ISACA has released a guide to help Indian enterprises secure sensitive data and comply with India's IT Act. Titled Securing Sensitive Personal Data or Information Under India’s IT Act Using COBIT 5, the book will educate business and IT leaders and other key stakeholders on the importance of securing sensitive personal data or information (SPDI) as required by India’s Information Technology Amendment Act, 2008.
The book provides a structured approach to comply with the Indian IT Act by using the COBIT 5 framework, the only business framework for the governance and management of enterprise information technology. It helps business leaders understand how to secure SPDI from risk mitigation, operational and implementation perspectives.
Avinash Kadam, CISA, CISM, CGEIT, CRISC, advisor to ISACA’s India Task Force, said, “In today’s world, SPDI is used in every aspect of a business. It is used by very small organisations as well as very large enterprises. Securing SPDI cannot be done in isolation, the entire enterprise needs to be involved. The approach should be holistic as well as customisable to suit the size and nature of the business of the organisation, and COBIT 5 helps enable that.”
The Indian IT Act has a specific category, ”sensitive personal data or information,” which consists of password, financial information (including bank account, credit card, debit card or other payment details), physical, physiological and mental health conditions, sexual orientation, medical records, and biometric information. This category in the Indian IT Act legally obligates all stakeholders to adhere to its requirements.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.