TestCloud
Prep • Practice • Perform
Log In

RBI Issues New Master Directions on "IT Governance, Risk, Controls and Assurance Practices".

Banking & Finance | Dated: 06 Dec 2025

The Reserve Bank of India (RBI) has issued updated Master Directions on "Information Technology Governance, Risk, Controls and Assurance Practices" for Banks and NBFCs. The new framework mandates the establishment of a robust IT Governance framework to manage cyber security risks effectively. It aims to ensure operational resilience in the face of growing digital threats.

🎯 Key Highlights:

  • Banks and NBFCs are now required to set up a Board-level "IT Strategy Committee" (ITSC) chaired by an independent director.
  • The guidelines emphasize periodic Information Systems Audit (IS Audit) and the appointment of a Chief Information Security Officer (CISO).
  • These directions will come into effect from April 1, 2026, giving institutions time to upgrade their systems.

💡 Other Important Facts:

  • Direction: IT Governance, Risk & Controls.
  • Mandatory Committee: IT Strategy Committee (ITSC).
  • Effective Date: April 1, 2026.

📚 Test Your Knowledge:

As per RBI's new IT Governance norms, who must chair the Board-level "IT Strategy Committee" (ITSC) in banks?

Correct Answer: Independent Director

🚀 Quick Recap:

About RBI

  • Governor – Shaktikanta Das
  • Established – 1 April 1935