Aramco Third-Party Cybersecurity (TPCS) 2026 Assessment Questionnaire
Complete our free self-assessment tool to identify compliance gaps and receive tailored remediation steps for Saudi Aramco's Aramco Third-Party Cybersecurity (TPCS) 2026 General Requirements.
Why Compliance Matters for Third Parties
Saudi Aramco relies on third parties for critical services. A vulnerability could lead to massive disruptions. The Aramco Third-Party Cybersecurity Standard (TPCS) 2026 General Requirements mitigates these risks across 33 key areas.
Build Trust
Demonstrate an elite commitment to operational security standards and data integrity directly to Aramco assessors upon review.
Competitive Advantage
Stand out from non-compliant market competitors and immediately unlock $50M+ in protected purchase orders scaling with Saudi Aramco.
Risk Mitigation
Aggressively protect against state-sponsored cyber threats, ransomware branches, and reputational collapse that destroys supply chains.
Key Areas of Focus (TPC1.1 to TPC1.33)
The questionnaire's technical sections heavily target these primary domains required for Cybersecurity Compliance Certificate (CCC) approval.
1. Policy and Governance
Requires heavily documented internal policies governing technology use, annual cybersecurity training records for all staff, and explicit data disclosure prohibitions tied to NDAs.
2. Technical Controls
Enforces complex strict password management (90-day rotation, multi-symbol structures), mandatory Multi-Factor Authentication (MFA), and daily anti-virus telemetry updates.
3. Email and Domain Security
Ensures authoritative email domains utilize strict Sender Policy Framework (SPF) records and DKIM keys. Heavily penalizes the use of general domains like Gmail for official communications.
4. Incident & Access Management
Mandates rigorous access controls and logging coupled with a 24-hour notification window directly to Saudi Aramco for credential revocation or active cybersecurity containment incidents.
Ready to Map Your Real Compliance Level?
Completing the automated questionnaire normally occupies less than 5 minutes. Take the test to instantly uncover your architectural blind-spots.
Instant Algorithmic Breakdown
Receive a hyper-detailed technical risk dashboard detailing exactly what you must fix prior to Aramco evaluation.
Included Following Submission
- Clear Actionable Remediation Steps
- Confidential gap analysis delivery
- Free Aramco Third-Party Cybersecurity (TPCS) alignment consultation
Start The Engine
Access the official Microsoft Form evaluation module hosted securely on NHR Alemtithal servers.
Launch AssessmentData protected by 256-bit encryption
Frequently Asked Questions
Common questions regarding the Aramco Third-Party Cybersecurity Standard (TPCS) preliminary assessment.
Is this assessment fully comprehensive for Aramco Third-Party Cybersecurity Standard (TPCS)?
Yes. The questionnaire has been professionally engineered to address all 33 primary technical and administrative controls delineated by the Saudi Aramco Third-Party Cybersecurity Standard (TPCS) General Requirements, ensuring an accurate preliminary reading of your compliance posture.
How long does the assessment take to execute?
The entire evaluation comprises 33 highly targeted technical questions and can normally be completed safely by a technical manager or IT administrator within 5 to 10 minutes.
Are my assessment results shared with Aramco or third parties?
Absolutely not. Your results are strictly confidential. Data submitted through this portal is algorithmically evaluated solely to generate your private remediation report and is never forwarded to external entities or Saudi Aramco regulatory auditors.
What happens immediately after I submit?
Upon submission, our backend evaluation engine dynamically analyzes your responses. Check your nominated email within 20 minutes to receive an executive snapshot of your compliance level and prioritized remediation instructions.
Is there any commitment required?
No. This is a 100% free tool designed simply to help contractors gauge their current technical operational baseline against Aramco Third-Party Cybersecurity Standard (TPCS) thresholds prior to requesting an official Aramco audit.