IN · Framework
RBI CSCF — Reserve Bank of India Cyber Security Framework
The framework requires banks in India to run a board-approved cyber-security programme with a baseline of controls scaled to their risk, IT footprint and digital services.
What it is
The framework requires banks in India to run a board-approved cyber-security programme with a baseline of controls scaled to their risk, IT footprint and digital services.
India · In force; extended by later RBI directions
Who it binds
Scheduled commercial banks, and through related circulars cooperative banks and NBFCs, in India.
Key obligations
- A board-approved cyber-security policy
- A baseline of mandatory controls
- A Cyber Security Operations Centre (C-SOC)
- Prompt incident reporting to the RBI
How CCI addresses it
CySSURANCE maps the RBI baseline and gap-tests the controls; the audit practice covers Indian financial institutions.
Official source
RBI circular DBS.CO/CSITE/BC.11/33.01.001/2015-16, 2 June 2016
https://www.rbi.org.in/commonman/English/scripts/Notification.aspx?Id=1721
The linked text is the authoritative legal or standards source. CCI maps to it; it is not a CCI publication.