Skip to main content
Custom print
Download Original PDF

1.1 Introduction to the Framework

No: 43028139 Date(g): 4/11/2021 | Date(h): 29/3/1443

Effective from 2021-11-04 - Nov 03 2021
To view other versions open the versions tab on the right

The current digital society has high expectations of flawless customer experience and continuous availability of services. The advancement of information technology ("IT") has brought rapid changes to the way businesses and operations are being conducted in the financial sector. Although IT plays an essential role combined with today's environment, it also exposes financial institutions to dynamically evolving IT risks.

In this regard, Saudi Arabia Monetary Authority ("SAMA") has established an Information Technology Governance Framework ("the Framework") to enable organizations regulated by SAMA ("the Member Organizations") to effectively identify and address risks related to IT. The objective of the Framework is as follows:

  1. To create a common approach for addressing IT risks within the Member Organizations.
  2. To achieve an appropriate maturity level of IT controls within the Member Organizations.
  3. To ensure IT risks are properly managed throughout the Member Organizations.