Vietnam: Banks shall carry out backup to ensure data security

According to Article 22 of the Circular No. 09/2020/TT-NHNN of the State Bank of Vietnam, each institution shall carry out backup to ensure data security in accordance with the following provisions:

1. Compile the list of information systems that require to be replicated in which they are classified in order of importance, storage period, backup time, backup method and time of testing for system restoration from backup data.

2. Data stored in an information system of level 3 or higher must be automatically backed up on a basis that is consistent with the frequency of changes to data and ensures principle that any newly-generated data must be backed up within 24 hours. Data of other information systems shall be periodically backed up according to regulations adopted by each institution.

3. Data of an information system of level 3 or higher must be backed up in external storage devices (such as magnetic tapes, hard disks, optical discs or other storage devices), and must be safely retained and stored, and separated from the area where the source information system is install within the working day following the date in which the backup is completed.

4. Backup data stored in external storage devices shall be checked and restored on the following periodical basis:

- Every year, as regards information systems of level 3 or higher; or

- Every two years, as regards other information systems.

View more details at the Circular No. 09/2020/TT-NHNN of the State Bank of Vietnam, effective from January 01, 2021.

Thuy Tram

>> CLICK HERE TO READ THIS ARTICLE IN VIETNAMESE