Compliance

Aligned with the standards your regulator is already reading.

QUANTRA is not a certification. It is an operating system for audits that map cleanly to the frameworks Indian regulators enforce. Reports are packaged in the language your examiner expects.

NIST PQC

FIPS 203 · 204 · 205 · SP 800-131A

Scoring tables track ML-KEM (Kyber), ML-DSA (Dilithium), SLH-DSA (SPHINCS+) and the SP 800-131A deprecation schedule for RSA-2048 and ECC.

Algorithm identification tags flagged as PQC / hybrid / classical
Deprecation calendar with per-algorithm sunset dates
RSA key-size sub-scoring aligned with SP 800-131A

RBI Cyber Security Framework

Master Direction on Cyber Resilience & DPSS

Report templates align with the RBI CSF domains most relevant to cryptographic estate: identify, protect, detect and respond.

Cryptographic inventory as a first-class control
Certificate lifecycle monitoring for detect
Audit-ready delivery packaging for protect / respond

SEBI CSCRF

Cybersecurity & Cyber Resilience Framework, 2024

QUANTRA reports map to the CSCRF control taxonomy for MIIs and regulated entities including RTAs, depositories and stockbrokers.

Crypto-inventory control coverage
Third-party integration surface mapping
Continuous monitoring for CSCRF's detect function

IRDAI Cyber Guidance

Information & Cyber Security Guidelines

Sector adaptations for insurers cover policy signing, e-KYC, BBPS and reinsurance data exchange surfaces.

Signing certificate inventory
Third-party integration disclosure
Regulator-grade delivery format

CERT-In & DoT

CERT-In directions · DoT PQC advisories

QUANTRA operates within CERT-In's incident and log-retention framework and reflects DoT's PQC guidance for telecom operators.

180-day audit trail retention
Incident-facing report snapshots
Telecom-sector algorithm scoring adaptations

NCIIPC

Critical Information Infrastructure guidance

CII operators (power, telecom, transport) can produce NCIIPC-aligned crypto-risk views across IT and OT boundaries.

OT/IT boundary crypto surface
Long-lived key exposure audit
Sector-tuned scoring versions
Important

QUANTRA supports alignment with the frameworks above; it does not itself hold regulatory certifications and does not represent independent verification. Certifications remain the responsibility of the client organisation and its examiners.

Need a mapping for your regulator?

Ask BWE for a scoped compliance mapping document.

Talk to a partner