Advanced Executive Program in Cyber Security, Audit & Compliance

The latest version of this course is available at:
http://www.asianlaws.org/career_track.php

The recent changes to the Indian cyber law framework have brought in the need for Information Technology Act Compliance Audits. To equip our students to handle such compliance audits we have created the the Advanced Executive Program in Cyber Security, Audit & Compliance program.

Importance of Cyber Security, Audit & Compliance

The recent new rules enacted under the Information Technology Act have created stringent liabilities for almost all industry sectors.

Section 43A of the Information Technology Act has defined reasonable security practices and procedures to be followed by those possessing, dealing or handling sensitive personal data or information.

Negligence in implementing and maintaining reasonable security practices and procedures may make a person liable to pay damages. It is interesting to note that the Act originally capped compensation claims at Rs 1 crore under section 43. This cap has now been removed. Compensation claims upto Rs 5 crore are now handled by Adjudicating Officers while claims above Rs 5 crore are handled by the relevant courts.

Section 72A provides imprisonment upto 3 years and fine upto Rs 5 lakh for disclosure of personal information in breach of a lawful contract.

IT Act compliance is essential for almost all sectors of the economy including the healthcare sector, finance sector, education institutions, Outsourcing secor, Hotel industry, eCommerce companies, retail industry etc.

 

About the program

This course is offered by Asian School of Cyber Laws (ASCL) in association with Data64 Techno Solutions Pvt Ltd (incubated by Science and Technology Park, a STEP promoted by Department of Science & Technology, Government of India).

On successful completion of the program, you will be empaneled as an IT Act Compliance Auditor with Data64.

On admission, you will receive:
- Courseware & reference material in printed form.
- Courseware & reference material in electronic form.
- 1 year access to the Data64 Digital Learning Platform.
- Membership to the Asian Professionals Network (Asian ProfNet)

On course completion, you will receive:
- CSAC Competency Card.
- DEA Competency Card.
- ITACA Competency Card.
- Customized visiting cards.
- Limited license to use ASCL and Data64 logos.
- Membership to Cyber Security, Audit & Compliance Group

On completion, you will get 6 certifications from ASCL & Data64:
1. Program in Information Security Essentials
2. Program in Advanced Cyber Security Concepts
3. Certified Digital Evidence Analyst
4. PG Program in Cyber Law
5. Certified IT Act Compliance Auditor
6. AEP in Cyber Security, Audit & Compliance

Note: This course is no longer available.
This page is maintained only for archival purposes.

New Indian law creates HUGE infosec audit opportunities

A new Indian law promises to create HUGE opportunities for Information Security professionals.

On 11 April 2011, the Central Government in exercise of the powers conferred by clause (ob) of subsection (2) of section 87 read with section 43A of the Information Technology Act, 2000 (21 of 2000) has defined reasonable security practices and procedures to be followed by those possessing, dealing or handling sensitive personal data or information.

Under this new law, "sensitive personal data or information of a person" means such personal information which consists of information relating to:―
(i) password;
(ii) financial information such as Bank account or credit card or debit card or other payment instrument details ;
(iii) physical, physiological and mental health condition;
(iv) sexual orientation;
(v) medical records and history;
(vi) Biometric information;
(vii) any detail relating to the above clauses as provided to body corporate for providing service; and
(viii) any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise.

Negligence in implementing and maintaining reasonable security practices and procedures may make a person liable to pay damages. It is interesting to note that the Information Technology Act originally capped compensation claims at Rs 1 crore under section 43. This cap has now been removed. Compensation claims upto Rs 5 crore are now handled by Adjudicating Officers while claims above Rs 5 crore are handled by the relevant courts.

Section 72A provides imprisonment upto 3 years and fine upto Rs 5 lakh for disclosure of personal information in breach of a lawful contract.

Any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law will not be regarded as sensitive personal data or information for the purposes of his law.

It is interesting to note that the term "body corporate" means any company and includes a firm, sole proprietorship or other association of individuals engaged in commercial or professional activities.

Opportunity for infosec professionals

This law would make section 43A audits mandatory for almost all sectors of the economy including:

  1. Medical sector - doctors, hospitals, pathological labs, scan centers etc. It would also apply to pharmaceutical companies carrying out medical research and tests.
  2. Banks, insurance companies and other financial institutions
  3. Education institutions
  4. BPOs, call centers, LPOs
  5. Chartered Accountants
  6. Hotels
  7. eCommerce companies
  8. Retails outlets accepting credit card payments

Cyber Entrepreneurship Scheme (Vision 2020)

Asian School of Cyber Laws is proud to announce the launch of the Cyber Entrepreneurship Scheme, (Vision 2020).

This scheme aims to create a new class of cyber entrepreneurs, who can utilize the immense possibilities offered by the World Wide Web to become free from the need for employment. Instead, this new class can create employment for others. In today's highly networked world, a cyber entrepreneur does not need to invest his money, he only needs to invest his intellect and explore his connections.

To explain the scheme in detail, we are organizing seminars for a select audience.
The first seminar is scheduled for Mumbai on Saturday 21 May, 2011 (3pm to 5pm)

Entry is free but by invitation only.