Do your part – Be Security Smart !

What Is Data Localization Audit?

  • Data Localization is the practice of storing data on any device that is physically present within the borders of the country where the data is generated. As of now, most of these data are stored, in a cloud, outside India.
  • Localization mandates that companies collecting critical data about consumers must store and process them within the borders of the country.
Data Localisation image

Advantages of Data Localization

Secures citizen’s data and provides data privacy and data sovereignty from foreign surveillance. Example - Facebook shared user data with Cambridge Analytica to influence voting.

Unfettered supervisory access to data will help Indian law enforcement ensure better monitoring.

Ensures National Security by providing ease of investigation to Indian Law Enforcement agencies as they currently need to rely on Mutual Legal Assistance Treaties (MLATs) to obtain access to data.

Minimises conflict of jurisdiction due to cross-border data sharing and delay in justice delivery in case of data breach.

It will give local governments and regulators the jurisdiction to call for the data when required.

Data centre industries are expected to benefit due to the data localization which will further create employment in India.

Greater accountability from firms like Google, Facebook, etc. about the end-use of data.


  • Maintaining multiple local data centres may lead to significant investments in infrastructure and higher costs for global companies.
  • Infrastructure in India for efficient data collection and management is lacking.
  • Splinternet or ‘fractured internet’ where the domino effect of protectionist policy can lead to other countries following suit.
  • Even if the data is stored in the country, the encryption keys may still remain out of the reach of national agencies.
  • Forced data localization can create inefficiencies for both businesses and consumers. It can also increase the cost and reduce the availability of data-dependent services.

Key Criteria for System Audit Report for Data Localization (SAR)

Based on the RBI & NPCI Guidelines, the following key criteria need to be covered as part of this audit.

  • Payment Data Elements
  • Transaction / Data Flow
  • Application Architecture
  • Network Diagram / Architecture
  • Data Storage
  • Transaction Processing
  • Activities subsequent to Payment Processing
  • Cross Border Transactions
  • Database Storage and Maintenance
  • Data Backup & Restoration
  • Data Security
  • Access Management

Contact us today to learn more about our products and services.

We are headquartered in Gurugram & Regional Offices in Mumbai, Delhi, Bangalore – India.

Contact Us