As a CERT-In Empanelled Security Auditor, Security Brigade is authorised to help you understand, manage and comply with RBI Guidelines & Circulars that are released on a periodic basis. As on June 08, 2017, the RBI has released new guidelines for Information Technology Framework for the NBFC Sector, which include specific clauses and requirements pertaining to Information and Cyber Security, IT Audit, Business Continuity Planning, etc.

The following is a quick summary of some of the key points and requirements from the RBI Guidelines for Cyber Security In The NBFC Sector. Download Our Whitepaper to learn more about the RBI Guidelines and how Security Brigade can help you comply with RBI’s mandates.

 

Information  Security

  • Identification and Classification of Information Assets
  • Segregation of functions
  • Role based Access Control
  • Personnel Security
  • Physical Security
  • Maker-checker
  • Incident Management
  • Trails
  • Public Key Infrastructure (PKI)

 

Cyber Security

  • Need for a Board approved Cyber-security Policy
  • Vulnerability Management
  • Cyber security preparedness indicators
  • Cyber Crisis Management Plan
  • Sharing of information on cyber-security incidents with RBI
  • Cyber-security awareness among stakeholders / Top Management / Board
  • Digital Signatures
  • IT Risk Assessment
  • Mobile Financial Services
  • Social Media Risks
  • Training

 

IS Audit

  • Policy for Information System Audit (IS Audit)
  • Coverage
  • Personnel
  • Periodicity
  • Reporting
  • Compliance
  • Computer-Assisted Audit Techniques (CAATs)

 

Business Continuity Planning

  • Business Impact Analysis
  • Recovery Strategy / Contingency Planning

 

Download Whitepaper: RBI Guidelines for Cyber Security in the NBFC Sector


First Name*

Last Name*

Email*

Company*

Mobile*