GRC RADAR Articles
Expert analysis on Indian cybersecurity regulations, compliance frameworks, and practical guidance for SMEs navigating the evolving threat landscape.
DPDP Act 2023: Compliance Guide for SMEs
What the DPDP Act 2023 and final 2025 Rules mean for Indian SMEs — the phased timeline to 14 May 2027, data-principal rights, and a step-by-step rollout plan.
CERT-In 15 Baseline Security Controls
An implementation guide to CERT-In’s baseline cyber-defence controls for Indian MSMEs — publishing soon.
SEBI CSCRF: Implementation Guide
Who must comply with SEBI’s CSCRF, the five entity categories, key audit deadlines, and an implementation checklist for regulated entities.
RBI IT Governance Framework
How NBFCs and banks meet RBI’s IT Governance Master Direction — scope, CISO independence, incident reporting, and an implementation path.
Virtual CISO (vCISO): Buyer’s Playbook
When an Indian SME needs a virtual CISO, what a vCISO does, engagement models, INR pricing, and the contract red flags to watch for.
ISO 27001 Implementation Guide
A practitioner’s runbook for ISO 27001:2022 in India — the 93 controls, the climate amendment, certification cost and timeline, and how an SME gets certified.
DPDP Act 2023: Compliance Guide for SMEs
What the DPDP Act 2023 and final 2025 Rules mean for Indian SMEs — the phased timeline to 14 May 2027, data-principal rights, and a step-by-step rollout plan.