FAQs; Dated: 11.06.2025
The Securities and Exchange Board of India (SEBI) has released a comprehensive set of Frequently Asked Questions (FAQs) to assist Regulated Entities (REs) in understanding and implementing the following frameworks:
- Cybersecurity and Cyber Resilience Framework (CSCRF) for REs
- Framework for Adoption of Cloud Services by REs
1. Purpose of the FAQs
The primary objective of these FAQs is to offer greater clarity on key concepts and operational aspects covered under the above frameworks. SEBI recognises the importance of a robust cybersecurity posture and responsible cloud adoption, and these FAQs are aimed at:
- Addressing common queries raised by REs
- Supporting effective and consistent implementation
- Promoting industry-wide compliance and readiness
2. Nature of the Clarifications
While the FAQs serve as helpful guidance, SEBI has clarified that:
- The responses do not constitute official interpretation of the frameworks.
- The clarifications are not binding decisions and should not be treated as regulatory directions.
- The onus remains on each Regulated Entity to ensure compliance with the core principles and requirements of the frameworks.
3. Implications for Regulated Entities
REs are encouraged to use the FAQs as a reference tool to better understand their obligations and prepare their systems accordingly. However, for formal decisions or interpretations, they should rely on the original text of the framework or consult SEBI directly where needed.
Click Here To Read The Full Updates
The post SEBI Issues FAQs on Cybersecurity & Cloud Frameworks for REs appeared first on Taxmann Blog.