سامي
سامي الغامدي
مستشار Fyntralink · متاح الآن
مدعوم بالذكاء الاصطناعي · Fyntralink
0536890919 info@fyntralink.com
SAMA CSCC SAMA CSF NCA ECC ISO 27001

SAMA CSF Compliance

Assessment and preparation for compliance with the Cybersecurity Framework (CSF) issued by the Saudi Central Bank (SAMA)

Book a consultation Learn more
4 Compliance tags
5 Deliverables
24/7 Support

Overview

What we deliver

We assess your SAMA CSCC compliance level for the financial sector and prepare a comprehensive remediation plan covering the five domains: Governance, Risk, Controls, Operations, and Recovery.

SAMA compliance assessment report
Domain-specific remediation roadmap
SAMA-aligned policy templates
Implementation support
Final compliance report

Scope & audience

Who is this for?

CISOs and Compliance Officers in Banks · Insurance · Exchange Companies · SAMA-regulated Fintechs

Coverage

  • Gap analysis against target frameworks
  • Control prioritization by impact
  • Compliance roadmap

Methodology

How we deliver

SAMA CSCC 2017 · SAMA CSF · NIST CSF

1

Discover

Assess current-state control maturity and gaps.

2

Assess

Design governance ownership and approval pathways.

3

Roadmap

Prioritize remediation by business impact and capacity.

4

Support

Track execution with periodic checkpoints.

Why Fyntralink

What sets us apart

Five domains coverage

Comprehensive assessment covering all SAMA CSCC domains: Governance, Risk, Controls, Operations, Recovery

Financial sector expertise

Our team understands the nature of banks, insurance, and fintech operations and their specific requirements

Ready-to-use templates

Ready-made policy and procedure templates aligned with SAMA requirements

External audit support

We accompany you through the external audit process and respond to auditor inquiries

Frameworks & regulations

Supported frameworks

SAMA CSCC Compliance
SAMA CSF Compliance
NCA ECC Compliance
ISO 27001 Compliance

FAQ

Common questions, clear answers

How long does a SAMA CSF compliance project take?
Duration ranges from 8-16 weeks depending on organization size and current compliance level, with clear deliverables at each phase.
Do we need SAMA CSF if we already have ISO 27001?
Yes, SAMA CSCC is a mandatory regulatory requirement independent of ISO 27001, though the latter facilitates compliance with many SAMA controls.
What is the difference between SAMA CSCC and SAMA CSF?
SAMA CSCC is the detailed operational framework with specific controls, while CSF is the broader strategic framework. We cover both in our service.

Get started

Ready to elevate your compliance?

Discuss your requirements with our advisory team. We define scope early to keep delivery aligned.

يبدأ من 30,000 ريال للمشروع

Contact us for a tailored quote