Nasscom to set up regulatory body  

NEW DELHI: In a bid to strengthen India as a secure

outsourcing destination, National Association of Software and Services Companies

(Nasscom)

is setting up an independent self-regulating organization (SRO) to monitor

the industry.






This step comes close on the heels of setting up of National
Skills Registry
by the association to strengthen data security and privacy

in the Indian call center and BPO industries.






SRO will propose a basic set of security and privacy standards, to which
companies can choose to adhere. It would also establish, monitor, and enforce

privacy and data protection standards for India's ITES-BPO Industry.






SRO would have an independent CEO and board. It would create a code of ethics
(and adherence to security standards, self-certified audits, and third-party

audits), create capacity by training key officials in member companies,

investigate and adjudicate breaches and expel members who fail to correct

behavioral lapses.






A legal framework would back all this up and in case of breach, and all else
fails, the SRO can trigger this off.






Not limited to IT-enabled service industry, SRO will set principles that would
apply to all formal industries. The SRO roll out is expected to be completed in

the next few months. According to media reports, Nasscom will fund SRO for one

year.

Nasscom has budgeted $300,000 for the purpose. After the first year, the SRO

is expected to finance itself from membership, training, and audit fees.