Your access and use of SAMA Regulatory Rulebook and its content is considered as an acceptance and approval of commitment by you without any limitation or condition to the following:
SAMA Regulatory Rulebook is a platform that aims to assist the regulated entities to access SAMA regulatory content adeptly and efficiently.
SAMA Regulatory Rulebook is still on its development and soft launch stage. SAMA is not liable for its contents and does not warrant or represent that (the Services related to the platform, information or material presented in the platform) is displayed free of any inaccuracies, omissions, or errors (“Faults”). SAMA accepts no liability for any loss, claim or damage resulting from any use of the platform, and any decisions made, or actions taken based on the information contained in or generated by the platform.
SAMA Regulatory Rulebook has no legal effect and it does not aim to amend or revoke any legal provisions. The Rulebook still Contains some documents under review, including translated versions. Therefore, SAMA Regulatory content circulated through SAMA official channels remains in force.
Without prejudice to the terms of use of SAMA website Hereby, you acknowledge that any illegal, unauthorized use and/or any breach of any of these provisions may result in legal actions against you.
Effective from Feb 28 2017 - Feb 27 2017 To view other versions open the versions tab on the right
Principle
The Member Organization should define, approve and implement a crisis management plan that would facilitate a well-managed response for major incidents, including rapid communication to ensure overall safety to both internal and external stakeholders.
Objective
To ensure the Member Organization has effective crisis management plan in place and up-to-date for critical member organization products, services, business functions and processes, in case of a disruptive incident.
Control considerations
1.
A crisis management plan should be defined, approved and implemented.
2.
The compliance with the crisis management plan should be monitored.
3.
The effectiveness of the business continuity program within the crisis management plan should be measured and periodically evaluated.
4.
The Member Organization should document a crisis management plan(s) that define(s) how crisis resulting from a major incident(s) will be addressed and managed, and should include at least:
a.
Criteria for declaring a crisis.
b.
The member organization should establish a command center for centralized management and an emergency command center.
c.
Crisis-management team members. Considering representatives of the critical products, services, functions and processes of the Member Organization (including Communications department)
d.
Contact details of those who are part of the crisis management team (including third-parties)
e.
Definition of the steps to be taken during and after a crisis or disaster (including the mandates required)
f.
Communication plan including the media response plan, to address the communication with the internal and external stakeholders during crisis.
