Your access and use of SAMA Regulatory Rulebook and its content is considered as an acceptance and approval of commitment by you without any limitation or condition to the following:
SAMA Regulatory Rulebook is a platform that aims to assist the regulated entities to access SAMA regulatory content adeptly and efficiently.
SAMA Regulatory Rulebook is still on its development and soft launch stage. SAMA is not liable for its contents and does not warrant or represent that (the Services related to the platform, information or material presented in the platform) is displayed free of any inaccuracies, omissions, or errors (“Faults”). SAMA accepts no liability for any loss, claim or damage resulting from any use of the platform, and any decisions made, or actions taken based on the information contained in or generated by the platform.
SAMA Regulatory Rulebook has no legal effect and it does not aim to amend or revoke any legal provisions. The Rulebook still Contains some documents under review, including translated versions. Therefore, SAMA Regulatory content circulated through SAMA official channels remains in force.
Without prejudice to the terms of use of SAMA website Hereby, you acknowledge that any illegal, unauthorized use and/or any breach of any of these provisions may result in legal actions against you.
Effective from Feb 28 2017 - Feb 27 2017 To view other versions open the versions tab on the right
Principle
The business continuity governance framework should be defined, approved, implemented and maintained, which should be monitored by senior management. The business continuity structure should be defined and communicated to all relevant employees and third parties.
Objective
To direct, control and evaluate the overall approach to business continuity within the Member Organization
Control Consideration:
1.
Board of directors or a delegated executive member should have the ultimate responsibility for the BCM program.
2.
The board of member organization, or adelegated member of senior management should allocate sufficient budget to execute the required BCM activities,
3.
A BCM Committee should be established and mandated by the board of directors.
4.
Senior management, such as CRO, COO, CIO, CISO, BCM manager and other relevant departments should be represented in the business continuity committee.
5.
A business continuity committee charter should be developed and should reflect:
a.
Committee objectives
b.
Roles and responsibilities
c.
Minimum number of meeting participants
d.
Meeting frequency (minimum on quarterly basis)
6.
A BCM function should be established.
7.
A BCM manager/head should:
a.
Be appointed
b.
Have appropriate authority to manage the BCM program
c.
Be qualified and have appropriate experience, skills and competencies to implement and maintain the BCM program within the member organization
8.
The BCM function should be adequately staffed with qualified team members
9.
Cross-functional teams, consisting of strategic, tactical and operations team members should contribute in implementation and maintenance of the business continuity and disaster recovery plans.
