“It has been decided to extend the timeline for submission of comments to November 28, 2022,” Sebi said in a report.
In early November, the regulator proposed a cloud framework for its regulated entities, highlighting key risks and control measures that need to consider before adopting cloud-based solutions.
The proposed framework outlines the regulatory and legal expectations from Sebi-regulated entities (REs) if they adopt cloud computing solutions.
“In recent times, the dependence on cloud solutions for delivering information technology (IT) services is increasing.
“While cloud solutions offer multiple advantages — ready to scale, ease of deployment, no overhead of maintaining physical infrastructure among others — an RE should also be aware of the new cyber security risks and challenges which cloud solutions introduce,” the regulator said in its consultation paper.
Accordingly, a cloud framework has been drafted to address the risks effectively and ensure legal and regulatory compliance.
Under the proposal, Sebi said there are no limitations on using any cloud deployment model. An RE may adopt cloud computing depending on their business and technology risk assessment.