Skip to main content
Please wait...

DSCI DPF Consulting Services & Training

With accelerated advancement in the tech world, there is also an unconscious evolution to cyber-crimes. Continuous development of new attacks and techniques that not only allows attackers to infiltrate adequately-controlled environments but also cause damage yet still remain untraceable.

India has seen a 37% increase in cyberattacks in the first quarter (Q1) of 2020, as compared to the fourth quarter (Q4) of last year. (Source) As a business and being a victim of cyber-crime, you not only lose business; you lose REPUTATION and most importantly you lose your customer’s TRUST.

Content Source for information stated below on DSCI, DPF© and DAF-P© is


Data Security Council of India (DSCI)

Data Security Council of India (DSCI), is a not-for-profit, industry body on data protection in India, set up by NASSCOM®, committed to making cyberspace safe, secure, and trusted by establishing best practices, standards, and initiatives in cybersecurity and privacy.


DSCI Privacy Framework (DPF©)

To protect the privacy of personal information from unauthorized use, disclosure, modification, or misuse, DSCI has conceptualized its approach towards privacy in the DSCI Privacy Framework (DPF©) which is based on the global privacy best practices and frameworks.

The Framework includes the best privacy practices in the following 9 areas:

1. Visibility over Personal Information (VPI)
2. Privacy Organization and Relationship (POR)
3. Privacy Policy and Processes (PPP)
4. Regulatory Compliance Intelligence (RCI)
5. Privacy Contract Management (PCM)
6. Privacy Monitoring and Incident Management (MIM)
7. Information Usage and Access (IUA)
8. Privacy Awareness and Training (PAT)
9. Personal Information Security (PIS)


DSCI Assessment Framework-Privacy (DAF-P©)

  • The DSCI Assessment Framework-Privacy (DAF-P©) was published in 2012.
  • The aim is to help organizations provide assurance to external stakeholders on the implementation of a privacy program based on DPF©.
  • It consists of two parts, each focusing on distinct aspects of privacy implementation.

Part 1 - Assessment of Organizational Competence in Privacy

  • The assessment questionnaire is based on the practices defined in DPF©
  • Contains suggestive guidance parameters for assessors when conducting assessments
  • Mode of Assessment – Self or External

Part 2 - Privacy Principles based Assessment

  • Helps organizations assess and improve maturity in the implementation of global privacy principles
  • Includes organizational processes that deal with personal information
  • Helps companies optimize their implementation efforts


Why choose Riskpro?

  • Riskpro has a very efficient team when it comes to privacy compliance. A well-suited team comprising of DSCI Certified Privacy Lead Assessors (DCPLA), Internal Auditors, ISO Lead Auditors and Privacy Compliance Advisors can collaborate with your organization to ensure Privacy Requirements are met from implementation to legal compliance assessments.
  • We follow a risk-based approach, which is not only exhaustive but also helps you to create a protective ambiance around your data systems.
  • We can tailor obligations as per your industry and company’s requirements.


Our Services Include:

  1. Gap Assessment- We can help conduct a Gap Assessment in relation the DPF and DAF-P Framework requirements and suggest remediation plans for compliance
  2. Self-Assessment Guidance- We can help companies complete the self-assessment questionnaire to assess their compliance against the privacy principles prescribed under section 43A of the IT (Amendment) Act, 2008 for companies based in India
  3. 9 Practice Areas Implementation- We can provide guidance with regards to the implementation of the 9 Practice Areas defined by the DSCI
  4. DSCI Privacy Framework Awareness Training- Riskpro can also conduct an online or classroom-based DSCI Privacy Framework Awareness Training to relevant staff to provide an overview of the Privacy Principles and Assessment Framework

For more details, email