CCDS GRC & Consultation Services

GRC Services

The cyber security landscape is changing as it is becoming more crucial to the growth of organizations as a result of living in a world of rapid digital transformation. The traditional approach to cyber security does not align properly with current business goals and provide the appropriate level of assets’ protection.

To help organizations overcome these challenges, CCDS provides a wide range of governance risk and compliance (GRC) services including advisory, design and implementation services to meet the individual needs of each customer. These services range from establishing a strategic direction for your cyber security program to providing detailed technical evaluations of IT assets.

We use our high-level expertise in the field while working closely with our customers to provide best in class governance risk and compliance (GRC) services. Regardless of the maturity of your cyber security program, CCDS can help your organization improve its ability to deal effectively with cyber security challenges.

Saudi Local Framework

SAMA – Saudi Arabian Monetary Authority

SAMA CSF
SAMA IT GOVE
SAMA BCP
SAMA CTI
SAMA PHYSICAL SECURITY

NCA – National Cybersecurity Authority

The NCA is the government entity in charge of cybersecurity in Saudi Arabia and serves as the national authority on its affairs.

  • The Saudi Cybersecurity Workforce Framework (SCyWF)
  • The National Cryptographic Standards
  •  The Saudi Cybersecurity Higher Education Framework
  •  The National Policy for Managed Security Operations Centers
  •  The regulatory Framework for Licensing Managed Security Operations Center Services

CITC – Communication & Information Technology Commission

It is our responsibility to enable an innovative communications infrastructure, while ensuring that services provided within the Kingdom meet the accessibility, performance, fairness and value standards that we set.

ARAMCO SACS-002

The CCC Program was established to ensure all Saudi Aramco third parties are in compliance with the cybersecurity requirements in the Third Party Cybersecurity Standard (SACS-002).

Insurance Authority

The regulator for the insurance sector of the Kingdom of Saudi Arabia. Shaping a dynamic sector centred around:

  • Stability and financial soundness
  • Policyholder protection
  • Sector growth and development
  • Insurance awareness

International Framework

ISO – International Standard Organization

The International Organization for Standardization is an international standard development organization composed of representatives from the national standards organizations of member countries.
CCDS certifications  |  ISO 27001  |  IS0 27005  |  ISO 20000

Security Standard Council

The PCI Security Standards Council’s mission is to enhance global payment account data security by developing standards and supporting services that drive education, awareness, and effective implementation by stakeholders.

NIST – National Institute of Standards & Technology

 NIST (National Institute of Standards and Technology) is a non-regulatory agency under the US Department of Commerce. Its primary role is to develop standards (particularly for security controls) that apply to various industries.

Saudi Central Bank (SAMA)

Counter Fraud

Regulatory Framework

At CCDS, we help financial institutions and organizations comply with the Saudi Central Bank’s Counter Fraud Fundamental Requirements through expert guidance, audits, and implementation support.

Our Services:

  • Fraud Risk Assessment
    Identify, analyze, and address potential fraud risks regularly.
  • Fraud Prevention & Detection
    Apply strong internal controls, segregation of duties & monitoring systems.
  • Policies & Procedures
    Establish clear anti-fraud policies, reporting channels & response mechanisms.
  • Awareness & Training
    Educate employees & stakeholders on fraud risks, red flags & reporting.
  • Fraud Response & Investigation
    Ensure prompt, fair & confidential investigation of all suspected cases.
  • Regulatory Alignment & Reporting
    Ensure ongoing compliance with SAMA’s Counter Fraud guidelines, with proper documentation and regulatory reporting.

Zero Tolerance for Fraud

A National Commitment of the Kingdom of Saudi Arabia. Fraud undermines trust, damages reputation & brings legal consequences.