Master Direction on IT Governance, Risk, Controls, and Assurance Practices
The Reserve Bank of India has issued directions for banks and financial institutions to ensure effective IT governance, risk management, and controls.
IT Governance: Institutions must establish an IT governance framework, with the Board of Directors playing a key role. A dedicated IT Strategy Committee and Senior Management IT Steering Committee will oversee IT strategy and implementation.
IT Infrastructure and Services Management: Institutions must manage IT services, including third-party arrangements, capacity management, project management, and change management. They must also ensure data migration controls, audit trails, cryptographic controls, and straight-through processing.
Physical and Environmental Controls: Institutions must implement physical and environmental controls, including access controls, teleworking controls, and metrics to measure IT performance.
IT and Information Security Risk Management: Institutions must periodically review IT risks, implement risk mitigation measures, and ensure business continuity planning and disaster recovery.
The directions aim to ensure that banks and financial institutions have a robust IT governance framework, effective risk management practices, and adequate controls to mitigate IT-related risks.
Chat with the Master Direction:
Download: Master Direction on Information Technology Governance, Risk, Controls and Assurance Practices