CERT-In’s new cyber security audit guidelines help schools safeguard data. Learn how these standards impact CBSE/NCERT institutions.
The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology, has released the Comprehensive Cyber Security Audit Policy Guidelines (Version 1.0, July 2025). These guidelines provide a structured framework for schools, colleges, and educational institutions to enhance their cyber security posture, ensuring the safety of student data and digital infrastructure.
With the increasing reliance on digital platforms for learning and administration, educational institutions are prime targets for cyber threats. The guidelines emphasize:
Annual audits of IT systems, including networks, applications, and cloud infrastructure.
Secure development practices for apps and software used in schools (e.g., learning management systems).
Compliance with CBSE/NCERT IT policies and alignment with national cyber security standards.
Mandatory Audits: Schools must conduct yearly cyber security audits covering IT infrastructure, apps, and databases.
Student Data Protection: Strict protocols for handling sensitive student information and preventing breaches.
Third-Party Risk Management: Vendors providing ed-tech tools must comply with security standards.
Incident Reporting: Immediate reporting of cyber incidents to CERT-In.
Review IT policies against CERT-In’s guidelines.
Train staff on cyber hygiene and secure data practices.
Collaborate with empaneled auditors for compliance.
Read the full guidelines here: CERT-In Cyber Security Audit Policy
NCERT and IIT Madras Partner for EdTech: A Game Changer for Indian School Education
NCERT Launches Diploma Course in Guidance and Counselling for 2026: Details and How to Apply
NCERT Extends Massive Clearance Sale: Get Obsolete Textbooks at 70% Discount
NCERT signs MoU with CWC for nationwide textbook distribution under NEP 2020