UIDAI eases hiring of Aadhaar auditor

The Unique Identification Authority of India (UIDAI) has allowed Aadhaar authentication ecosystem partners such as banks and telecom firms to appoint information security assessment agencies other than the single firm it had empanelled for this purpose.

In a statement, the UIDAI said the ecosystem partners may engage either the UIDAI-empanelled auditor or any information security auditor empanelled by the Indian Computer Emergency Response Team (CERT-IN). under the Ministry of Electronics and Information Technology.

“Unique Identification Authority of India (UIDAI) re-emphasised that Authentication Service Agencies (ASAs) and the requesting entities may engage UIDAI-empanelled auditor or any CERT-IN-empanelled information system auditor for the purpose of annual audit as per the requirement of Regulations 14(n) and 19(g) of Aadhaar (Authentication) Regulations, 2016,” the authority said in the statement.

“UIDAI reiterated that all requesting entities and ASAs shall ensure that their operations and systems are audited by information systems auditor certified by some recognised body on an annual basis be it a UIDAI-empanelled or any CERT-IN-empanelled information system auditor,” the statement said.

Sole agency

Last November, UIDAI had told banks and other authentication ecosystem partners that Deloitte Touche Tohmatsu had been empanelled as the sole Information Security Assessment Agency and asked banks to ‘enter [into] a contract’ with Deloitte.

In April this year , the Unique Identification Authority of India had issued a fresh communique on the appointment issue, dropping the word ‘sole.’

Our code of editorial values

This article is closed for comments.
Please Email the Editor

Printable version | Jun 12, 2021 3:04:12 PM |

Next Story