A working group set up by the Reserve Bank of India (RBI) to formulate guidelines for banks on information security, electronic banking, technology risk management and cyber frauds, has recommended the formulation of board-level IT strategy on a regular basis for all banks.
Towards this, the working group has suggested the creation of the post of chief information officer (CIO) in banks, who will be the key player and will have executive decision-making role and function.
The key role of the CIO would be to act as an owner of the IT functions and enable the alignment of business and technology, RBI said in a release.
Banks have to create an IT steering committee with representations from various IT functions, HR, legal and business functions as found appropriate. The IT steering committee would assist the executive management in the implementation of the IT strategy approved by the board.
The IT steering committee should monitor the IT governance structure to assess accountability and transparency and to ensure that it functions within the defined objectives and carries out responsibilities unambiguously at each level in the organisation.
The organisational structure for IT should be commensurate with the size, scale and nature of business activities carried out by the bank and the underlying support provided by information systems for business functions.