RBI enhanced the Cyber Security Framework for Urban Cooperative Banks (UCBs), revising its initial release of October 19, 2018. Being a CERT-In Empaneled Security Auditor, QRC helps our clients to understand, manage and comply with periodic releasing RBI Guidelines. The Periodic reviews of the security of the bank’s infrastructure and assets are a must to find out vulnerabilities and security loopholes. Hence, we need to take the appropriate actions to be taken by the Co-Operative Banks to fill the security loopholes and get rid of vulnerabilities.
The following is a quick summary of some of the key points and requirements from the new Cyber Security Framework for Urban Cooperative Banks (UCBs).
Basic Cyber Security Framework for Primary (Urban) Cooperative Banks (UCBs)
Comprehensive Cyber Security Framework for Primary (Urban) Cooperative Banks (UCBs)
Level I Requirements
Level II Requirements
Level III Requirements
Level IV Requirements
We help our clients to get an in-depth analysis of the RBI Cyber Security Framework for Cooperative Banks and meet the RBI Cyber Security Guidelines.
Our approach for assessment is as follows:
Information Gathering & Documentation Review
We provide a detailed questionnaire, shared with your teams along with other documentation, and evidence is collected on the architecture, implementation and controls to understand data flow.
Post scope definition as per the Cyber Security Framework Urban Cooperative directive and initial engagement, we will conduct an initial audit for understanding the infra of the organization and help our clients in identifying all the storage locations which comprise of any payment related data.
As per the assessment, and the identification of the payment data, QRC will provide remediation support for complying with the RBI mandate.
Report & Confirmation Letter
Post assessment and remediation, we will review your evidence on the closure of the Action phase as identified during the audit. On successful closure, we will share the confirmation letter that all payment related data is residing inside India.
The risk-based internal audit guidelines for urban cooperative banks were put forth by the RBI to strengthen the security control.