Cyber security in the financial sector has gained importance, more so with the advent of technological innovations. In this connection, IRDAI has planned to come out with a comprehensive Information and cyber security framework for Insurance sector covering various aspects for designing a suitable information & cyber security policy by the regulated entities, establishment of appropriate Governance structure for implementation of Information & Cyber Security policy and audit mechanism to mitigate cyber risks.

In view of the above, IRDAI vide its Circular (ref. no: IRDA/IT/CIR/ MISC/ 216/10/ 2016) dated 31st Oct 2016 formed a working group of CIOs for ‘Formulating a comprehensive framework for Information and cyber security for insurance sector’ which in turn formed the following three sub-groups to work on various issues related to Information and Cyber Security

1. Group-1: All four layers of security (Data, Applications, Operating systems and Network layers)

2. Group-2: (Security Audit)

3. Group-3: (Legal aspects on Cyber Security)

The sub-groups met on various dates, held several rounds of discussions and came out with a draft framework along with a tentative audit-checklist. The framework has been prepared based on various Industry standards in Information & Cyber Security and the best practices followed by the insurers.

All stakeholders are requested to go through the attached exposure draft (Annex-I) and provide their feedback/ Comments in the format by e-mail to Shri. Mahesh Agarwal, DGM-IT at mahesh agarwal[at] irda[dot]gov[dot] in [under copy to it [at] irda [dot] gov [dot] in].

Series Navigation<< Guidelines on Claim processing for Group Insurance Policies – Addition of new Categories of Master PolicyholdersInsurance Awareness Campaign, in the form of Radio jingles >>

Author

This entry is part 6 of 22 in the series April 2017- Insurance Times

Byadmin

Leave a Reply

Your email address will not be published. Required fields are marked *