Banks, insurers, finance companies and payment providers operating in the Kingdom of Saudi Arabia answer to the Saudi Central Bank (SAMA) and its mandatory Cyber Security Framework. The framework sets minimum requirements for protecting the information assets of regulated financial institutions and is assessed against a defined maturity model — meaning documented, demonstrable controls are non-negotiable. This toolkit equips SAMA-regulated entities and their partners with the policies, procedures and records needed to evidence compliance across the framework’s control domains.
What’s inside
- Cyber security governance policy, charter and strategy documents
- Cyber security risk management procedure and risk register
- Identity, access and privileged-access management procedures
- Network, application, data and cryptography security policies
- Third-party and cloud security management procedures
- Security operations, threat management and incident response plans
- Business continuity, awareness training and HR security records
- Compliance monitoring, internal audit and maturity self-assessment templates
The bundle provides 38 editable templates aligned to the domains and subdomains of the SAMA Cyber Security Framework.
Why institutions rely on this pack
- Assessment-focused: documentation is organised around SAMA’s control structure and its maturity-level expectations.
- Rapid deployment: a complete control library replaces months of internal drafting and mapping.
- Fully customisable: unlocked Word and Excel files ready to reflect your institution’s systems and governance.
- Cost-effective: a one-time purchase instead of an expensive regulatory-advisory engagement.
Get the SAMA Cyber Security Framework toolkit, populate it with your organisation’s details, and move confidently toward a compliant, audit-ready cyber security posture.























