Streamline Cybersecurity Requirements with ECC
StandardFusion enables organizations operating in Saudi Arabia to align with ECC by mapping all 114 required controls across domains and subdomains, automating assessments, and tracking implementation and maturity. Easily manage documentation, roles, evidence, and audit trails in one system.
Essential Cybersecurity Controls
Description
ECC is issued by Saudi Arabia’s National Cybersecurity Authority (NCA) and establishes a minimum baseline of cybersecurity requirements for government agencies, critical infrastructure, and other regulated organizations. It includes 114 controls across five key domains, cybersecurity governance, defense, resilience, third-party management, and cloud security. The ECC aims to standardize cybersecurity practices and improve the overall cyber resilience of national digital infrastructure.
Overview
ECC is a foundational framework designed to strengthen cybersecurity maturity across public and private sectors in Saudi Arabia. By providing clear control requirements and implementation guidance, it supports organizations in identifying gaps, improving risk management, and ensuring compliance with national cybersecurity mandates. Its structured approach encourages continuous monitoring, accountability, and alignment with broader national security objectives.
Related Cybersecurity Frameworks
23 NYCRR 500
Cybersecurity Regulation
Cybersecurity
Learn More
BSI C5
Cloud Computing Compliance Criteria Catalogue
Cybersecurity
Learn More
CC SRG
Cloud Computing Security Requirements Guide
Cybersecurity
Learn More
CCoP
Cloud Code of Practice
Cybersecurity
Learn More
CIS Controls
Center for Internet Security Controls
Cybersecurity
Learn More
CSA CCM
Cloud Controls Matrix
Cybersecurity
Learn More
