The objective of Saudi Aramco CCC was to minimize the cyber risks and strengthen third parties’ security posture which has been a major threat over the years for the company. The program ensured all the third-party vendors are adhering to the rules mentioned in the Third-Party Cybersecurity Standard (TPCS).
Third Party Cyber Security Standard (TPCS) has put forward certain cybersecurity requirements for Saudi Aramco Third Parties to minimize cyber risks and protect the company from possible cyber vulnerabilities.
All the third-party vendors and direct suppliers who want to do business with Saudi Aramco must comply with the rules set by TPCS.
The Cybersecurity Compliance Certificate is valid for two years from the issued date. But the manufacturers must follow all the required regulations put for by TPCS in order to maintain the validity.
The 10xDS CCC program helps organizations to develop Information and Cybersecurity Framework, formulate policies and procedures, conduct Information Security Awareness Trainings, perform pre-audits, support in implementation of controls and other aspects to become audit-ready.