Home › Crosswalk › Information Technology & Cyber

Information Technology & Cyber — RBI Master Directions

Name: Information Technology & Cyber — RBI circular-to-Master-Direction crosswalk (CSV)
Creator: BankPulse
License: https://creativecommons.org/licenses/by/4.0/

RTGS/NDS systems, IT infrastructure, outsourcing & cyber-resilience circulars. We track 15 RBI documents in this family, anchored by 0 consolidated Master Direction(s) / Master Circular(s). Every entry links to its official page on rbi.org.in.

Last rebuilt: 18 Jun 2026, 01:11 IST

Latest tracked circular: RBI FY 2025-26

New in ~last 90 days: 0 circulars

Mapped this RBI financial year (FY 2026-27): 0 circulars

RBI documents in family

Master Direction / Circular anchors

Mapped this RBI FY (FY 2026-27)

About this family — the DIT lineage

The Reserve Bank's Department of Information Technology (DIT) issues the circulars that keep India's core financial-market infrastructure running and secure. Reference numbers beginning DIT or CO.DIT mark documents from this department. The family threads together three strands: (1) real-time settlement rails — RTGS (Real-Time Gross Settlement) and the NDS (Negotiated Dealing System) platforms for government securities and money markets; (2) IT governance & outsourcing of IT services by banks and NBFCs; and (3) cyber-resilience and security-operations expectations for regulated entities. Closely-related settlement and market-rail rules also surface under Payment & Settlement Systems and Financial Markets Regulation. This is our plain-English overview; every document below links to its official page on rbi.org.in. under the editorial review of Vikram Jain.

What this family governs

In plain English: this family governs the technology and cyber resilience behind India’s banking system — the core RBI-operated systems (such as RTGS and the NDS), the IT governance regulated entities must maintain, how they outsource IT services, and the cyber-security defences that keep banking online and safe. These rules set the technology and security standards; whether entities follow them is checked through Supervision.

Two example focus areas (illustrative, drawn from common RBI information-technology themes):

Cyber security & resilience — the baseline cyber-security framework, security operations and incident reporting, and business-continuity expectations that keep digital banking channels available and protected.
IT governance & outsourcing — board-level IT and information-security governance, IT risk management, and the rules for outsourcing IT services, including third-party and cloud risk.

Focus areas are our plain-English summary of typical themes, not a quote from any RBI document; every tracked document below links to its official page on rbi.org.in. under the editorial review of Vikram Jain.

Last reviewed 20 Jun 2026 by Vikram Jain

How to find the governing Master Direction for a circular

A quick four-step method to trace any Information Technology & Cyber circular back to its consolidated RBI rulebook.

Read the RBI reference number
Every RBI circular carries a reference number such as RBI/2023-24/108 with a department token such as DIT. The letters before the first slash identify the issuing department.
Match the department code to its family
That department token maps to the Information Technology & Cyber family on this page. Legacy codes are folded into their modern department, so even older circulars resolve to the right rulebook.
Open the consolidated Master Direction anchor
In the Master Direction & Master Circular anchors list below, pick the consolidated rulebook for this family — it is the living document the individual circular amends or sits under.
Verify on the official RBI source
Follow the rbi.org.in link on the anchor or the circular to confirm the current text on the Reserve Bank's own website. BankPulse never reproduces RBI text verbatim.

Master Direction & Master Circular anchors

Consolidated Master Direction for this family is being indexed.

Latest circulars in this family

The 15 most recent RBI notifications we track in this family (newest first). Each links to its official page on rbi.org.in.

