RBI approves its April 8 announcement and issue new guideline ultimatum till June 30.
[ad_1]
RBI approves its April 8 announcement and issue new guideline ultimatum till June 30. RBI Guideline: Reserve Bank of India (RBI) The Reserve Bank of India on Friday issued a draft Master Direction on Cyber Resilience and Digital Payment Security Controls for Payment System Operators. The central bank has sought comments on it by June 30. These can be sent through email or post to the Chief General Manager, Department of Payment and Settlement Systems, Central Office, Mumbai, RBI. The draft guidelines cover governance mechanisms for identification, assessment, monitoring and management of cyber security risks, including information security risks and vulnerabilities, and lay down baseline security measures to ensure secure digital payment transactions.
Stamped on the announcement of 8 April
RBI approves its April 8 announcement and issue new guideline ultimatum till June 30. The RBI had announced on April 8 that it would issue directions on cyber resilience and payment security controls of payment system operators (PSOs). The guidelines state that in order to effectively identify, monitor, control and manage cyber and technology related risks arising out of linkages of PSOs with unregulated entities that may be involved in their digital payment ecosystem (such as payment gateways, third-party service providers, vendors, merchants, etc.), the PSOs shall, subject to mutual agreement, ensure that such unregulated entities also follow these directions.
they will be responsible
This is the Board of Directors of the PSO. Will be responsible for ensuring adequate monitoring of information security risks including cyber risk and cyber resilience. However, the primary oversight may be entrusted to a sub-committee of the Board which shall meet at least once every quarter. Also, RBI has asked PSOs to prepare a separate board-approved Cyber Crisis Management Plan (CCMP) to detect, control, respond to and recover from cyber threats and cyber attacks. In addition, the PSO will conduct cyber risk assessment exercises relating to the launch of new products or services or technologies or making major changes to the infrastructure or processes of existing products or services.
[ad_2]
