Section 10: Audit Trails and Verification.-(1) Transactions that meet exception criteria shall be completely and accurately highlighted and reviewed by personnel independent of those that initiate the transaction

Q: What does Section 10 of The Information Technology (Certifying Authorities) Rules, 2000 (TITCAR) deal with?

Section 10 TITCAR pertains to "Audit Trails and Verification.-(1) Transactions that meet exception criteria shall be completely and accurately highlighted and reviewed by personnel independent of those that initiate the transaction". It is part of the The Information Technology (Certifying Authorities) Rules, 2000, a legislation enacted by the Parliament of India. Section 10 of The Information Technology (Certifying Authorities) Rules, 2000 (TITCAR) governs audit Trails and Verification.-(1) Transactions that meet exception criteria shall be completely and accurately highlighted and reviewed by personnel independent of those that initiate the transaction. As verified on 19 May 2026.

Q: Is Section 10 TITCAR still in force?

Yes, Section 10 of the The Information Technology (Certifying Authorities) Rules, 2000 is currently in force across the Republic of India.

Q: What is धारा 10 TITCAR?

धारा 10 TITCAR is the Devanagari Hindi reference for Section 10 of the The Information Technology (Certifying Authorities) Rules, 2000. Section 10 of The Information Technology (Certifying Authorities) Rules, 2000 (TITCAR) governs audit Trails and Verification.-(1) Transactions that meet exception criteria shall be completely and accurately highlighted and reviewed by personnel independent of those that initiate the transaction. As verified on 19 May 2026.

Q: What is Dhara 10 TITCAR?

Dhara 10 TITCAR is the Roman Hindi reference for Section 10 of the The Information Technology (Certifying Authorities) Rules, 2000. "Dhara" means "Section" in Hindi. Section 10 of The Information Technology (Certifying Authorities) Rules, 2000 (TITCAR) governs audit Trails and Verification.-(1) Transactions that meet exception criteria shall be completely and accurately highlighted and reviewed by personnel independent of those that initiate the transaction. As verified on 19 May 2026.

Q: How to cite Section 10 of The Information Technology (Certifying Authorities) Rules, 2000?

Cite as: "Section 10, The Information Technology (Certifying Authorities) Rules, 2000 (TITCAR)" in legal briefs. For academic writing, use the BlueBook format: The Information Technology (Certifying Authorities) Rules, 2000, § 10 (India).

Law on Tips Editorial Board

(2)

Adequate audit trails shall be captured and certain information needed to determine sensitive events and pattern analysis that would indicate possible fraudulent use of the system (e.g., repeated unsuccessful logons, access attempts over a series of days) shall be analyzed. This information includes such information as who, what, when, where, and any special information such as :-

(i) Success or failure of the event.

(ii) Use of authentication keys, where applicable.

(3)

Automated or manual procedures shall be used to monitor and promptly report all significant security events, such as accesses, which are out-of-pattern relative to time, volume, frequency, type of information asset, and redundancy, Other areas of analysis include:

(i) Significant computer system events (e.g., configuration updates, system crashes).

(ii) Security profile changes.

(iii) Actions taken by computer operations, system administrators, system programmers, and/or security administrators.

(4)

The real time clock of the computer system shall be set accurately to ensure the accuracy of audit logs, which may be required for investigations or as evidence in legal or disciplinary cases.

(5)

The real time clock of the computer or communications device shall be set to Indian Standard Time (IST). Further there shall be a procedure that checks and corrects drift in the real time clock.

(6)

Computer system access records shall be kept fora minimum of two years, in either hard copy or electronic form. Records, which are of legal nature and necessary for any legal or regulation requirement or investigation of criminal behaviour, shall be retained as per laws of the land.

(7)

Computer records of applications transactions and significant events must be retained for a minimum period of two years or longer depending on specific record retention requirements.