Skip to main content

3.2.5 Cyber Security Audits

No: 381000091275 Date(g): 24/5/2017 | Date(h): 28/8/1438 Status: In-Force

Effective from May 24 2017 - May 23 2017
To view other versions open the versions tab on the right

Principle

The cyber security status of the Member Organization’s information assets should be subject to thorough, independent and regular cyber security audits performed in accordance with generally accepted auditing standards and SAMA cyber security framework.

Objective

To ascertain with reasonable assurance whether the cyber security controls are securely designed and implemented, and whether the effectiveness of these controls is being monitored.

Control considerations

1.Cyber security audits should be performed independently and according to generally accepted auditing standards and SAMA cyber security framework.
 
2.Cyber security audits should be performed according to the Member Organization’s audit manual and audit plan.