NBBL Security & Risk Certifications
NPCI Bharat BillPay Limited (NBBL) has been certified for ISO 22301:2019 (Business Continuity Management System) and ISO 27001:2022 (Information Security Management systems) and ISO 27701:2019 (Privacy Information Management System) across all our office locations.
These certifications apply to NBBL’s products including
These certifications apply to NBBL’s products including
- Bharat Connect
- Banking Connect
- Bharat Connect for Business
- ISO 22301:2019 Standard – NBBL is certified for a Business Continuity Management System (BCMS) that supports availability of services during disruptions. It includes defined recovery targets, resilient architecture, disaster recovery readiness, and periodic drills to help ensure continuity.
- ISO 27001:2022 Standard – NBBL is certified for an Information Security Management System (ISMS) that helps protect information and systems through a structured, risk-based approach. This includes defined security policies, strong access controls, encryption for data in transit and at rest, secure key management, secure development practices, and continuous monitoring.
- ISO 27701:2019 Standard – NBBL has achieved certification for a Privacy Information Management System (PIMS) which demonstrates dedication to protecting privacy and handling personal information responsibly. ISO 27701 extends the principles of ISO 27001, ensuring a thorough approach to managing information security and privacy.
Our Commitment to Security & Compliance (SOC 2 Type II)NBBL maintains compliance with Service Organization Control 2 (SOC 2) standards, as established by the American Institute of Certified Public Accountants (AICPA). We have successfully obtained SOC 2 Type II attestation reports for NBBL operations, reflecting our commitment to strong security practices, reliable service delivery, and responsible data handling.What This Means for YouA SOC 2 Type II report provides independent third-party assurance on both:
- the design of our controls, and
- the operating effectiveness of those controls over a defined period of time.