RBI Cyber Security Audit For Non-Banking Finance (NBFC)


RBI Guidelines for Cyber Security in the NBFC Sector

The Non-Banking Finance Companies (NBFCs) in India are a key player in the country's economy. The asset size and credit share of NBFCs has seen geometrical raise in the past decade. Considering the vital role played by this sector, and their increasing reliance on Information Systems/Technology for service delivery, RBI has issued an IT Framework for NBFC sector.

The IT framework focuses on IT Governance, IT Policy, Information & Cyber Security, IT Operations, IS Audit, Business Continuity Planning and IT Services Outsourcing.


Information Security framework with the following basic tenets

  • Identification and Classification of Information Assets
  • Segregation of functions
  • Role based Access Control
  • Personnel Security
  • Physical Security
  • Maker-checker
  • Incident Management
  • Trails
  • Public Key Infrastructure (PKI)

Cyber Security Controls for Implementation

  • Vulnerability Management
  • Cyber security preparedness indicators
  • Cyber Crisis Management Plan
  • Sharing of information on cyber-security incidents with RBI
  • Cyber-security awareness among stakeholders / Top Management / Board
  • IT Risk Assessment
  • Mobile Financial Services
  • Social Media Risks
  • Training

How Valency Networks Can Help With RBI Audits?

Valency Networks is a team of certified auditors. We have performed numerous cyber audits for banking and non-banking financial institutions. Contact us for more details.


What Our Customers Say?

Valency Networks is a very techie company, focusing on a continuous improvement in service quality. Our customers like us exactly for that and that helps us keep our quality to the best extent.