The Communications and Information Technology Commission issued the "Cyber Security Regulatory Framework for Service Providers in the Information and Communications Technology and Postal Sector"; Through which it seeks to raise the level of cybersecurity maturity within these sectors.


 The authority clarified that the regulatory framework contains a comprehensive set of cybersecurity requirements and controls, and targets providers of Information and Communications Technology and Postal services, as the regulatory framework provides guidelines for improving cybersecurity risk management through an approach consistent with international best practices and local cybersecurity frameworks.


The cybersecurity regulatory framework also contributes to regulating and enabling cybersecurity practices within Information and Communications Technology and Postal service providers. This is reflected in raising the level of confidence in the safety of the infrastructure of service providers, in addition to supporting the regulatory framework for adopting risk management strategies, achieving cybersecurity requirements, encouraging service providers to apply best practices to develop appropriate cybersecurity measures, and ensuring the confidentiality, integrity, and availability of services provided to clients.


It should be noted that CITC issued this framework in coordination with the National Cybersecurity Authority in the Kingdom as part of the joint efforts in the national cybersecurity. Seeking to raise the level of reliance on digital services, and to protect the users all over the kingdom.


To view the (CFR) and get more info:




  • Publish Date:
  • 13/08/2020
  • Corresponding:
  • 23/12/1441