Version: 1.0.0-beta

CSCC Compliance

AIIA supports the Cloud Security Cybersecurity Controls (CSCC) framework issued by NCA for cloud service providers and cloud consumers in Saudi Arabia.

Framework Details

Property	Value
Code	`CSCC-1:2019`
Name	Cloud Security Cybersecurity Controls
Issuing Body	NCA
Country	Saudi Arabia
Category	Regulatory

CSCC Domains

Domain	Focus Area
Cloud Governance	Policies, risk management, compliance
Cloud Security Architecture	Network security, data protection, encryption
Cloud Identity & Access	Authentication, authorization, privilege management
Cloud Data Protection	Classification, handling, residency requirements
Cloud Operations	Monitoring, incident response, change management
Cloud Business Continuity	Disaster recovery, availability, resilience

Usage in AIIA

Follow the same workflow as other frameworks:

Enable CSCC in Compliance → Frameworks
Map your cloud controls to CSCC requirements
Assess compliance status per requirement
Track progress via the compliance dashboard

Cross-Framework Mapping

CSCC shares controls with:

NCA ECC — cybersecurity governance and defense
ISO 27017 — cloud security
CSA STAR — cloud security alliance framework

Cloud-Specific Considerations

CSCC compliance is particularly relevant for:

Organizations using cloud services in Saudi Arabia
Cloud service providers serving Saudi clients
Hybrid deployments combining on-premises and cloud

Framework Details​

CSCC Domains​

Usage in AIIA​

Cross-Framework Mapping​

Cloud-Specific Considerations​

Framework Details

CSCC Domains

Usage in AIIA

Cross-Framework Mapping

Cloud-Specific Considerations