Saudi Cybersecurity
Compliance

Third Party Cybersecurity Standard (SACS-210)

Saudi Aramco mandates all third-party vendors and contractors to comply with SACS-210 to ensure the protection of Aramco's critical infrastructure. SACS-210 requires the implementation of the Cybersecurity Compliance Certificate (CCC) and CCC+.

• ✓ Gap Analysis & Risk Assessment
• ✓ Development of Cybersecurity Policies
• ✓ Implementation of Security Controls
• ✓ CCC / CCC+ Certification Support

SABIC CyberTrust Standard

SABIC’s comprehensive cybersecurity standard for suppliers. It is designed to mitigate risks from third-party ecosystems by ensuring vendors meet strict cybersecurity hygiene practices.

• ✓ Self-Assessment Questionnaire (SAQ) Support
• ✓ Evidence Collection & Review
• ✓ SABIC Audit Preparation
• ✓ Remediation Planning for identified gaps

Essential Cybersecurity Controls (ECC) Services

Protect Your Organization with NCA ECC Compliance

At Metrix Cyber Establishment, we help organizations across the Kingdom of Saudi Arabia achieve compliance with the National Cybersecurity Authority (NCA) Essential Cybersecurity Controls (ECC) framework. Our ECC services are designed to strengthen your cybersecurity posture, reduce operational risk, protect critical business assets, and ensure regulatory compliance.

We provide end-to-end ECC consulting, implementation, governance, assessment, remediation, and managed cybersecurity services tailored to organizations of all sizes and sectors.