Developed Framework Components | ISO/IEC 27001 Security Protocols | NIST Cybersecurity | |||||||||||||||||
Information Security policies | Organizations of Information Security | Human Resource Security | Asset Management | Access Control | Cryptography | Physical and Environment Security | Operations Security | Communications Security | System Acquisition and Maintenance | Supplier Relationships | Security Incident Management | Business Continuity management | Compliance | Identifying | Protecting | Detecting | Responding | Recovering | |
Security Policy for Saudi Banks | þ | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý |
Safety for Saudi Banks | ý | ý | þ | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý |
Saudi Information Bank | ý | þ | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý |
The Operations and Security of Saudi Banks | ý | ý | ý | ý | ý | ý | ý | þ | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý |
Saudi Banks’ Supplier Relationships | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | þ | ý | ý | ý | ý | ý | ý | ý | ý |
Risk Assessment | ý | ý | ý | ý | ý | ý | þ | ý | ý | ý | ý | ý | ý | ý | þ | ý | ý | ý | ý |
Risk Mitigation | ý | ý | ý | ý | þ | þ | ý | ý | ý | ý | ý | ý | ý | ý | ý | þ | ý | ý | ý |
Monitoring and Detection | ý | ý | ý | ý | ý | ý | ý | ý | þ | ý | ý | ý | ý | ý | ý | ý | þ | ý | ý |
Incident Response | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | þ | ý | ý | ý | ý | ý | þ | þ |
Managed Business Continuity for Saudi Banks | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | þ | ý | ý | ý | ý | ý | ý |
Compliance | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | þ | ý | ý | ý | ý | ý |
Education and Awareness | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý | ý |