Problem Statement

Customer was required to adhere to RBI Master Directions IT Framework for NBFC Peer to Peer Lending Companies as part of their license application to RBI.

Services Delivered

• Conducted a gap assessment against RBI IT Directives for NBFC Peer to Peer Lending Companies
• Developed Policies, Procedures and supporting forms, templates
• Developed implementation roadmap and provided Project Management Assistance
• Conducted a comprehensive risk assessment, identified risks across organization (Business Operations, Facilities, Human Resources, IT etc.) and provided recommendations
• Reviewed SDLC practices, IT infrastructure setup, regulatory requirements etc. and identified opportunities for improvement
• Reviewed supplier contracts and established Supplier Governance process
• Conducted Business Impact Analysis to identify critical services, developed recovery strategies and Business Continuity Plan
• Developed information security awareness material and conducted training for the Leadership team

Value Provided

• Developed the Information Security program and assisted in the implementation
• Conducted training for Senior Management to ensure commitment to information security
• Provided the customer a Single Repository for Risks with controls mapping to RBI Master Directions IT Framework, ISO 27001, CSA STAR, NIST 800-53, COBIT 5.0