Appendix A - Overview Previous Issued SAMA Circulars

No: 381000091275

Date(g): 24/5/2017 | Date(h): 28/8/1438

Status: In-Force

The Framework Supersedes the following previously issued SAMA circulars:
	Assessment of protection and information security systems for all banks, 25514-MAT-53331, 25/10/2012;
	Enhance monitoring controls over ATMs, 49616-MAT-24388, 8/9/2012;
	Requirements to reduce DoS/DDoS attacks, 361000033746, 24/12/2014;
	Cards Cloning, 361000078157, 19/3/2015;
	Independency of Information Security, 361000036797, 30/12/2014;
	Caution from electronic fraud, 17722-MAT, 29/6/2011;
	Confidentiality of banking information, 341000065707, 6/4/2013;
	SAMA regulation about mobile banking, 341000096665, 16/6/2013;
	Using forged ATM cards to withdrawals from client accounts, 644/MAT/33043, 24/6/2009;
	Token service, 341000071570, 18/4/2013;
	E-Banking Rules, 11231-MAG-23612, 9/4/2010;
	Multi-factor authentication, 789/MAT/40690, 6/8/2009.
The framework refers to the following SAMA circulars or documents with regard to Payment Systems:
		For Saudi Arabian Riyal Interbank Express (SARIE) information, please refer to the SARIE Information Security Policy, Version Issue 1.0 - June 2016.
		For mada information, please refer to the following sections in the mada Rules and Standards Technical Book (see appendix A):
			Part IIIa - Security Framework, Version Issue 6.0.0 - May 2016
			Part IIIb - HSM Requirements, Version Issue 6.0.0 - May 2016
			SAMA CA IPK Certificate Procedures, Version Issue 6.0.1 - October 2016
The framework refers to the following SAMA circulars or documents with regard to outsourcing and business continuity management:
	Rules on outsourcing, 424-BCS-34720, 20/7/2008;
	Business Continuity Framework, 381000058504, 01/06/1438H