As an auditor empanelled by CERT-In, we’re well-versed in the complexities of adhering to the Reserve Bank of India’s Cyber Security Guidelines for NBFCs. Our specialized RBI Cyber Security Compliance Services are crafted with the goal of helping your organization maintain compliance and bolster its security posture.
Some of the RBI Cyber Security Notifications and Circulars that are relevant for NBFCs are:
- DoS.CO.CSITEG/SEC.7/31.01.015/2023-24 – Master Direction on Information Technology Governance, Risk, Controls and Assurance Practice
- DoS.CO.CSITEG/SEC.1/31.01.015/2023-24 – Master Direction on Outsourcing of Information Technology Services
- DoS.CO.CSITE.SEC.No.1852/31.01.015/2020-21 – Master Direction on Digital Payment Security Controls
- DNBS.PPD.No.04/66.15.001/2016-17 – Master Direction – Information Technology Framework for the NBFC Sector
Key Provisions of the RBI Cyber Security Guidelines for NBFCs
With the increasing reliance on digital platforms, the Reserve Bank of India (RBI) has laid down comprehensive cyber security guidelines for Non-Banking Financial Companies (NBFCs) to safeguard against the rising tide of cyber threats.
Governance Framework
| Identification and Assessment
|
Protection and Mitigation
| Data Protection Measures
|
Response and Recovery
| Sharing and Communication
|
Key Components of RBI’s Cyber Security Framework
Cyber Security Policy: We assist in developing and updating cyber security policies that are in line with RBI guidelines.
Cyber Crisis Management Plan: Our team helps you prepare a robust cyber crisis management plan, a critical component of RBI’s compliance requirements.
IT and Cyber Security Governance: We ensure that your IT and cyber security governance structures meet RBI’s expectations, providing a secure and compliant environment.
Information and Cyber Security Operations: Our operational support includes regular monitoring, threat detection, and response mechanisms, aligned with RBI’s standards.
Compliance, Assurance, and Audit: We conduct regular audits and compliance checks to ensure continuous adherence to RBI’s guidelines.
Risk Management Strategies: Our risk management strategies are designed to pre-emptively identify and mitigate potential cyber threats