Reminder for submission of Cyber Security and Cyber Resilience Audit report for the period ended September 30, 2025

Description

BSE reminds members to submit their Cyber Security and Cyber Resilience Audit reports for the half-yearly period ended September 30, 2025, through the BEFS portal with detailed auditor submission procedures.

Summary

BSE has issued a reminder to all trading members regarding the mandatory submission of Cyber Security and Cyber Resilience Audit reports for the half-yearly period ended September 30, 2025. The circular provides a detailed auditor user manual with step-by-step instructions for submitting the audit report through the BSE Electronic Filing System (BEFS) portal.

Key Points

Cyber Security and Cyber Resilience Audit report submission mandatory for period ended September 30, 2025
Members must create auditor login credentials through BEFS portal
Auditors receive login credentials on registered email ID provided by member
Submission requires Microsoft Excel 2007 or above
CSAR (Cyber Security Audit Report) Excel template must be downloaded and completed
Auditor undertaking must be uploaded on auditor’s letterhead with proper signature and stamp
File nomenclature requirement: CLG.No_HALFYEARLY_UND_SEP2025.PDF
Macros must be enabled in Excel template for proper functionality
Template includes General Information and CSAR sheets that require validation
Both sheets must be validated before final submission

Regulatory Changes

No new regulatory changes introduced. This is a reminder circular for existing cyber security audit compliance requirements under BSE regulations.

Compliance Requirements

For Members:

Create auditor login ID for the applicable submission period (September 30, 2025)
Provide auditor’s email ID for receiving BEFS login credentials

For Auditors:

Login to BEFS portal at http://befs.bseindia.com/
Change default password upon first login
Complete Auditor Confirmation section
Select appropriate Audit Period from dropdown
Download and print auditor details form
Sign and stamp undertaking on auditor’s letterhead (or digitally sign)
Upload scanned undertaking in PDF format with proper nomenclature
Download CSAR Excel Template and unblock file in properties
Enable macros/content in Excel template
Complete General Information sheet selecting ‘Auditor’ option
Validate General Information sheet
Complete CSAR sheet with all required details
Validate CSAR sheet
Validate all sheets using Home button
Upload completed CSAR Excel Sheet and related documents through BEFS portal
Submit final report

Important Dates

Audit Period: Half-yearly period ended September 30, 2025
Submission Due Date: Not explicitly mentioned but this is a reminder, indicating deadline is approaching

Impact Assessment

Compliance Impact: High - This is a mandatory regulatory submission for all BSE trading members. Failure to submit the cyber security audit report may result in regulatory penalties or restrictions on trading activities.

Operational Impact: Medium - Members and their appointed auditors must allocate resources to complete the detailed audit report and submission process through BEFS portal.

Technical Requirements: Members and auditors must ensure they have appropriate technical infrastructure including Microsoft Excel 2007 or above, ability to enable macros, and access to BEFS portal.

Risk Management: The cyber security audit requirement is critical for maintaining exchange integrity and protecting against cyber threats in securities trading operations.

Impact Justification

Mandatory cyber security audit submission for all BSE members with regulatory compliance implications. Non-submission may result in regulatory action.

Category	Compliance
Circular ID	`beddb831c8bee1bb`
Impact	High
Severity	High
Tags	cyber-security audit compliance befs member-obligations audit-report regulatory-compliance cyber-resilience
Source	BSE
Links	PDF Document ↗ Original Source ↗ Permalink