Certifications & Compliance

Trust, assurance and regulatory alignment

Certifications & Compliance

NourNet supports customers through documented controls, audit evidence, service reporting and compliant operating models aligned with Saudi regulatory requirements and international best practices.

NourNet Assurance

Certification and compliance overview

NourNet’s assurance landscape covers information security and privacy, cloud security, business continuity, operational quality, data-center operations and regulatory alignment in the Kingdom of Saudi Arabia.

Certification and compliance overview
Visual overview of the certifications, standards and regulatory bodies supporting NourNet’s governance and compliance operating model.

Certification and assurance domains

Information security and privacy

Controls for information-security management, cloud-security assurance, personal-data protection and service trust.

PCI DSS ISO/IEC 27001 ISO/IEC 27017 ISO/IEC 27018 SOC 2 Type II ISO/IEC 27701

Quality, continuity, environment and safety

Management systems for service quality, business continuity and recovery, environmental management and occupational health and safety.

ISO 9001 ISO 22301 ISO 14001 ISO 45001

Cloud security assurance

Cloud-specific assurance covering security transparency, control maturity and independent assessment practices.

CSA STAR Level One CSA STAR Level Two

Data-center standards

Design, operational and facility assurance across physical, mechanical, electrical and telecommunications disciplines.

TIA-942 Rated-3 Rated-3 Facilities DCOS-3 Defined Operations & Maintenance
Saudi Arabia

Saudi Arabia regulatory alignment

NourNet services and operating models are designed to support relevant national regulatory requirements, subject to the contracted service scope, hosting location and applicable audit cycle.

NCA ECC Essential Cybersecurity Controls
NCA CCC Cloud Cybersecurity Controls
CST Class C Cloud service-provider classification
SDAIA / PDPL Data governance and personal-data protection
SAMA Cybersecurity and resilience expectations for the financial sector
SACS-002 Cybersecurity Compliance Certificate
MSOC Tier 2 Managed Security Operations Center service-provider licensing
Global Standards

International standards and reference frameworks

Design, operations and governance practices reference internationally recognized standards and frameworks for cybersecurity, data centers, risk management and service assurance.

Uptime Institute PCI Security Standards Council AICPA Cloud Security Alliance CIS ISO NIST TIA

How we support customer compliance programs

1

Control governance

Defined control ownership, accountability, approvals, exception handling and risk-management workflows.

2

Evidence and audit support

Operational evidence, service reports, control records and auditor support within the agreed service scope.

3

Continuous compliance

Periodic monitoring, finding management, remediation plans and measurable compliance-improvement tracking.

4

Shared responsibility

Clear allocation of NourNet, customer and third-party responsibilities across cloud, security, backup, recovery and managed services.

Need compliance evidence or audit documentation?

Engage NourNet for compliance mappings, certification scope statements, shared-responsibility models and an evidence package aligned to your regulatory requirements.

Request a Compliance Package