Cybersecurity Compliance Certificate
Purpose
(Cybersecurity Compliance Certificate)Third Party Cybersecurity Standard (TPCS) sets forth the minimum Cybersecurity requirements for Saudi Aramco Third Parties to protect Saudi Aramco from possible cyber threats and strengthen Third Parties’ security posture.
Scope
This Standard applies to All Third Parties engaging with Saudi Aramco through contractual agreements.
Ready to start compliance process ?!
The standard consists of four major components:
Identify Third Party Cybersecurity Controls For Cybersecurity Compliance Certificate
The identification component consists of four parts:
Protect
Protection consists of four parts:
Respond
Response consists of three parts:
incident management policy and plan
The incident response capability and tracking of all cybersecurity incidents
Detect Third Party Cybersecurity Controls For Cybersecurity Compliance Certificate
Detection consists of two parts:
Multiple physical security measures must be implemented to prevent unauthorized access to facilities. Entrances and exits must be secured with authentication card key, door locks and monitored by video cameras.
Cybersecurity Compliance Certificate
How long does it take to implement the CRF in an organization?
It depends on the size of the organization, the field in which it operates, the number of employees, the state of the current policies implemented, and the number and type of ICT components within its infrastructure. Some organizations can roll out the SACS-002 Standard (CCC) in a few weeks, others may require months or years. If you are interested in implementing the SACS-002 Standard (CCC) in your organization, contact us to schedule a gap analysis audit and get a better assessment of the lead time and the costs.
Contact Us
Reach out to Smart-Contract Team today to see how we can help you with your Aramco compliance needs.
Send your message and we will contact you immediately