Platform Overview

Three Roles. One Platform.
Complete CSCRF Coverage.

Powered by the Cognisec Intelligent Engine — which continuously collects control evidence from every asset — and built around SEBI’s own governance model: CISO oversees, Compliance Manager submits, Auditor verifies. Full audit trail for every action.

Built around separation of duties

SEBI CSCRF mandates clear accountability. Our platform enforces it technically — no role can access another’s functions.

CISO Dashboard

Full platform oversight. Manage users, approve submissions, validate compliance across all pillars. View risk status and CCI scores. Add/modify CSCRF controls and pillars.

  • Validate & approve compliance submissions
  • Add/manage users (Compliance Managers & Auditors)
  • View full asset register & risk matrix
  • Manage CSCRF mandates & controls

Compliance Manager

Operational compliance function. Register assets, map controls, submit evidence per pillar, conduct risk assessments. Track submitted and rejected items.

  • Add & manage critical system assets
  • Submit & auto-collect control evidence
  • Conduct risk assessments across every CSCRF function
  • Track rejected & pending items

Auditor Panel

Read-only access to the complete compliance picture. Audit findings, gap analysis, submission crosscheck, risk overview, and artifact review.

  • Audit findings & reports
  • Gap analysis across the full framework
  • View all assets, artifacts & submissions
  • Audit trail for every action

Everything a SEBI RE needs to stay compliant

Cognisec Intelligent Engine — Per-Asset Automation

The heart of the platform. The engine connects to your environment and continuously collects CSCRF control evidence directly from each asset — servers, network devices, databases, appliances, gateways, firewalls and endpoints. Every finding is mapped to its CSCRF control automatically, signed and timestamped, so compliance reflects the live state of your systems rather than a manual declaration.

Cyber Capability Index (CCI)

Native CCI scoring across every SEBI-defined parameter. Track Governance, Identify, Protect, Detect, and Recover scores separately. Generate SEBI-ready CCI reports for submission.

Risk Assessment per Pillar

Assess risk for each asset across every CSCRF function independently. Risk levels: Negligible, Low, Significant, High, Critical — with an overall consolidated risk score per asset.

Evidence & Artifact Management

Upload policy documents, VAPT reports, audit certificates, configuration evidence and screenshots per control. Full artifact trail linked to assets and controls for SEBI audit readiness.

SOC Integration Tracking

Track SOC type (own, group, Market SOC, third-party), efficacy reporting schedule (6-monthly for MIIs/Qualified REs, annual for Small REs), and SOC KPI submissions to SEBI.