Problem Statement
Customer was required to adhere to RBI Master Directions IT Framework for NBFC Peer to Peer Lending Companies as part of their license application to RBI.
Services Delivered
- Conducted a gap assessment against RBI IT Directives for NBFC Peer to Peer Lending Companies
- Developed Policies, Procedures and supporting forms, templates
- Developed implementation roadmap and provided Project Management Assistance
- Conducted a comprehensive risk assessment, identified risks across organization (Business Operations, Facilities, Human Resources, IT etc.) and provided recommendations
- Reviewed SDLC practices, IT infrastructure setup, regulatory requirements etc. and identified opportunities for improvement
- Reviewed supplier contracts and established Supplier Governance process
- Conducted Business Impact Analysis to identify critical services, developed recovery strategies and Business Continuity Plan
- Developed information security awareness material and conducted training for the Leadership team
Value Provided
- Developed the Information Security program and assisted in the implementation
- Conducted training for Senior Management to ensure commitment to information security
- Provided the customer a Single Repository for Risks with controls mapping to RBI Master Directions IT Framework, ISO 27001, CSA STAR, NIST 800-53, COBIT 5.0
