Regulatory Alerts2021-11-04
Information Technology Governance Framework for Financial Sector
The Saudi Central Bank (SAMA) issued the Information Technology Governance Framework to mandate financial institutions to systematically identify, manage, and mature their IT controls through a structured, principle-based approach. The circular requires regulated entities to conduct gap assessments, submit a compliance roadmap by January 2023, achieve full compliance by Q4 2023, and submit detailed annual and semi-annual reports to SAMA. By enforcing these requirements across governance, risk management, operations, and change domains, the framework ensures continuous IT maturity, regulatory alignment, and optimal resource utilization across the financial sector.
Share