Item No.

16/52
SIDBI RiMC No.36/2019-20

MEMORANDUM TO THE RISK MANAGEMENT COMMITTEE

Reporting of Minutes of 18th Meeting of

Risk and Information Security Committee

Vertical Head: Shri Manish Sinha

1. Issue under consideration:

Reporting of minutes of the 18th meeting of Risk and Information Security
Committee (RISC) to the Risk Management Committee of the Board.

2. Background:
RISC was constituted for developing and facilitating the implementation
of information security policies, standards and procedures and
facilitating management of IT-related enterprise risks as per RBI
Guidelines on Information Security, Electronic Banking, Technology Risk
Management and Cyber Frauds. The Minutes of the meeting of RISC are
to be reported to RiMC, as per IT Security Policy of the Bank.

3. Proposal:
The 18th meeting of RISC was held on November 28, 2019. The following
is the primary agenda item considered in the meeting:

Meeting No. / Date Agenda Item

18th / 28-11-2019 Review of IT Security Status and Assessment

The minutes of the aforesaid meeting are annexed to this memorandum

for information of the RiMC and brief highlights thereof are given below:

 RISC was apprised that web portal version of the Credence

application will not be able to cater to all the requirements of
Treasury Operations. In view of the risk involved in continuing with
Admin rights to all users, which is a system requirement in Credence
application, the Committee advised TRMV and ITV to take a decision
in a time bound manner whether a new solution be procured which
will resolve security and administrative issues and if so, timelines
thereof.

 The Committee was apprised that SWIFT MPLS link was now LIVE for
DC and UAT for DR Site was to be completed by first week of
December 2019. ITV informed the Committee that the
Implementation will be fully completed by December 31, 2019.
SIDBI RiMC.No.36/2019-20 Reporting of Minutes of 18th Meeting of
Risk and Information Security Committee)

 ITV recently informed Reserve Bank of India that Cyber Security

Operations Center (CSOC) for the Bank, will Go Live by end of
December 2019.

 The Committee noted that issue of slowness in RAM was reported by

many users. Further committee was apprised that Incident Response
Team of the Bank advised ITV and RiMV to take up the matter with
the service provider for identifying the root cause of the slowness.

 The Committee was also informed that an assignment has been

awarded to Mahindra SSG to carryout Awareness Training on IT /
Cyber Security and BCM for officers of SIDBI during December 2019.

As advised by the Committee in its 45th meeting, the minutes are

put up to Senior CGMs Committee (SCC) formed vide HRV office order
no.182/2019-20 dated November 01, 2019 in the place of Deputy
Managing Director for information. Observations of SCC on the minutes
are being attended to by the Vertical.

The Committee is requested to note the contents of the

memorandum.

Submitted by

Small Industries Development Bank of India [Manish Sinha]

Dated: January 24, 2020 General Manager

Recommended by

For Senior CGM Committee

Page 2
Annexure