SAMA Cyber Security Framework in Saudi Arabia

Home » Home-Saudi Arabia » SAMA Cyber Security Framework in Saudi Arabia

What is SAMA CSF

The Saudi Central Bank (SAMA) has undertaken the responsibility to improve Cyber Resilience by adopting the Industry best practices, Standards and other Frameworks and thus formulating the SAMA Cyber Security Framework. SAMA mandated the entities across all sectors to be compliant with the Cyber Security Framework and thus achieve the minimum level of security compliance requirements which will enable it to manage and withstand the cyber security threats.

ValueMentor helps customers improve their Cyber Resilience with SAMA Cyber Security Framework

SAMA CSF GAP Assessment

Assess the current state of your SAMA CSF Compliance using the SAMA CSF gap assessment methodology.

SAMA CSF Risk Assessment

Perform SAMA CSF risk assessment based on the SAMA Cyber Risk Management Framework

SAMA CSF Risk Treatment Plan

Develop Risk Treatment Plans to remediate the gaps and risks identified to acceptable levels.

SAMA CSF Policies & Procedures

Our security analysts will develop the required Information Security policies and procedures for you.

Security Testing

Perform periodic vulnerability assessments and penetration testing

Security Awareness

All your employees receive security awareness through the cloud portal helping you improve the human side of security.

Technology Implementations

Advisory on remediation of technology gaps and implementation of technical controls

SAMA CSF Progress Reviews

Perform periodic SAMA CSF Implementation progress reviews to measure the maturity level

SAMA CSF Internal Audits

Internal audits help you identify deviations from the defined SAMA CSF policies and procedures

Would you like to speak to a SAMA CSF Consultant?

CONTACT US

Phase 1 – Assessment

The first phase of a SAMA CSF Compliance project is to assess the current state of compliance.

Identify Critical Assets

Project Initiation
Understand the organization
Identify critical business services
Identify information infrastructurE

Gap & Risk Assessment

Assessment of current state and mapping it to SAMA CSF Standard
Identification of threats and vulnerabilities exploiting the gaps resulting in risk.

CSF Controls Identification

Identify cybersecurity controls that can mitigate the risks and thereby result in SAMA CSF Compliance.
Define SAMA CSF Risk treatment plan

SAMA CSF Compliance Reports

Develop the SAMA CSF compliance reports

Phase 2 – Control Development

This second phase of the project is to develop the controls to treat the risks identified. SAMA CSF Risk Treatment Plan provides the directions for this phase of the implementation.

Policies & Procedures

Policies and procedures provide the basis for implementing cybersecurity within the organization.

Security Awareness

Humans are often considered the weakest link in cyber security. Security awareness improves the cyber security posture.

Technology Controls

Security Architecture
Technology gaps
Configuration advisory

Management Controls

Operational controls
Physical Security
Managerial Controls

Phase 3 – Security Services

This phase of the engagement supplements existing security practices in the organization. Some of the key service performed by ValueMentor team are:

Periodic Security Testing

Vulnerability Assessments
Penetration Testing
Security configuration reviews

SIEM & Incident Response

SIEM Solution deployment
24×7 Security Monitoring
Security Device Management

Managed Network Security

Next-Gen Firewalls, UTMs
URL Filter, Web Security
Wi-Fi Security
VPN and remote access securit

Data & Endpoint Security

DLP Solutions
Patch Management
Endpoint security
Mobile Device Management

Phase 4 – Compliance Review

Periodic review of the SAMA CSF Compliance status is critical for the success of the Information Security Management System.

ISMS Performance Review

Assess the performance of the ISMS against the defined metrics. This is a key measure towards continual improvement of the ISMS

SAMA CSF Internal Audits

Perform periodic ISMS audits to assess the compliance to the defined policies and procedures

Mock Compliance Audit

Perform mock compliance audits help you identify the weak areas of ISMS implementation.

External Audit Support

Assist the customer during the compliance audit to meet the required SAMA CSF requirements.

Would you like to speak to a SAMA CSF Consultant?

CONTACT US

NEWS & EVENTS

Related Insights

Read all articles

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_V0CDDJSLJR	2 years	This cookie is installed by Google Analytics.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

sales@valuementor.com

SAMA Cyber Security Framework in Saudi Arabia

What is SAMA CSF

ValueMentor helps customers improve their Cyber Resilience with SAMA Cyber Security Framework

SAMA CSF GAP Assessment

SAMA CSF Risk Assessment

SAMA CSF Risk Treatment Plan

SAMA CSF Policies & Procedures

Security Testing

Security Awareness

Technology Implementations

SAMA CSF Progress Reviews

SAMA CSF Internal Audits

Would you like to speak to a SAMA CSF Consultant?

Phase 1 – Assessment

Identify Critical Assets

Gap & Risk Assessment

CSF Controls Identification

SAMA CSF Compliance Reports

Phase 2 – Control Development

Policies & Procedures

Security Awareness

Technology Controls

Management Controls

Phase 3 – Security Services

Periodic Security Testing

SIEM & Incident Response

Managed Network Security

Data & Endpoint Security

Phase 4 – Compliance Review

ISMS Performance Review

SAMA CSF Internal Audits

Mock Compliance Audit

External Audit Support

Would you like to speak to a SAMA CSF Consultant?

Related Insights

Cyber Incident Exercising Services

iOS Pentesting Series Part 3- The Ceasefire

Information Security Log Baseline Requirements

Company

Services

Global Services

Stay Connected

David Joseph