Choose another country or region to see content specific to your location

Role of Company Secretaries in Data Protection & Forensic Audit

March 06, 2023

Cybersecurity refers to the protection of internet-connected systems, including hardware, software, and sensitive data, from theft, damage, or disruption caused by unauthorized access, cyberattacks, and other malicious activities. Th Cybersecurity aims to ensure the confidentiality, integrity, and availability of information and systems, and to prevent unauthorized access to sensitive information.

In terms of cyber security and data protection, a company secretary’s job is to make sure that the entity is abiding by all applicable laws and rules and that appropriate safeguards are in place to secure sensitive data and systems. In this regard, a company secretary may be charged with a variety of specific duties, such as:

  • Advising the organization on data protection legislation and best practices.
  • Developing and implementing data protection policies and procedures.
  • Training and educating employees.
  • Monitoring compliance.
  • Responding to data protection inquiries

The Ministry of Electronics and Information Technology (MeitY) in India is in responsibility for developing and placing into effect the nation’s cybersecurity policies and plans. The Indian Computer Emergency Response Team (CERT-In) is the national nodal organisation in charge of handling cybersecurity issues and providing response. A number of laws and rules are in place to protect against cyber attacks and ensure the security of sensitive data.


The following are some of India’s most important cyber security legislation and regulations:

  • Information Technology (IT) Act, 2000
  • The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • The Payment and Settlement Systems Act, 2007
  • The Reserve Bank of India (RBI) Guidelines on Cyber Security for Banks
  • The Personal Data Protection Bill, 2019

A company secretary with a good understanding of cyber security and data protection laws and regulations, as well as an understanding of the organization’s operations and information systems, can play a critical role in protecting the organization from cyber threats and ensuring compliance with relevant laws and regulations.


Company Secretaries role in forensic audit

Forensic auditing refers to the  process of examination of  both financial and non-financial data to find indications of fraud, corruption, or other illegal activity with the aim of establishing the facts and presenting evidence that can be used in court in legal proceedings.

In India, forensic audit is regulated by various laws and regulations, including the Companies Act, 2013, the Income Tax Act, 1961, and the RBI regulations, among others.

For example, the Companies Act, 2013 requires companies to appoint auditors to audit their financial statements, and it provides for the appointment of a special auditor or a forensic auditor in specific circumstances, such as in cases of fraud or mismanagement.

In addition, the RBI regulations require banks to conduct regular audits, including internal audits and concurrent audits, to ensure the security of customer information and the integrity of banking transactions. The RBI regulations also provide for the appointment of forensic auditors in cases of suspected fraud or other irregularities.


Company secretaries play an important role in forensic audits, particularly in terms of:

  • Ensuring the compliance of companies with relevant laws and regulations
  • Advising on corporate governance, risk management, and legal compliance
  • Assisting companies prevent and detect fraud and other illegal activities
  • Assisting in the planning and scoping of the audit
  • Reviewing internal controls and procedures
  • Providing expert advice on legal and regulatory compliance
  • Supporting the investigation process
  • Communicating the findings of the audit

Company secretaries major responsibility in forensic audits is to provide crucial assistance and knowledge to ensure the process integrity and to assist businesses in adhering to applicable rules and regulations. For businesses aiming to avoid and identify fraud and other criminal actions, as well as to keep the confidence of their stakeholders, company secretaries are an invaluable resource.


Written by,

Seema Patel

Get in Touch

Visit Us At

Quant LegalTech India Pvt. Ltd
8th Floor, SN Towers, 25/2, MG Road, Bangalore - 01, Karnataka

Quant LegalTech Pte. Ltd
1 North Bridge Road, #08-08 High Street Centre Singapore 179094

© 2024 . All rights reserved.