The Reserve Bank of India (RBI) on November 7 notified the Master Direction on Information Technology Governance, Risk, Controls and Assurance Practices, which prescribes IT and cybersecurity guidelines for banks and other regulated entities. The Direction introduces new measures as well as updates and consolidates measures prescribed in earlier circulars, which now stand repealed. It comes into effect from April 1, 2024. Who do these directions apply to? All Scheduled Commercial Banks (except Regional Rural Banks) Small Finance Banks Payments Banks Non-Banking Financial Companies (except NBFC-Core Investment Companies) Credit Information Companies Financial Institutions (EXIM Bank, NABARD, NaBFID, NHB and SIDBI) These entities are collectively referred to as regulated entities (REs) from here on. Important Definitions Cyber security: "Preservation of confidentiality, integrity and availability of information and/or information systems through the cyber medium. In addition, other properties, such as authenticity, accountability, non-repudiation and reliability can also be involved." Cyber incident: "A cyber event that adversely affects the cyber security of an information asset whether resulting from malicious activity or not." Cyber attack - "Malicious attempt(s) to exploit vulnerabilities through the cyber medium to damage, disrupt or gain unauthorized access to assets." What are the governance measures regulated entities must adopt? Implement an IT Governance Framework: REs must put in place an IT Governance Framework that takes into account strategic alignment, risk management, resource management, performance management and Business Continuity/ Disaster Recovery Management. It should also specify the roles and responsibilities of the Board of Directors and include oversight mechanisms for IT security risks. …
News
Summary: RBI notifies new IT governance and cybersecurity guidelines for banks, NBFCs
The guidelines lay out the IT governance and cybersecurity management measures that all regulated entities must adopt; the guidelines come into effect from April 1, 2024.
Please subscribe to MediaNama. Don't share prints and PDFs.
You May Also Like
News
Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...
Advert
135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...
News
By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...
News
Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...