Your auditor wants evidence. Not promises — documented, dated, signed-off evidence that your Linux servers are patched, access is controlled, logs are retained, and backups actually restore. The Compliance Retainer add-on delivers exactly that, every month.
₹7,500 / month. On top of any AV Services retainer tier.
Applicable to SEBI-regulated entities (stockbrokers, AMCs, depositories, portfolio managers, research analysts), businesses subject to the DPDP Act 2025, and organisations working toward ISO 27001 certification.
What the Add-on Delivers
- Monthly Compliance Report — patch status, access review, backup verification, log retention check. Auditor-ready format.
- Quarterly Privileged Access Review — documented sign-off on who has root/sudo access and why.
- Annual Incident Response Plan Review — updated, tested, formatted for SEBI/ISO submission.
- CIS Hardening Report — once per year, maps your servers to CIS Benchmark. Standard auditor ask.
- Named Auditor Liaison — Arun available for direct queries from your CERT-In empanelled auditor.
Frameworks This Supports
| Framework | Controls Covered | Who Must Comply |
|---|---|---|
| SEBI CSCRF | PR.MA, PR.AC, DE.AE, RS.RP, RC.RP, PR.IP | Stockbrokers, AMCs, depositories, portfolio managers, RAs |
| DPDP Act 2025 | Access controls, log retention, breach response, data processing records | Any entity processing personal data of Indian residents |
| ISO 27001 | A.12 Operations, A.9 Access Control, A.16 Incident Management, A.17 BCM | Manufacturing, healthcare, SaaS seeking certification |
Pricing
| Base retainer | Essential / Professional / Business Critical (existing tier) |
| Compliance Add-on | +₹7,500 / month |
| Minimum commitment | 3 months |
| GST | Applicable. SAC 998313. |
Not on Retainer Yet?
Start with a free 30-minute compliance gap audit. We identify your top 3 Linux-layer gaps against your applicable framework — SEBI CSCRF, DPDP Act, or ISO 27001 — at no cost, no obligation. Book the audit here.
↧ Download Compliance Retainer Overview (PDF)
Disclaimer: AV Services provides technical implementation support and documentation assistance. Formal compliance certification and legal sign-off require engagement of your own auditors and legal advisors.