SEBI CSCRF August 2024 — Mandatory Compliance

India’s First SEBI CSCRF
Compliance Engine

Purpose-built for SEBI Regulated Entities. Achieve full cybersecurity compliance across all 5 pillars and 40 controls — with role-based workflows for CISO, Compliance Manager, and Auditor.

Request Demo See the Platform
⚠️  SEBI CSCRF Deadline: January 1, 2025 for existing REs  |  April 1, 2025 for new REs  |  Quarterly compliance reporting mandatory
5
CSCRF Pillars covered
40
Controls pre-mapped
23
CCI parameters tracked
3
Roles: CISO, Manager, Auditor
₹250Cr
Max penalty for non-compliance
Who must comply

Built for every SEBI Regulated Entity

SEBI CSCRF is mandatory for all regulated entities under SEBI’s jurisdiction. Our engine is tailored to each entity type.

Market Infrastructure Institutions

Stock Exchanges (BSE, NSE), Clearing Corporations, Depositories. Highest compliance tier — third-party CCI assessment twice a year, red teaming mandatory.

Qualified Regulated Entities

Asset Management Companies, Mutual Funds, Stock Brokers, Portfolio Managers, Investment Advisors. Annual self-assessment with structured SEBI reporting.

Mid-Size & Small REs

AIFs, Credit Rating Agencies, Debenture Trustees, Custodians, Venture Capital Funds. Access to Market SOC (BSE/NSE) for monitoring support.

CSCRF Framework

5 Pillars. 40 Controls. One Platform.

Every control from the SEBI CSCRF August 2024 circular is pre-mapped in our engine — with mandatory vs advisory classification per RE type.

PILLAR 1
Governance
8 controls
Board-approved policy, CISO appointment, cyber risk framework, CCI assessment, third-party risk management.
PILLAR 2
Identify
8 controls
Critical system identification, asset inventory, risk assessment, data classification, SBOM, vendor risk.
PILLAR 3
Protect
10 controls
Access control, MFA, encryption, network segmentation, VAPT, patch management, API security, endpoint protection.
PILLAR 4
Detect & Respond
7 controls
24×7 SOC, SOC efficacy reporting, Incident Response Plan, mandatory SEBI incident reporting, CCMP.
PILLAR 5
Recover & Evolve
7 controls
Disaster Recovery Plan, backup testing, red teaming, SEBI compliance reporting, annual cybersecurity audit.
Why Cognisec

The only engine built exclusively for SEBI CSCRF

SEBI-Native

Every pillar, control, and compliance format is built directly from SEBI’s August 2024 CSCRF circular — not a generic framework adapter.

3-Role Workflow

Strict separation of duties — CISO approves, Compliance Manager submits evidence, Auditor reviews. Mirrors SEBI’s own governance model.

CCI Built-In

Cyber Capability Index scoring across all 23 parameters is natively embedded. Track your score, identify gaps, and generate SEBI-ready CCI reports.

SEBI compliance deadline has passed. Are you ready?

Non-compliance attracts penalties up to ₹250 crore. Get compliant today with India’s most complete SEBI CSCRF platform.

Get a Free Compliance Assessment