The Reserve Bank of India (RBI) on November 7 notified the Master Direction on Information Technology Governance, Risk, Controls and Assurance Practices, which prescribes IT and cybersecurity guidelines for banks and other regulated entities. The Direction introduces new measures as well as updates and consolidates measures prescribed in earlier circulars, which now stand repealed. It comes into effect from April 1, 2024. Who do these directions apply to? All Scheduled Commercial Banks (except Regional Rural Banks) Small Finance Banks Payments Banks Non-Banking Financial Companies (except NBFC-Core Investment Companies) Credit Information Companies Financial Institutions (EXIM Bank, NABARD, NaBFID, NHB and SIDBI) These entities are collectively referred to as regulated entities (REs) from here on. Important Definitions Cyber security: "Preservation of confidentiality, integrity and availability of information and/or information systems through the cyber medium. In addition, other properties, such as authenticity, accountability, non-repudiation and reliability can also be involved." Cyber incident: "A cyber event that adversely affects the cyber security of an information asset whether resulting from malicious activity or not." Cyber attack - "Malicious attempt(s) to exploit vulnerabilities through the cyber medium to damage, disrupt or gain unauthorized access to assets." What are the governance measures regulated entities must adopt? Implement an IT Governance Framework: REs must put in place an IT Governance Framework that takes into account strategic alignment, risk management, resource management, performance management and Business Continuity/ Disaster Recovery Management. It should also specify the roles and responsibilities of the Board of Directors and include oversight mechanisms for IT security risks. …
- Indian Govt to come up with Search and Seizure Guidelines by December 14: Supreme Court December 6, 2023
- Uttar Pradesh Government begins process to use Drones to Monitor MNREGS Sites December 6, 2023
- Meta and IBM Forge ‘AI Alliance’ With 50 Members Focusing On Open Innovation in Artificial Intelligence December 6, 2023
- Delhi Govt notifies Motor Vehicle Aggregator and Delivery Service Provider Scheme 2023 December 6, 2023
- Post Office Bill 2023 passed in Rajya Sabha: Here are the major privacy concerns raised by MPs December 5, 2023
MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.
Factors like Indus not charging developers any commission for in-app payments and antitrust orders issued by India's competition regulator against Google could contribute to...
Is open-sourcing of AI, and the use cases that come with it, a good starting point to discuss the responsibility and liability of AI?...
RBI Deputy Governor Rabi Shankar called for self-regulation in the fintech sector, but here's why we disagree with his stance.
Straw man fallacy: IT Ministers’ defence of government exemptions in data protection law misses the point
Both the IT Minister and the IT Minister of State have chosen to avoid the actual concerns raised, and have instead defended against lesser...
The Central Board of Film Certification found power outside the Cinematograph Act and came to be known as the Censor Board. Are OTT self-regulating...
Please subscribe to MediaNama. Don't share prints and PDFs.
You May Also Like
Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...
135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...
Twitter takes down tweets from MP, MLA, editor criticising handling of pandemic upon government request
By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...