SACS-210 Technical Implementation Checklist
Designed for your IT Department or Managed Services Provider to translate SACS-210 requirements into specific IT configuration controls.
Translating Requirements into IT Controls
This checklist bridges the gap between Aramco's compliance policies and practical IT implementation. It provides your technical teams with the exact configurations needed to secure your infrastructure according to SACS-210 guidelines.
- TPC Control Mapping: Clear mapping from TPC1.1 through TPC1.33 protocols.
- Actionable Tasks: Turns policy text into actionable IT and network configurations.
- Vendor Ready: Directly hand this checklist over to your Managed Services Provider (MSP).
SACS-210 Checklist Document
Comprehensive technical breakdown mapped to CCC requirements.
5 Core Technical Domains
Identity, Access, & Passwords
Covering centralized directories, MFA enforcement, and Role-Based Access Control (RBAC).
TPC1.9 - TPC1.16Endpoint & Vulnerability Mgmt
Highlighting EDR/Antivirus, full disk encryption, and centralized patch management.
TPC1.19, TPC1.20, TPC1.22, TPC1.24Network & Email Security
Detailing firewall configurations, network segmentation, and email authentication protocols like DMARC.
TPC1.21, TPC1.23, TPC1.29Data Protection & Backups
Showcasing automated offline backups and NIST 800-88 data sanitization standards.
TPC1.17, TPC1.18, TPC1.28Logging, Monitoring, & Response
Focusing on audit logging, NTP time synchronization, and log protection measures crucial for compliance.
TPC1.31, TPC1.32