RBI Issues Master directions and Guidelines for Non-Banking Financial corporations to hunt and resolve the risk and weaknesses in its operations. These Master direction guidelines are mainly driven by the demand and need for mitigating the cyber threats coming out of evolving technology adopted by these corporations.

The NBFC has to follow the terms and conditions of the licence (such as customer protection,data security,audit function, grievance redressal, data security, audit control, corporate governance and risk management framework).

Benefits Of Audit

  • It builds confidence that the systems are suitable and operating securely as designed.
  • An independent third party opinion is obtained
  • Steer the organization’s operations to offer better services
  • Provide assurance to user organizations who outsource any IT systems performing critical operations that their service organizations have procedures and controls in place to provide constant and reliable services.
  • Security of the organisation can be improved by getting the valuable suggestions and feedback from the expert team of Xiarch.

Why Choose Xiarch ?

  • Provides for a systematic identification and management of risks
  • Enables independent review of data security practices
  • Provides a holistic, risk-based approach to secure information
  • Provides transparency and credibility to stakeholders
  • Provides internationally accepted criteria
  • Creates a market differentiation


Our Process of Audit

Initial Assessment

  • Information is gathered about the organisation. How the organisation works is reviewed.
  • The policies, procedures and other documents of the organisation are reviewed.

Gathering of Evidences

  • Evidences of all Audit points are gathered
  • The gaps are identified.
  • Areas of improvements shall be suggested wherever possible.

Writing Documentation

  • The report shall be made stating the observations corresponding to the guidelines.
  • The Compliance ,Non-Compliance and Need-For-Improvement points are clearly stated.

Presentation of the report

  • When the above steps are done ,presentation of the report shall be done
  • The final signed report is submitted to the client which can be shared to the regulatory body on request.


Xiarch is an ISO 9001:2015 | ISO 27001-2013 licensed Cyber Security Company and IT Services Company with solutions providers in Information Security like VAPT Services, Penetration Testing Services, Vulnerability Assessment Services, Among our consumers we proudly work for Government Organizations, Fortune one thousand Companies and countless start-up companies. We are additionally Value Added Partners, Authorized Re-sellers & Distributor of Leading Web Application Security Testing Tools.

We are headquartered in Delhi and have branch presence in Gurugram, Mumbai and Chennai - India

Contact our sales team @ +91 11-45510033 for further clarifications on above stated service, you can also reach us by an email at [email protected]. We’ll be great full to serve you. Happy Security.

Interested in our RBI NBFC Audit ?


New Delhi - Head Office

Xiarch Solutions Private Limited

Mumbai - Branch Office

Xiarch Solutions Private Limited