SAMA IT Governance Regulation

M42 Solution Matrix

· IT Governance

The Saudi Central Bank("SAMA") has established an Information Technology Governance
Framework ("the Framework") to assist organizations regulated by SAMA ("the Member Organizations") in effectively identifying and mitigating IT risks.

The framework will be used toassess the maturity level and effectiveness of IT controls at Member Organizations on a regular basis. The framework is founded on SAMA requirements
as well as industry IT standards.

To assist organizations that havealready acquired or have one or more matrix42 solutions, we created the matrix below to help you understand the element relationship between the SAMA ITGV and Matrix42 Solution.

broken image

The framework's implementation atthe Organizations will be subject to a periodic self-assessment. The Member Organizations will conduct the self-assessment using a questionnaire.
SAMA will review and audit the self-assessments to determine the Member Organizations' level of compliance with the framework and IT maturity.
In order to meet the maturity matrix requirements, we offerthe SAMA IT Governance maturity program as part of our offering.

  • Structured and Formalized
    Processes Engineering anddocumentation
    Define IT Controls andPolicies
    Define and Assign Roles andResponsibilities
    SAMA ITGV Workshops
  • Managed and Measurable
    Help implement the ITControls and Policies
    Outsource Engineers andConsultants
    Help in the SAMA ITGVSelf-Assessment based on International Standards
  • Adaptive

Periodical Improvement forPolicies, Processes, Tools, and Reporting

broken image