Official Standard

SACS-002 Cybersecurity Standard

The official standard for Saudi Aramco CCC certification

26

Pages

Official

Document

Free

Download

Standard Overview

Our download provides the complete and official SACS-002 Third Party Cybersecurity Standard. This document outlines the minimum cybersecurity controls required by Saudi Aramco for all contractors and suppliers.

What's Included

The Complete SACS-002 Standard: The full 26-page document outlining all cybersecurity requirements.
General & Specific Controls: Details on the mandatory General Requirements and additional controls for different vendor types.
Incident Response Instructions: The official appendix detailing Aramco's mandatory incident reporting protocol.
Auditing Event Requirements: The official appendix listing all system events that must be logged for compliance.

Official Compliance Document

The official standard published by Saudi Aramco, essential for any organization pursuing CCC certification.

Format: PDF

Pages: 26 Pages

Language: English

Key Sections in the Standard

Comprehensive coverage of all cybersecurity areas required for Aramco CCC certification.

A

General Requirements (Section A)

The 23 mandatory controls for all third parties, covering Governance, Access Control, Data Security, and more.

B

Specific Requirements (Section B)

Additional controls for vendors with network connectivity, those processing critical data, or providing cloud services.

A

Appendix A - Incident Response

Detailed, step-by-step Cybersecurity Incident Response Instructions that must be followed.

C

Appendix C - Audit Events

A complete list of all system and security events that must be capable of being audited.

Ready for Your SACS-002 Audit?

Download the official SACS-002 standard and get expert guidance from our certified compliance professionals.

Get Expert Consultation