3.2.5 Cyber Security Audits
| No: 381000091275 | Date(g): 24/5/2017 | Date(h): 28/8/1438 |
Effective from May 24 2017 - May 23 2017
To view other versions open the versions tab on the right
Principle
The cyber security status of the Member Organization’s information assets should be subject to thorough, independent and regular cyber security audits performed in accordance with generally accepted auditing standards and SAMA cyber security framework.
Objective
To ascertain with reasonable assurance whether the cyber security controls are securely designed and implemented, and whether the effectiveness of these controls is being monitored.
Control considerations
| 1. | Cyber security audits should be performed independently and according to generally accepted auditing standards and SAMA cyber security framework. |
| 2. | Cyber security audits should be performed according to the Member Organization’s audit manual and audit plan. |