SAMA Framework

Reach SAMA CSF Standards in Half the Time

AttestPath’s smart AI-enabled solution simplifies compliance with the Saudi Central Bank (SAMA) Cyber Security Framework — aligning controls, handling risks, and maintaining documentation ready for regulatory review.

Book a Demo See the Process
SAMA Readiness Live
Regulator Saudi Central Bank
Framework Cyber Security CSF
Maturity 4-level model
Domains 4 main domains
AI recommends: Cyber Security governance + maturity uplift plan

Capabilities

Complete Support for SAMA

Our solution delivers every feature and direction financial organizations under regulation require to align with the SAMA Cyber Security Framework.

SAMA — SAMA Framework Alignment

SAMA Framework Alignment

Connect your systems with the SAMA Cyber Security Framework categories and sections, supported by AI-driven recommendations for the safeguards relevant to your organization.

  • Support for all four CSF categories
  • Integrated mapping with ISO 27001 and NIST standards
  • Shared evidence applied across matching requirements
  • Score SAMA maturity, build roadmaps, and generate board reports.
  • Automate testing, track risks, and export regulator-ready evidence.
Learn More

What’s covered

SAMA CSF Categories

The SAMA Cyber Security Framework is structured around key focus areas. AttestPath supports the execution and documentation of every requirement.

Cyber Security Leadership

Build strong oversight, clear direction, internal guidelines, and an effective cyber risk strategy.

Compliance & Risk Oversight

Recognize and address cyber-related threats while proving alignment with regulatory standards.

Cyber Security Management

Maintain preventive and monitoring safeguards across platforms, infrastructure, and information.

Vendor Cyber Security

Control cyber-related risks associated with external partners and third-party providers.

Capability Maturity Framework

Achieve and maintain the maturity benchmark expected by the Saudi Central Bank.

Cyber Incident Response

Identify, manage, and communicate cyber security events according to SAMA guidelines.

How it works

Your Route to SAMA Alignment

A streamlined, technology-powered process to achieve the requirements of the SAMA Cyber Security Framework.

01

Evaluation & Compliance Review

Review your existing security position against SAMA CSF categories and capability benchmarks.

02

Safeguard Deployment

Apply essential measures using structured templates and intelligent AI-based suggestions.

03

Capability Enhancement

Address weak areas and improve maturity to satisfy regulatory expectations.

04

Compliance Documentation

Maintain well-structured records and generate reports ready for SAMA evaluations and inspections.

4
CSF categories
2x
Quicker to prepare
100%
Protection scope
24/7
Continuous supervision

FAQ

SAMA Queries, Clarified

Entities supervised by the Saudi Central Bank (SAMA) — such as banking institutions, insurers, and finance providers operating within Saudi Arabia — are generally required to align with the framework.

SAMA applies a structured maturity-based approach with established levels. Organizations are reviewed based on the effectiveness and maturity of controls across different framework areas. AttestPath evaluates your maturity rating and creates a path toward the desired benchmark.

Absolutely. A large number of SAMA CSF requirements correspond with ISO 27001 and NIST standards. AttestPath links frameworks together so one control and its supporting documentation can meet several compliance requirements.

AttestPath keeps your controls, maturity ratings, and supporting evidence consistently structured and ready to export, helping you respond efficiently to SAMA evaluations and internal reviews.

Close Bigger Deals Today, Without
Hiring a Compliance Team

Book a Demo