What is a eSign ASP- Aadhaar?

Aadhaar eSign is an online electronic signature service in India to facilitate an Aadhaar holder to digitally sign a document. The signature service is facilitated by authenticating the Aadhar holder via the Aadhar-based e-KYC service. An application service provider is any vendor that provides software that will contain data but is managed and operated in the vendor’s data centre and is not controlled or secured by Information Technology. An eSign ASP is a service provider for facilitating electronic signature service in India.

Applicability

Applicable to all application service providers who provide for eSign Aadhaar services. To ensure the electronic signature is authentic, valid and in accordance with the law application service providers must adhere to strict security practices.

Objective

  • To ensure appropriate information security is maintained and that the communication between ASP and ESP (E-sign Service provider) is secured.
  • To ensure the ASPs follow standards such as ISO 27001 and comply with existing laws such as IT Act 2000 and rules to maintain Information Security.

Approach

Our approach has been covered in a 4-phases. These include: 

Phase 1: Audit Planning
Planning and preparation of the audit scope and objectives. 

Phase 2: Risk Assessment and Business Process Analysis
Assessment, measuring, managing, and controlling IT-related risks, thus enhancing the reliability of processes and the entire information system. 

Phase 3: Audit Performance (Compliance and System Review) 
Assessment of controls over critical system platforms, network and physical components, IT infrastructure supporting relevant business processes.

Phase 4: Reporting
Report audit findings, conclusions, and recommendations of the audit in terms of conformance, non-conformance, and opportunities to improve. 

    Why CyberSRC®?

    Established in January 2018, CyberSRC® Consultancy offers the full machination of cyber security services ranging from threat intelligence, VMS to general advisory services in areas pertaining to Cyber security such as vulnerability attacks, compliance, and cyber security regulations, and laws. We are into system audits such as ISNP Audits, NBFC Audits, UCB Audits, PPI Audits, and SEBI Audits. We provide our solutions with better accountability. We are a certified assurance firm. We are an ISO 27001 certified organization, backed by a very diverse and dynamic team which have a combined experience.