Meet ComplAIIntelligence: Your AI-powered teammate for risk & complianceLearn more
All framework guides

Help Center · Framework guide

CERT-In Cyber Security Directions

CERT-In · Government · India · v2022

CERT-InIndiaIncident ReportingGovernment

Overview

CERT-In directions require Indian organizations to follow incident reporting, log retention, time sync, and ICT security practices.

12 controls available in ComplAI for this framework.

Who it's for

  • Service providers and intermediaries in India
  • Body corporates under CERT-In directions
  • Security operations teams handling incident reporting

Why it matters

Directions are enforceable expectations for ICT security in India. ComplAI helps track reporting readiness, logging, and control evidence.

Incident reporting timelinesLog retention and NTP syncPoint of contact registrationICT security controls

How ComplAI helps

  • Activate CERT-In in the Framework Library to load its control catalog
  • Assign owners, track compliance status, and attach evidence per control
  • Use risk register and issues workflows when controls fail or deviate
  • Export readiness views for leadership and auditors

Sample controls

  • Dir. 1

    Incident reporting to CERT-In

    incident response
  • Dir. 2

    Designated Point of Contact

    governance
  • Dir. 3

    Log retention 180 days

    audit logging
  • Dir. 4

    NTP synchronization

    network security
  • Dir. 5

    Subscriber KYC for service providers

    data protection
  • Dir. 6

    ICT system information on request

    governance

Getting started

  1. Open Framework Library and activate CERT-In
  2. Review the control list and prioritize high-impact domains
  3. Attach policies, procedures, and technical evidence
  4. Mark controls audit-ready and monitor residual gaps