Logical Access & Need-Based Access ControlsClauses 19(a), 8(c)
Do employees, vendors, and third parties receive access to systems strictly based on business need and role?
RBI Requirement: RBI requires regulated entities to enforce need-based access, documented access procedures, and effective governance of information assets. Excessive or unmanaged access significantly increases insider and operational risk.
This self-assessment is provided for guidance and operational readiness planning purposes only and does not constitute l…