NCA Telework Cybersecurity Controls (TCC-1:2021)

NCA cybersecurity controls for remote work covering device security, secure connectivity, and data protection during telework. Applies to national organisations enabling remote work in Saudi Arabia.

TCC-1:2021 applies to government organizations, critical national infrastructure operators, private sector organizations.

AuditDSS has decomposed TCC-1:2021 into 63 atomic obligations from 16 rules. Each obligation is independently testable and risk-scored.

The key requirements include: 3 main domains, 16 subdomains, 21 main controls, 42 subcontrols, telework policies, remote access security, mobile device management.

Upload your compliance policy to AuditDSS. The platform maps your document against all 63 TCC-1:2021 obligations using deterministic AI scoring — not checklists or LLM summaries. You get a risk-scored gap analysis showing exactly which obligations are covered, partially covered, or missing.

TCC-1:2021 is enforced in Saudi Arabia by National Cybersecurity Authority.

TCC-1:2021 became effective on January 1, 2021.

TCC-1:2021 is primarily relevant to the Telecommunications industry. AuditDSS covers 76 regulations in this industry sector.