- Adequacy of Security policies and implementation
- Existence of adequate physical security
- Evaluation of Functionalities in Technology as it supports CA operations
- CA's services administration processes and procedures
- Compliance to relevant CPS as approved and provided by the Controller
- Adequacy of contracts/agreements for all outsourced CA operations
- Adherence to Information Technology ACT, 2000, the rules and regulations thereunder, and guidelines issued by the Controller from time-to-time.