Problem Statement

Customer was required to adhere to RBI Master Directions IT Framework for NBFCs before 30th June 2018

Services Delivered

• Developed Policies, Procedures and supporting forms, templates
• Developed implementation roadmap and provided Project Management Assistance
• Conducted a comprehensive risk assessment, identified risks across organization (Business Operations, Facilities, Human Resources, IT etc.) and provided recommendations
• Reviewed SDLC practices, IT infrastructure setup, regulatory requirements etc. and identified opportunities for improvement
• Reviewed supplier contracts and established Supplier Governance process
• Conducted Business Impact Analysis to identify critical services, developed recovery strategies and Business Continuity Plan
• Developed information security awareness material and conducted training for the Leadership team

Value Provided

• Developed Business Continuity Plan and Disaster Recovery requirements for Customer’s datacenter which was outsourced
• Provided the Senior Management visibility into the key information security risks and immediate actions required to address them
• Provided the customer a Single Repository for Risks with controls mapping to RBI Master Directions IT Framework, ISO 27001, CSA STAR, NIST 800-53, COBIT 5.0