You are here: Home / Clients / Completed Projects / Providing Compliance Of Payment Systems Of Bank To Requirements Of Central Bank Of Russian Federation Regulation No. 382-P

Providing Compliance Of Payment Systems Of Bank To Requirements Of Central Bank Of Russian Federation Regulation No. 382-P

GlobalTrust Experts realized the project on protection of payment systems of Bank according to requirements of Central Bank of Russia regulating documents.
Providing Compliance Of Payment Systems Of Bank To Requirements Of Central Bank Of Russian Federation Regulation No. 382-P

In 2013 GlobalTrust finished an assessment of compliance of bank payment systems to requirements of Central Bank Regulation No. 382-P "About requirements to providing information security at implementation of money transfers …", and also development of a package of the organizational and administrative documents defining payment system security controls.

This work allowed Bank to create and send to the Central Bank of the Russian Federation the trusted reports according to the Instruction of the Central Bank of the Russian Federation of 09.06.2012 No. 2831-U "About the reports of providing information security at implementation of money transfers of operators of payment systems, operators of services of payment infrastructure, operators on money transfer" in due time.

The following tasks were solved during this project:

  • Assessment of compliance to requirements of Bank of Russia Regulation No. 382-P
  • Gathering and analysis of audit evidence
  • Analysis of documentation, interviewing of the organization representatives
  • Calculation of the generalizing indicators and totals of compliance
  • Documenting of results of an assessment of compliance
  • Planning of actions for providing compliance 382-P
  • Preparation and coordination of reporting documents

Development of organizational and administrative documents for ensuring compliance:

  • Interviewing of the authorized personnel of Bank
  • Analysis and documenting of processes and methods of information security
  • Definition of requirements to information security processes
  • Definition of roles and responsibility of the personnel, and also an order of interaction between divisions
  • Development and coordination of the documents

The following documents were prepared by GlobalTrust  during implementation of the project:

  • Report on compliance to Regulation No. 382-P
  • The plan of measures on providing compliance to requirements 382-P
  • More than 20 organizational and administrative documents regulating various aspects of information security in bank payment systems.