Aramco SACS-002 Third Party Cybersecurity Standard The SACS-002 Third Party Cybersecurity Standard aims to establish the minimum Cybersecurity requirements for Saudi Aramco Third Parties to protect Saudi Aramco from possible cyber threats and strengthen Third Parties’ security posture.

The cybersecurity compliance certification (CCC) program has been introduced by Saudi Aramco to ensure that all third parties obtain a cybersecurity compliance certificate from an authorized audit firm, to confirm their adherence to the cybersecurity requirements, as mandated in the Third Party Cybersecurity Standard (SACS-002), to conduct business with Saudi Aramco.