framework

Cloud Cybersecurity Controls (CCC-2: 2024)

Issuing bodyNCA
CountrySaudi Arabia
RegionNational
Date issued2024
cloud securitycybersecurity frameworkregulatory compliance

The Cloud Cybersecurity Controls (CCC-2: 2024) framework, issued by the NCA of Saudi Arabia, outlines cybersecurity controls for cloud services. It aims to establish a baseline for cloud security practices within the Kingdom, updating the previous version (CCC-1: 2020) to reflect current cybersecurity requirements and industry updates. The Arabic version of the document is the binding version.

Key requirements
  • Implement controls in accordance with the laws of the Kingdom of Saudi Arabia.
  • Adhere to the Arabic version of the document for interpretation.
  • Comply with updated versions of the CCC as published by the NCA.
Applies to: Organizations utilizing cloud services within the Kingdom of Saudi Arabia
View original document ↗Ask GCC LexAI about this →
More from NCA
Cloud Cybersecurity Controls Implementation Guide for CSPsCloud Cybersecurity Controls Implementation Guide for CSTsCritical Systems Cybersecurity Controls (CSCC-1: 2019)Critical Systems Cybersecurity Controls Implementation GuidelinesData Cybersecurity Controls (DCC-1: 2022)Essential Cybersecurity Controls (ECC-2: 2024)
AI-generated summaries only. Arabic originals are legally binding. This is not legal advice. · ← All documents