ISNP stands for Insurance Self Network Platform, meant to be an electronic platform set up by any applicant with the permission of the authority.
The Insurance Regulatory and Development Authority of India (IRDA) had issued guidelines for insurance e-commerce to standardize rules for conducting insurance e-commerce activities. As per the new guidelines, any Insurance Agency that is looking to setup an Electronic Platform, they must comply with the following requirements as defined by the guidelines IRDA/ INT/ GDU ECM/ 055/03/2017
The guidelines were put forth to standardize the ecommerce rules of the online insurance business. As per the regulations, anyone willing to sell insurance online is required to set-up an ISNP and follow all the regulations specified for it by IRDA with a view to conducting insurance e-commerce activity. ISNP can be set up in any of the following forms:
Insurance Companies, Aggregators and intermediaries must be in compliance with Insurance Self Service Network Platform ISNP guidelines as per IRDA of India. The key objectives of having an ISPN audit is as follows:
As a CERT-IN empaneled body, QRC is authorized to help you understand, manage and comply with IRDA’s Cyber Security requirements as published in the IRDA’s Guidelines on Insurance E-Commerce on a periodic basis.
The ISNP Audit is conducted as an in-depth technical assessment, including the audit of the information security process and applicability of cyber security controls. It should include checking all norms of technical requirements as per IRDA and through evidence gathering.
Our approach for assessment is as follows:
Information Gathering & Documentation Review
QRC will share a detailed questionnaire, along with other documentation, to aid in the scope definition, planning and preparation of the audit and objectives. Evidence is collected on the architecture, implementation and controls to understand data flow in your organization.
Post scope definition as per the IRDA guidelines, and initial engagement, we will conduct an initial audit for understanding the infra of the organization and help our clients in identifying evidence for all the audit points. The assessment aims at measuring, managing and controlling the IT related risks to enhance the reliability of processes and the critical system platforms, networks and physical components related to business processes.
As per the assessment, and the identification of the payment data, QRC will provide remediation support for complying with the IRDA guidelines.
Report & Confirmation Letter
Post assessment and remediation, we will review your evidence on the closure of the Action phase as identified during the audit. On successful closure, we will share the certificate and exclusive report stating successful checking of all norms of requirements as per IRDA.
QRC significantly reduces efforts for organization in complying with the IRDA Insurance Self-Networking Platform Audit by helping them with a well-documented approach. The methodology helps in: