logo peltatech
Menu
Login
Have a Question?

+91 7972428949

information system audit banks

Overview

RBI Issues Master directions and Guidelines for Banks and Non-Banking Financial corporations to hunt and resolve the risk and weaknesses in its operations. RBI guidelines are issued on recommendations by working groups in information security, E-Banking, Governance and Cyber fraud. These Master direction guidelines are mainly driven by the demand and need for mitigating the cyber threats coming out of evolving technology adopted by these corporations.

Why Banks need RBI Cyber Security Audit?

Since the entire banking heavily relies on electronic platforms and online transactions, cyber security is imperative. Hence, RBI expects banks to assess their Cyber Security preparedness. RBI mandates that a Top to Down approach in information security governance must be followed which starts from the Bank’s operating board, to IT and IS committee, and to level further down in the hierarchy. RBI also expects the Banks to report to Cyber Security and Information Technology Examination (CSITE) Cell of Department of Banking Supervision, with following details.

  • Gap analysis against the published Cyber Security/Resilience Framework
  • Information security controls
  • Effectiveness of the implemented controls
  • Plan of action to mitigate risks
  • Role of CISO

Service Highlights

We at Pelta, provide end to end support and guidance on getting compliant with these laid guidelines, primarily in below mentioned seven areas: 

 

  • Information Security: Well defined framework to focus exclusively on Information and cyber security and Risk management.
  • Information Security Audit: Audit on the IS process adopted by the firm and ensure that they provide unbiased and objective view of the extent to which the risk are managed. This focuses on Role and responsibilities of IS audit stakeholders and planning and execution.
  • Business Continuity Planning: Policy and procedures to ensure continuity, resumption and recovery of critical business processes. Assistance in performing Disaster recovery drills to ensure readiness in an event of disaster.
  • Cyber Fraud: Fraud management, suspicious transaction management, reporting to regulatory body and implementation of various fraud detection techniques.
  • IT Governance: RBI guidelines mandates to have IT governance framework in place. Focus on creating organisational framework and process to make sure IT security sustains and objectives are met.
  • Customer Grievance: Policy and procedure to ensure all the customer grievances are met and steps are taken to resolve the issues in stipulated period of time.
  • Complete assistance: On areas of Authentication, Authorisation, Logging and monitoring of transaction and activities, Implementation of Maker checker concept in key operational Areas, Customised and service-oriented architecture, secure operational environment, KYC and customer consent management.