Qadit Systems and Solution(Qadit) has been empanelled with CERT-In as a qualified IT Security Auditing organisation upto April 30, 2012. We have also been empanelled by the Controller of Certifying Authorities (CCA) as an auditor under the Information Technology Act, 2000 for conducting the technical and physical infrastructure audits of the Certifying Authorities. This empanelment is valid upto September 23, 2011.
The Indian Computer Emergency Response Team (CERT-In) is a national initiative to tackle emerging challenges in the area of information security and country level security risks and vulnerabilities. The CERT-In operates under the auspices of, and with authority delegated by, the Department of Information Technology, Ministry of Communications & Information Technology, Government of India.The mission of CERT-In is to enhance the security of India’s communications and information infrastructure through proactive action and effective collaboration.
The CERT-In has created a panel of ‘IT Security Auditors’ for auditing, including vulnerability assessment and penetration testing of computer systems & networks of various organizations of the Government, critical infrastructure organizations and those in other sectors of Indian economy.
As part of its efforts to create a panel of qualified IT Security Auditing organisations, CERT-In had adopted a stringent evaluation process with a prime motive to verify and assess the technical skills and capabilities of the participating organizations to be able to perform information security audits from a people, process and technology perspective.
The Technical Evaluation Committee (TEC) had conducted an Online Practical Skills Test by asking participating companies to conduct a Vulnerability Assessment & Penetration Test on a web server hosted by CERT-In. The participating organizations had to identify atleast 90% of the vulnerabilities present to be successful in the test.
Qadit Systems was first empanelled by CERT-In as a qualified Information Systems Auditor as early as April 2006. The list of empanelled auditors can be found at http://www.cert-in.org.in/panelofauditors.htm
The Controller of Certifying Authorities (CCA) is the governing body under the Department of Information Technology which is empowered to license and regulate the working of Certifying Authorities. The Certifying Authorities (CAs) issue digital signature certificates for electronic authentication of users. Currently there are eight CAs who have been licensed by the CCA to issue Digital Signature Certificates under the Information Technology Act 2000.
What the empanelment means for Qadit
Qadit ’s expertise and experience in the areas of Information Security audit has ensured its inclusion in this very select list of firms that are currently empanelled. These empanelments are an acknowledgment of Qadit System’s technical expertise in areas of Information Security. As Cert-In empanelled auditors we are now qualified to conduct audits, including vulnerability assessment and penetration testing, of computer systems & networks of various organizations of the Government, critical infrastructure organizations and those in other sectors of Indian economy.