Urban Cooperative Banks’ use of information technology has expanded quickly and is now a key component of their operational strategy. The financial services industry topped the list of 26 different industries that are most targeted by cybercriminals. Financial services remain the industry most susceptible to malicious email traffickers, as consumers are seven times more likely to be the victim of an attack originating from a spoofed email with a bank brand versus one from any other industry.
How it works?
The Cyber Security Framework for Banks is audited corresponding to the below audit domains. These domains are segregated based on the Level designated for the concerned UCB. Also, the applicability of domains differs as per the Bank’s Level i.e., Level 1, Level 2, Level 3, or Level 4.
We share audit charter with the auditee highlighting the roles and responsibilities of the audit function as well as the audit objectives.
We provide Auditee a DRL highlighting the required policies and further analysis of the same will be performed in line with the compliance.
Document Requirement List
Quantitative/Qualitative Risk Assessment will be conducted for every business process in scope and risk will be analyzed.
Identification & Analysis
Action points as well as risk response methodology will be suggested via GAP Assessment Report and an action plan will be asked from the auditee.
We conduct review again post-deployment of the mitigations.
The following circulars prescribing basic cyber security controls were issued to all the UCBs:
Cyber Security Framework in Banks: DBS. CO/CSITE/BC.11/33.01.001/2015-16