India AI Regulatory Framework · Readiness Diagnostic
Is your organization India AI-ready?
40 questions across 8 domains. Scored against CERT-In, DPDP Act 2023, MeitY AI Nov 2025, RBI FREE-AI Aug 2025, NIST AI RMF 1.0, and ISO/IEC 42001:2023 — with sector-specific benchmarks in INR.
40
Questions
8
Domains
10
Frameworks
5 min
To Complete
SBA 8(a)
Sole Source Eligible
EDWOSB
Women-Owned SB
Azure
Solutions Architect
CyberAB
Registered Practitioner
ISO 27001
Aligned
CAGE 7DBB9
Active Contractor
Trusted by teams at: Microsoft · IBM · EY · PwC · McKesson · GE Power · bp · Eli Lilly · NTT Data · Hitachi
India Regulatory Landscape
Every question maps to a statute
No proprietary frameworks. Every gap finding cites the exact Indian regulation your organization must address.
Incident Response
CERT-In Directions 2022
6-hour breach reporting, 180-day log retention, NTP sync, empaneled auditor requirement. Applies to all organisations, intermediaries, and government bodies.
CERT-In Directions §3 • Audit Policy 2025
Data Protection
DPDP Act 2023 + Rules 2025
Consent management, Data Principal rights, breach notification to Data Protection Board. Penalties up to ₹250 crore. Rules notified Nov 2025.
DPDP Act §6, §8, §12–14, §25 • DPDP Rules 2025
AI Governance
MeitY AI Guidelines Nov 2025
Seven sutras: Trust, People First, Fairness & Equity, Accountability, Understandable by Design, Safety & Resilience, Innovation over Restraint.
MeitY AI Governance Guidelines • IndiaAI Mission
Financial Sector AI
RBI FREE-AI Aug 2025
26 recommendations across 6 pillars: Infrastructure, Policy, Capacity, Governance, Protection, Assurance. Mandatory for banks, NBFCs, and RBI-regulated entities.
RBI FREE-AI Committee Report • Aug 2025
Critical Infrastructure
NCIIPC Guidelines
Protection of Critical Information Infrastructure. Power, telecom, banking, transport, government, and strategic sectors. Mandatory reporting to NCIIPC.
IT Act §70A • NCIIPC Sector Guidelines
Synthetic Content
IT (SGI) Rules Feb 2026
Synthetically Generated Information: detection, labeling, traceability for AI-generated text, images, audio, and video. Applies to platforms and deployers.
IT (Intermediary) Amendment Rules 2026 • MeitY
International Standard
NIST AI RMF 1.0
Four core functions: GOVERN (policies, accountability), MAP (context, risk identification), MEASURE (evaluation, monitoring), MANAGE (response, tracking). 39 categories mapped directly to India regulatory requirements.
NIST AI 100-1 (Jan 2023) • GOVERN 1.5 • MEASURE 2.2/2.8 • MANAGE 1.1/3.1
International Standard
ISO/IEC 42001:2023
First international standard for AI management systems. Certifiable. Covers AI policy, risk assessment (§6.1.2), AI system impact assessment (§8.4), performance evaluation (§9.1), and continual improvement (§10.2).
NIST AI RMF 1.0ISO/IEC 42001:2023SEBI Cybersecurity CircularIRDAI Information SecurityTRAI AI GuidelinesICMR AI GuidelinesIT Act 2000 §43A §72AISO/IEC 42001:2023ISO/IEC 27001:2022Digital India Act (proposed)
Free · 40 Questions · 7 Minutes
India AI Readiness Assessment
Answer 40 yes/partial/no questions. Get a scored report mapped to Indian statutes, NIST AI RMF, and ISO 42001 — downloadable as PDF.
Data & DPDP
5 questions
Process Maturity
5 questions
Tech Readiness
5 questions
People & Culture
5 questions
Strategy & ROI
5 questions
Governance
5 questions
Use Case Clarity
5 questions — DPIA, RBI FREE-AI pillar assessment, IT (SGI) Rules 2026, NIST AI RMF MAP 5.1, ISO 42001 §8.4
AI Risk Measurement
NEW
5 questions — NIST AI RMF GOVERN 1.5/2.2/4.1 · MEASURE 1.1/2.2/2.8/4.1 · MANAGE 1.1/3.1 · ISO 42001 §6.1.2/§9.1
Free · No login · PDF report included
Step 1 of 2 — About Your Organization
Before we start
Used to benchmark your score against your sector average and calculate India-specific engagement pricing in INR.
India Engagement Pricing
Priced in Indian Rupees
Three paths from assessment to AI-ready. Scoped to your organization, priced for the Indian market.
India AI Quick Scan
₹2,10,000
/10 hrs
Automated tenant diagnostic on your systems, scored gap report mapped to CERT-In and DPDP Act requirements, executive briefing with priority recommendations.
Includes
✓ CERT-In compliance gap analysis
✓ DPDP Act 2023 readiness report
✓ M365 / Azure tenant diagnostic
✓ Executive briefing deck
✓ 90-day remediation roadmap
MOST POPULAR
India AI Readiness Sprint
₹5,50,000
/30 hrs
Stakeholder interviews, M365/Azure diagnostic, CERT-In and DPDP compliance mapping, NCIIPC sector assessment, 90-day roadmap, India regulatory briefing.
Includes
✓ Everything in Quick Scan
✓ DPDP Act data mapping workshop
✓ MeitY AI framework alignment
✓ Sector regulator gap (RBI/SEBI/IRDAI)
✓ IT (SGI) Rules 2026 obligations review
✓ Board-ready governance deck
India AI Launchpad
₹9,00,000
/mo
Full managed AI operations: Copilot Studio agents, compliance automation, DPO advisory, monthly CERT-In readiness, staff training, DPDP Act operationalization.
Includes
✓ Everything in Readiness Sprint
✓ Copilot Studio agent deployment
✓ Monthly CERT-In compliance checks
✓ DPO advisory (DPDP Act)
✓ Staff training on India AI regulations
✓ Dedicated engagement manager
India Partner Program
Deliver India AI compliance with BHT behind you
We are looking for Indian consulting firms, MSSPs, and technology integrators to co-deliver AI governance engagements. You bring the client relationship. We bring the framework, tooling, and SBA 8(a) federal credibility.
Revenue share on every engagement
20-35% partner margin on Quick Scan, Readiness Sprint, and Launchpad referrals. Paid within 30 days of client payment.
White-label delivery option
Deliver CERT-In, DPDP Act, and MeitY assessments under your own brand with our methodology and tooling.
Technical enablement included
Access to our 40-question India AI RMF engine, PDF report generator, and NIST AI RMF / ISO 42001 gap analysis templates.
Co-sell into US federal market
Leverage BHT's SBA 8(a) and EDWOSB certifications for US government opportunities that need offshore delivery capacity.