbai - India
Contact our sales team @ +91-9667916333 for further clarifications on above stated service, you can also reach us by an email at [email protected]. We’ll be great full to serve you. Happy Security.
Few Customer Testimonials
Our clients like us for our specialized abilities, administration quality and polished methodology. Sharing their great words is a delight for us.
Trusted by Thousand of Brands
Get In Touch With Us
Test the effectiveness of your own security controls before malicious parties do it for you. Our security experts are here to help — schedule a call today.
Xiarch Security is an global security firm that educates clients, identifies security risks, informs intelligent business decisions, and enables you to reduce your attack surface digitally, physically and socially.
Certified Security Experts
Our security experts are exceptionally qualified and confirmed by CEH, ECSA, OSCP, CISA, CISSP, and numerous others.
Communication & Collaboration
After surveying the code our specialists shared the best answers to correct them. Our experts will communicate with you for any further implementations.
We hold industry-leading certifications and dedicate part of every day to research the latest exploit techniques to ensure our clients remain protected from evolving online attacks.
Free Remediation Testing
Once your team addresses remediation recommendations, Xiarch will schedule your retest at no additional charge.