The Reserve Bank of India (RBI) has issued draft norms on the use of information technology by entities regulated by the central bank. The RBI said that the feedback from regulated entities and other stakeholders should be submitted by November 20 via email. The final direction will be issued by the central bank after considering the feedback.
The RBI in its bi-monthly monetary policy statement in February mentioned that it would issue two draft directions on the use of information technology and on governance, risk, and control of such services. Entities regulated by the RBI shall put in place a strong information technology governance framework consisting of governance structure and processes necessary to meet the entities' business objectives. The governance framework shall specify the role and responsibilities of the board of directors, board level committee, local management committee and senior management.
The framework must also include sufficient oversight mechanisms to ensure accountability and mitigation of business risks. The key focus areas of information technology governance shall include strategic alignment, value delivery, risk management, resource management, performance management, business continuity and disaster management recovery. Strategies, policies related to information technology, information systems, business continuity, information security, and cyber security should be approved by the board and reviewed at least annually. The regulated entities shall establish a board-level information technology strategy committee with a minimum of two directors as members.
RBI rate hikes to contain price rise; inflation to fall below 6% next year’
RBI: Fight against inflation will be dogged, prolonged
RBI taking steps to improve digital infrastructure for banking