The Reserve Bank of India today said the regulated entities (REs), including banks and finance companies, will follow new norms for Information Technology (IT) covering its governance, risks, and management from April 1, 2024.
REs have to put in place a robust IT Governance Framework to cover focus areas like strategic alignment, risk and resource management performance, and Business Continuity/Disaster Recovery Management. This framework should specify the governance structure and processes necessary to meet the RE’s business/strategic objectives, according to RBI’s final master circular. The Central Bank had published a draft Master Direction on the subject in October 2022, seeking public comments.
Click here to follow our WhatsApp channel
The framework will specify the roles (including authority) and responsibilities of the Board of Directors, board-level Committee, and Senior Management. It will also address the issue of adequate oversight mechanisms to ensure accountability and mitigation of IT and cyber/information security risks.
The enterprise-wide risk management policy or operational risk management policy will incorporate periodic assessment of IT-related…
