Aditya Birla Sun Life AMC Limited

Basil Dange Chief Information Security Officer

Functional Heads

Mr. Basil Dange joined Aditya Birla Sun Life AMC Limited in March 2022 as a Cyber Information Security Officer (CISO) and is responsible for managing Organization’s Cyber Security by orchestrating people -process-technology towards achieving business objectives of the organisation with respect to information security standards.


He brings over 13 years of rich experience in Information technology, cybersecurity, and risk management. Prior to joining the company, he served role of managing Cyber Security Risk with IndusInd Bank. He was also associated with Kotak Bank Ltd., CRISIL Ltd. LTD, 3I-Infotech Ltd etc. in past in similar capacities.

He holds a bachelor’s degree in Electronic Telecommunication from the University of Mumbai along with core competency courses such as Certified Information Security Manager (CISM) .

Roles & Responsibilities with respect to Risk Management Roles & Responsibilities with respect to Risk Management
Sn
Particulars
1
Formulate and implement Information Security and Cyber security risk management policies
2
Provide relevant information to CRO regarding the information Security and Cyber risks
3
For the relevant functional risks, identify, analyze and report the following to the CRO and CEO along with recommended action plan for:
  • Early warning signals
  • Emerging risks
  • Major findings
Ensure escalation of such incidents to CEO and CRO
4
Ensure adherence to the guidelines pertinent to SEBI in respect of RMF and relevant principles thereunder including risk identification, risk management, risk reporting (both periodic and escalation of material incident) and corrective actions taken.
5
Responsible for the governance (incl. reputation and conduct risk associated for the respective function)
6
Maintaining risk level as per the risk metric
7
Define specific responsibilities regarding risk management of key personnel reporting to CISO
8
Undertake immediate corrective action for non-compliance or major finding post approval from CEO as per DoP and shall report to CRO regarding the risk reports.
9
Perform adequate due diligence of outsourced vendors prior to onboarding
10
Ensure periodic assessment of outsourced vendors considering following elements:
  • Review of vendors' people, systems and processes
  • Documentation and communication of error tolerance and code of conduct and monitoring breaches
  • Monitor fraud vulnerabilities in the outsourced process.