What is a Urban Co-Operative Banks?

  1. The Reserve Bank of India has provided guidelines on Cyber Security Framework vide circular DBS, CO/CSITE/BC.11/33.01.001/2015-16 dated June 2, 2016, where it has highlighted the urgent need to put in place a robust cybersecurity/ resilience framework to ensure adequate cybersecurity preparedness among banks on a continuous basis.
  2. The RBI guidelines related to Cyber Security framework will enable banks to formalize and adopt cybersecurity policy and cyber crisis management plan. The requirement to share information on cyber security incidents with RBI will also help structure proactive threat identification and mitigation.

Applicability

Banks are very high-risk targets and therefore can be subjected to more and more threats. The  audit is to be conducted by all co-operative banks to  ensure the following threats are not met:

    1. Modifying or stealing confidential or sensitive information for personal gain.
    2. Theft of trade secrets or customer identification to be used for business advantage
    3. Sabotage of an organization’s data, systems, or network.

Objective

The objectives of why UCBS must undergo audits, risk assessment and other such cybersecurity related services is because:

    1. Banks need to assess their Cyber Security preparedness under the active guidance and oversight of the IT Sub Committee of the Board or the Bank’s Board directly. 
    2. The Banks need to report to Cyber Security and Information Technology Examination (CSITE) Cell of Department of Banking Supervision, Reserve Bank of India the following: 
      • Identified gaps w.r.t. Cyber Security/Resilience Framework 
      • Proposed measures/controls and their expected effectiveness 
      • Milestones with timelines for implementing the proposed controls/measures and  measurement criteria for assessing their effectiveness including the risk assessment and risk management methodology followed/proposed by the bank

Approach

Our approach has been covered in  4 phases as mentioned below:

Phase 1: Audit Planning
Planning and preparation of the audit scope and objectives. 

Phase 2: Risk Assessment and Business Process Analysis
Assessment, measuring, managing, and controlling IT-related risks, thus enhancing the reliability of processes and the entire information system. 

Phase 3: Audit Performance (Compliance and System Review) 
Assessment of controls over critical system platforms, network and physical components, IT infrastructure supporting relevant business processes.

Phase 4: Reporting
Report audit findings, conclusions, and recommendations of the audit in terms of conformance, non-conformance, and opportunities to improve.

    Why CyberSRC®?

    1. We are team of qualified professionals with rich experience of multiple industries such as Manufacturing, BFSI, Insurance, Healthcare, NBFCs & others. Our consultants are industry experts and have proven track records, some of the renowned certificates that our consultants hold such as CISA, CISSP, COBIT, CEH, CCNA, OSCP, ISO 9001 LA/LI, ISO 27001, ITIL LA/LI, PMP, to name a few. 
    2. We believe in adding value to your business which is enabled through our Centre of Excellence (Coe) and, we have end-to-end capability for Program Build – Operations – Transformation. We can jump start and execute projects in Managed Services mode globally and flexible delivery models. 
    3. Our Vision is to be one of the World’s most trusted advisory & solution provider for Cyber Security, Data Protection an Assurance practices.