6.two. If your organization is awarded a whole new contract that entails a cybersecurity classification type not included in The present valid certificate, then a new certificate really should be received and submitted. Companies should align their insurance policies and techniques with Aramco’s outlined cybersecurity framework, such as access controls, https://isocertificationusa.blogspot.com/2025/04/soc-2-compliance-in-usa-fostering.html
