SEBI has steadily raised the bar on digital accountability across financial services. With increasing exposure to cloud platforms, third-party vendors, and investor data risks, Category I and II AIF managers now face the same cybersecurity scrutiny as larger institutions.
That is why SEBI has extended the Cybersecurity and Cyber Resilience Framework (CSCRF) to cover all AIFs. Starting August 31, 2025, fund managers must meet a defined set of requirements based on their AUM size. These range from VAPT testing and SOC integration to audit documentation and board-reviewed policies.
To help operational leaders prepare, AIF Services has published a comprehensive and practical guide.
This e-book is free to download and built for fund managers, COOs, compliance heads, and teams responsible for digital infrastructure and governance. It breaks down CSCRF into simple checklists, timelines, and implementation tracks—tailored to your classification as a Self-Certified, Small-Size, or Mid-Size RE.
Here’s what you’ll find inside:
How to classify your fund under CSCRF and determine scope
Required steps for VAPT, SOC onboarding, and cybersecurity audits
Templates for system classification, vendor evaluation, and board documentation
Common gaps flagged in SEBI inspections and how to avoid them
FAQs, documentation trackers, and a decision guide for internal vs outsourced implementation
Whether you run a focused venture capital fund or a multi-scheme AIF platform, this guide will help you become audit-ready and build long-term cyber resilience.
Download the guide now and begin your compliance journey with clarity and confidence.
]