CERT-In Compliance SOP
CERT-In point of contact and cybersecurity incident reporting policy
SOPs
Step-by-step operational runbooks — incident response, backup & recovery, VAPT, patching, vulnerability management, CERT-In reporting.
SOPs
Standard Operating Procedures — concrete, sequential steps that teams follow when executing work. Each SOP is owned by the team responsible for the process and is reviewed when the process changes.
SOPs sit below Standards in the documentation hierarchy: Standards describe what good looks like; SOPs describe the exact steps to achieve it.
Catalogue
| SOP | Purpose |
|---|---|
| Backup & Recovery SOP (SOP-001) | Backup cadence, restore drills, evidence capture |
| CERT-In Compliance SOP (SOP-002) | 6-hour incident reporting, cyber-audit artefacts |
| Incident Management SOP (SOP-003) | Operational incident detection, triage, resolution |
| Incident Response SOP (SOP-004) | Security-incident response playbook |
| Patch Management SOP (SOP-005) | OS, container, application patching cadence |
| SIEM Operations SOP (SOP-006) | Wazuh, custom-ai triage, threat-intel sync |
| VAPT Execution SOP (SOP-007) | Penetration test scheduling and execution |
| VAPT Remediation Tracking SOP (SOP-008) | Finding triage, SLA tracking, closure evidence |
| Vulnerability Management SOP (SOP-009) | Scanning, prioritisation, remediation workflow |
| Vendor Onboarding & Offboarding SOP (SOP-010) | Intake, checklist send, scoring, access, offboarding |
| Security Training Operations SOP (SOP-011) | T1 programme delivery, Classroom + Forms + Gophish |
Incident Management SOP
Incident detection, response procedures, and resolution tracking for operational incidents
SIEM Operations SOP
Day-to-day operation of Wealthy’s SIEM (Wazuh) — dashboard reviews, alert response, rule tuning, playbooks, and Annexure-N metrics.
Backup & Recovery Procedure (SOP)
Standard operating procedures for backup management and data recovery processes
Vulnerability Management SOP
Our process for scanning, classifying, remediating, and tracking security vulnerabilities.
Incident Response SOP
Standard operating procedure for detecting, responding to, and recovering from security incidents.
Patch Management SOP
Our process for applying, testing, and tracking patches across applications and infrastructure.
VAPT Execution SOP
Standard Operating Procedure for Vulnerability Assessment and Penetration Testing
VAPT Remediation Tracking SOP
Process for tracking and remediating VAPT findings
Vendor Onboarding & Offboarding SOP
Step-by-step procedure to onboard a new vendor, run the periodic reassessment, and cleanly offboard when the engagement ends.
Security Training Operations SOP
Operational runbook for delivering the Security Training Programme (T1), phishing simulations (T2), and new-joiner onboarding — using the in-house Google Workspace + Gophish stack.