• info@globalconsultingservices.in.com
  • +91 8527059001
Global Consulting Services
Global Consulting Services
Twitter Facebook Instagram Pinterest
Get in Touch

STQC Certification

Ensuring cybersecurity-driven compliance for CCTV devices under national surveillance standards.
VR Ears Software

VR Ears Software

Technology
Smart Audio

Smart Audio

Videos
Game Studio

Game Studio

Game

With growing national focus on surveillance security and digital sovereignty, the Government of India has mandated Essential Requirements (ER) certification from the Standardisation Testing and Quality Certification (STQC) Directorate for CCTV cameras. Since June 6, 2024, all CCTV cameras procured for Government tenders, smart city initiatives, defence networks, public infrastructure projects, PSU procurement and other critical environments must comply with STQC standards.

This certification ensures that CCTV systems deployed across India follow a secure, reliable and tamper-proof architecture capable of safeguarding data, operations, and critical infrastructure.

At Global Consulting Services (GCS), we help manufacturers, importers and OEMs achieve STQC compliance efficiently, without delays, rejections or technical gaps.

What is STQC Certification?

STQC (Standardisation Testing and Quality Certification) is an initiative under MeitY – Ministry of Electronics & Information Technology that establishes security, performance, interoperability and trustworthiness standards for devices. Under the IoT System Certification Scheme (IoTSCS), STQC evaluates:
✔ CCTV product architecture
✔ Security engineering practices
✔ Secure firmware development
✔ Supply chain validation
✔ Vulnerability resilience
✔ Data security mechanisms
Only when CCTV products meet essential requirements and pass laboratory assessment is the manufacturer awarded an STQC Certificate of Approval, valid for three years, subject to periodic surveillance audits.

Why Has STQC Certification Become Mandatory?

The government amendment to the Public Procurement Order (March 6, 2024) made STQC-ER certification compulsory for CCTV cameras used in public procurement. This was introduced to:

Strengthen cybersecurity

Prevent firmware vulnerabilities

Reduce risks from foreign-controlled surveillance devices

Standardize surveillance performance quality

Ensure trusted IoT hardware for public infrastructure

From June 6, 2024 onward, non-compliant CCTV products cannot be supplied to Government projects.

Objectives of STQC Certification

The objective of STQC testing is to ensure that CCTV cameras:

Meet national cybersecurity requirements

Are designed using secure engineering practices

Support secure boot, secure firmware updates, encryption and access controls

Prevent unauthorized tampering

Provide traceability and accountability across manufacturing

Demonstrate secure lifecycle management

The goal is to enhance confidence in surveillance infrastructure deployed across India.

Quality Standards
Quality Standards

Technical Construction File (TCF) Requirements

A manufacturer must submit a complete TCF containing:
  • Device overview, environment of use
  • Engineering artefacts
  • Secure boot design
  • Firmware update processes
  • Encryption logic
  • Penetration testing results
  • ISO 9001 certification copies
  • Role-based architecture design
  • Supply chain mapping details
  • Secure engineering workflow documents
  • Development tools and firmware loading guidelines

The TCF is central to approval and must show compliance with every Essential Requirement.

Key Security Requirements for CCTV Devices

To achieve STQC approval, CCTV products must demonstrate:
  • Physical Security
  • Tamper-resistant housing
  • Protection against unauthorized access through debug interfaces (UART, JTAG, SWD etc.)
  • Access Control
  • Authentication
  • Role-based permissions
  • Monitoring user access lifecycle
  • Network Security
  • Secure data transmission
  • Encryption mechanisms
  • Software Security
  • Secure firmware update modules
  • Removal of unused features
  • Strong password policies
  • Penetration Resilience
  • Vendor must undergo penetration testing
  • Submit remediation plan
Certification Process

Step-by-Step STQC Certification Process

Study Notification Requirements

Manufacturers must understand compliance criteria mentioned in the Gazette notification.

Design Secure Architecture

Develop a technical architecture demonstrating conformity with ER standards.

Prepare Technical Artefacts & Firmware Security

Develop secure boot codes, crypto libraries, test cases and engineering tools.

Laboratory Testing & Assessment

Testing, demonstration, validation, TCF review and compliance audit are carried out.

Submit Application & TCF to STQC

The certification body assigns an application number and forwards to test lab.

Build TCF (Technical Construction File)

Document lifecycle, supply chain, device security and compliance artefacts.

Certification Committee Review

Holistic evaluation before approval.

Certificate Issuance (Valid 3 Years)

Certificate issued with mandatory surveillance requirements.

Why STQC Certification Matters

  • Ensures government procurement eligibility
  • Builds market trus
  • Enhances product cybersecurity
  • Enables smart city and PSU project participation
  • Prevents product seizure or procurement rejection
  • Demonstrates compliance with national security norms
Why Choose

Why Choose Global Consulting Services (GCS) for STQC Certification?

At GCS, we go beyond documentation. We are compliance specialists helping clients accelerate certification and avoid costly rework.
  • End-to-End Service Model

From application preparation to testing support — we manage the complete process.

  • Technical Engineering Expertise

We assist in:

  • TCF development
  • Secure architecture building

Firmware security documentation

  • Strong Government & Lab Coordination

Our team regularly interfaces with test labs and certification bodies for faster turnaround.

  • Zero-Disruption Compliance Strategy

We help clients avoid procurement delays, tender disqualification or regulatory penalties.

  • Dedicated Project Managers

Your team gets constant guidance, updates and milestone tracking.

  • High Approval Success Rate

Our advisory ensures files are correct the first time — reducing rejection risk.

Partner with GCS — we manage your BIS CRS compliance end-to-end for smooth approvals and market entry.

Ready to Launch in India?
Apply for STQC Certification Now

Consult Today

Frequently Asked Questions (FAQs) – BIS Registration / BIS Certification

Any manufacturer, import brand or OEM selling CCTV cameras for government procurement or controlled surveillance environments must hold valid STQC certification.

The certificate remains valid for three years, subject to periodic surveillance and compliance renewal.

Yes — imported products can obtain certification provided the entity submits TCF and fulfils compliance requirements.

Timelines depend on documentation readiness, test lab scheduling, and compliance revisions. With GCS involvement, most cases are completed faster.

Such products can be rejected in tender evaluation, blacklisted from procurement, or flagged as non-compliant under national security norms.

Yes — GCS manages application drafting, TCF preparation, lab coordination, sample submission, testing support and response handling.