SAMA Cyber Security Framework
Cybersecurity
Financial Services
Financial institutions regulated by the Saudi Arabian Monetary Authority must demonstrate compliance with the SAMA Cybersecurity Framework, which establishes mandatory security requirements across four domains — Leadership and Governance, Risk Management and Compliance, Operations and Technology, and Third-Party Security. This assessment examines your institution's cybersecurity maturity against SAMA's specific expectations, including online services security, payment card and SWIFT environment controls, and cloud computing governance. It reflects the framework's alignment with international standards while addressing the Kingdom's regulatory context.
11
Domains
33
Questions
~33 min
Estimated Time
What You'll Be Assessed On
Entity & Scope Classification
Applicability Check
3 questions
Cyber Security Governance (3.1.1–3.1.3)
3 questions
Cyber Security Roles, Training & Awareness (3.1.4–3.1.7)
4 questions
Risk Management & Compliance (3.2.1–3.2.4)
4 questions
Asset Management & Information Protection (3.3.1–3.3.4)
2 questions
Identity & Access Management (3.3.5–3.3.7)
3 questions
Infrastructure & Network Security (3.3.8–3.3.10)
3 questions
Application Security & Change Management (3.3.11–3.3.12)
2 questions
Security Monitoring, Incident & Continuity (3.3.13–3.3.16)
4 questions
Third-Party Cyber Security (3.4.1–3.4.3)
3 questions
Physical & Endpoint Security (3.3.3–3.3.4)
2 questions
Step-by-Step
Answer questions one domain at a time with progress tracking.Instant Scoring
Get a weighted maturity score and per-domain breakdown immediately.Actionable Roadmap
Receive a phased remediation plan tailored to your results.
Takes approximately 33 minutes to complete.