RBI/2025-26/34 ↗ — DIT.CO.No.S-106/07.71.039/2025-26 April 28, 2025 The Chairman / Managing Director / Chief Executive Officer A
RBI/2025-26/28 ↗ — CO.DIT.DCD.No.S81/01-71-110/2025-26 April 22, 2025 All Commercial Banks All Primary (Urban) Co-operative Bank
RBI/2013-14/525 ↗ — DIT CO No.1971/07.71.099/2013-14 March 19, 2014 The Chairmen/Chief Executive Officers, All Scheduled Commerci
RBI/2013-14/501 ↗ — DIT CO No.1857/07.71.099/2013-14 February 26, 2014 The Chief Information Security Officer (CISO) All Schedule
RBI/2013-14/216 ↗ — DIT.CO (Policy) No.674/09.63.025/2013-14 August 30, 2013 The Chairman/Chief Executive Officers All Scheduled
RBI/2012-13/547 ↗ — DIT.CO(Policy)No. 2636/09.63.025/2012-13 June 26, 2013 The Chairmen/Chief Executive Officers, All Scheduled C
RBI/2011-12/600 ↗ — DIT Cir. No.2833/09.63.025/2011-12 June 13, 2012 The Chairmen/Chief Executive Officers, All Scheduled Commerc
RBI/2010-11/282 ↗ — DIT(CO) No. /09.61.002/2010-11 November 16, 2010 To All NDS Members Dear Sir, Reminder: Up-gradation of the P
RBI/2010-11/262 ↗ — DIT (CO) Circular No.10/09.63.08/2010-11 November 4, 2010 To All RTGS Members Dear Sir, Migration of RTGS Sys
RBI/2009-10/237 ↗ — DIT(CO) Circular NO. 6/09.61.002/2009-10 November 30, 2009 To All NDS Members Dear Sir, Up-gradation of the P
RBI/2009-10/230 ↗ — DIT (CO) Circular No. 5 /09.63.08/2009-10 November 23, 2009 To All RTGS Members Dear Sir, Up-gradation of RTG
RBI/2008-09/495 ↗ — DIT.CO.(Pol).Cir 2/ 3092/09.63.26 /2008-09 June 10, 2009 The Chief Executives of all participant members (RTG
RBI/2004-05/417 ↗ — DIT (CO) No. 255/09.63.99/2004 April 11, 2005 The Chairmen & Chief Executive of all commercial banks. Dear Si
RBI/2004-05/405 ↗ — DIT(CO). 2403 /09.63.99/2005 March 29, 2005 The Chairmen and CEOs of all banks Dear Sir, OUTSOURCING OF IT SY
RBI/2004-2005/393 ↗ — Ref DIT.CO.No. 2218 /09.63.36/2004-2005 March 11, 2005 CMDs/CEOs of all Scheduled Banks, Dear Sir, Cheque Tru

Information Technology & Cyber — frequently asked questions

What does the RBI Information Technology & Cyber family cover?

RTGS/NDS systems, IT infrastructure, outsourcing & cyber-resilience circulars. On BankPulse this family groups 15 RBI documents we track, grouped by the RBI issuing-department code DIT.

Where can I find the official RBI Master Directions for Information Technology & Cyber?

Every entry on this page links directly to its official notification on rbi.org.in — we never reproduce RBI text verbatim. Start with the Master Direction / Master Circular anchors listed above for the consolidated rulebook, or browse the 15 tracked circulars in this family. Methodology reviewed by Vikram Jain; BankPulse is an independent platform, not affiliated with the Reserve Bank of India.

What is the RBI cyber security framework for banks?

The Reserve Bank’s cyber security framework, first set out in a June 2016 circular and strengthened since, requires every bank to put in place a board-approved cyber-security policy that is distinct from its general IT policy and proportionate to the bank’s size, complexity and risk profile. Its core building blocks include a Cyber Crisis Management Plan (CCMP) to detect, contain and recover from attacks; continuous monitoring, typically through a Security Operations Centre (SOC); a baseline set of security controls and a gap assessment against the expected maturity level; and prompt reporting of cyber incidents to the RBI within a few hours. Supervision sits with the Department of Information Technology, and comparable expectations have since been extended to urban co-operative banks, NBFCs and payment-system operators through later directions. The exact controls and timelines are set in the consolidated Master Directions and circulars linked on this page. This is general information, not advice. Methodology reviewed by Vikram Jain; BankPulse is an independent platform, not affiliated with the Reserve Bank of India.

What are the RBI Digital Lending Guidelines?

The Reserve Bank's Digital Lending Guidelines, first issued in 2022 and consolidated into a Master Direction, govern how regulated lenders — banks and NBFCs — may lend through digital channels and the apps and platforms (Lending Service Providers) they work with. Their central principle is that all loan disbursals and repayments must flow directly between the borrower's bank account and the regulated lender, with no pass-through or pooling through the account of a Lending Service Provider or app. Lenders must give every borrower a standardised Key Fact Statement setting out the all-in Annual Percentage Rate (APR), fees and the cooling-off period during which a borrower can exit by repaying the principal and proportionate APR without penalty. The rules also require clear disclosure of which regulated entity is actually lending, a grievance-redressal route, and tighter controls on how borrower data is collected and stored. Supervision sits with the RBI, and the exact obligations are set in the consolidated Master Direction and circulars linked on this page. This is general information, not advice. Methodology reviewed by Vikram Jain; BankPulse is an independent platform, not affiliated with the Reserve Bank of India.

Download this family as data: crosswalk-information-technology-cyber.csv — a machine-readable CSV mapping every tracked Information Technology & Cyber circular (reference + title) to its parent Master Direction family and official rbi.org.in source. See also the crosswalk families JSON and the per-family CSV index.

← Back to the full RBI Master Direction Crosswalk

How this map is built: documents are grouped by the issuing-department code in each RBI reference number. Every entry links to its official page on rbi.org.in — we never reproduce RBI text verbatim. Methodology reviewed by Vikram Jain. Independent platform, not affiliated with the Reserve Bank of India.