2.10.33:Insolvency and Bankruptcy Board of India (Information Utilities) Regulations, 2017.
33. Risk management.
An information utility shall establish an appropriate risk management framework in accordance with the Technical Standards, if any, which provides for matters, including-
(a) reliable, recoverable and secure systems;
(b) provision of core services during disasters and emergencies; and
(c) business continuity plans which shall include disaster recovery sites.