πŸ‡ΈπŸ‡¦ Saudi Financial SectorSaudi Arabian Monetary Authority Β· CSF

SAMA CSF Compliance,
Automated

The Saudi Arabian Monetary Authority Cybersecurity Framework is mandatory for all SAMA-regulated institutions. NetGuard automates 31 controls across 5 domains β€” with continuous monitoring and instant audit reports.

Request a Proposal β†’See how it works β†’
31 controls automated
5 SAMA domains
24h incident alerting
Who must comply

All SAMA-regulated entities

If SAMA has issued your license or regulates your activities, SAMA CSF is mandatory.

Banks (conventional and Islamic)
Insurance companies and takaful
Fintech companies and payment service providers
Money exchange companies
Financing companies
Framework structure

31 controls across 5 SAMA domains

NetGuard maps your AWS, Okta, and firewall configurations to each SAMA domain automatically.

Domain 1
Cybersecurity Leadership & Governance
7 controls
Board oversightCISO appointmentCybersecurity policyAwareness & trainingReporting structure
Domain 2
Cybersecurity Risk Management
6 controls
Risk assessmentVendor riskThird-party assessmentsRisk registerRisk acceptance
Domain 3
Cybersecurity Operations & Technology
9 controls
IAM & MFA (Okta)Network security (Palo Alto)Endpoint protectionEncryption (AWS)SIEM & logging
Domain 4
Third-Party Cybersecurity
4 controls
Supplier risk managementContract requirementsOngoing assessmentsCloud provider controls
Domain 5
Cybersecurity Resilience
5 controls
Business continuity (BCP)Disaster recovery (DRP)Incident responseRecovery testingRecovery time objectives
Critical requirements

SAMA requirements that need automation

⏱️
24-Hour Incident Reporting
SAMA requires reporting cyber incidents within 24 hours. NetGuard's real-time drift detection and alerting ensures you know about control failures immediately β€” maximizing your response window.
πŸ”
Annual Penetration Testing
SAMA requires annual penetration testing. NetGuard tracks your pentest schedule, findings, and remediation status automatically β€” so you always have evidence ready for your assessor.
πŸ“‹
Board-Level Governance
SAMA requires board-level cybersecurity oversight. NetGuard generates board-ready compliance dashboards and reports at the click of a button β€” no manual preparation required.
How it works

SAMA audit-ready in 3 steps

01
πŸ”Œ
Connect integrations
Connect AWS, Okta, and Palo Alto in under 30 minutes. Read-only access β€” NetGuard only observes, never modifies your infrastructure.
02
⚑
Run SAMA CSF scan
NetGuard evaluates all 31 controls across all 5 SAMA domains β€” with continuous monitoring between scans to catch drift immediately.
03
πŸ“„
Download audit package
Export board-ready dashboards and full evidence packages organized by SAMA domain. Your assessor gets everything they need.
Comparison

Manual SAMA compliance vs NetGuard

ManualNetGuard
Time to audit-ready3–6 monthsDays
24h incident alertingManual monitoringAutomated
Board reportingManual preparationOne click
Pentest trackingSpreadsheetsAutomated
Continuous monitoringβŒβœ…
Monthly cost$5,000–15,000$599
Automate your SAMA CSF compliance
Growth plan Β· $599/month Β· All 31 SAMA controls Β· Board reports included
Request a Proposal β†’Talk to sales
FAQ

Common questions

Who must comply with SAMA CSF?β–Ύ
All SAMA-regulated entities: banks, insurance companies, takaful operators, fintech firms, payment service providers, money exchange companies, and financing companies.
Does NetGuard replace a SAMA audit?β–Ύ
No. SAMA audits are conducted by external auditors. NetGuard automates evidence collection and continuous monitoring β€” you arrive at your SAMA audit already prepared.
How does NetGuard handle the 24-hour incident reporting requirement?β–Ύ
NetGuard's real-time drift detection alerts you immediately when a control fails β€” giving you maximum time to assess, respond, and notify SAMA within the 24-hour window.
Does NetGuard track annual penetration test requirements?β–Ύ
Yes. NetGuard tracks your penetration testing schedule, records findings, and monitors remediation status β€” so you always have evidence ready for your SAMA assessor.

Ready to automate your SAMA CSF compliance?

Connect integrations in 30 minutes. Full SAMA audit package and board dashboards generated automatically.

Request a Proposal β†’
14-day free trial Β· No credit card Β· Cancel anytime
Also supports CBB CSF for operations in Bahrain.