Cyber Security Company WithRight Technology Great Experience
Saudi Aramco Third Party Cybersecurity Standard (SACS-002) Cyber security attacks have grown exponentially over the past couple of years. With millions of users working from home attack vectors for ha...
Best in class software solutions for automation AND To secure critical IT infrastructure!
Saudi Aramco Third Party Cybersecurity Standard (SACS-002) Cyber security attacks have grown exponentially over the past couple of years. With millions of users working from home attack vectors for hackers are now easily available. To mitigate the cybersecurity risk from its suppliers network Saudi Aramco Third Party Cybersecurity Controls Program has been made mandatory. All suppliers, irrespective of classification, have to go through the Saudi Aramco Third Party Cybersecurity Controls Program.
Saudi Aramco Third Party Cybersecurity Standard (SACS-002)
Cyber security attacks have grown exponentially over the past couple of years. With millions of users working from home attack vectors for hackers are now easily available. To mitigate the cybersecurity risk from its suppliers network Saudi Aramco Third Party Cybersecurity Controls Program has been made mandatory. All suppliers, irrespective of classification, have to go through the Saudi Aramco Third Party Cybersecurity Controls Program.
What is the Saudi Aramco Third Party Cybersecurity Standard (SACS-002)?
Third Party Cybersecurity Standard (SACS-002) is a list of controls, named TPC (Third party Controls), wherein the supplier needs to show compliance. It is set of 84 TPC (Third party Controls) divided into two sections. Depending on supplier classification the TPC of the Section is applicable. For General Requirement classified supplier 24 TPC in the Section VII (A) are applicable. Most of the suppliers are expected to fall into this classification only.
How many type of certificates are part of the Saudi Aramco Third Party Cybersecurity Controls Program?
1. Cybersecurity Compliance Certificate - CCC. This is applicable to General Requirements, Outsourced Infrastructure and Customized Software classified companies. The approach is through a self-compliance assessment against SACS-002, completed by the company, and verified remotely by the Authorized Audit Firm.
How does Saudi Aramco classify suppliers?
1. General Requirement: Any supplier that engages is any form of business mainly trading of items. All suppliers irrespective of supply type are part of General Requirement.
Get in touch with 9T9 Information Technology
Reach us directly for ERP consultation, cyber security assessment, or implementation support.