Saudi Industrial Edge Compliance — Executive Edition
The Book
The Definitive Guide to
Saudi Industrial Edge Compliance.

The definitive framework for sovereign revenue assurance at the industrial edge. OTCC. ECC-2:2024. IEC 62443. One methodology.

Get the Framework Read Chapter One
SAIP Registered
Dhahran Techno Valley Partner
Instant Digital Delivery
20
Chapters
10
Audit Domains
3
Editions
1
Language
The Challenge

Digitally Advanced.
Assurance Fragile.

Your industrial edge is digitally advanced. But can it withstand sovereign scrutiny?

Saudi industrial operators manage trillions of riyals in operational value. But the compliance models they rely on were built for static data centres and bounded IT networks — not for distributed, hybrid, edge-to-cloud environments.

The result: organisations that perform efficiently but can't prove that performance is auditable, resident, and commercially defensible.

Three SREF® Compliance Domains
Domain A
OTCC/ECC Auditability
Can you reconstruct what happened — and prove it under OTCC-1:2022 and ECC-2:2024?
Domain B
Data Residency
Do you know where your data is — and can you prove it stays within jurisdiction?
Domain C
Edge-to-Cloud Control Integrity
When commands move across layers, are they synchronized, authorized, and tamper-resistant — per IEC 62443?
The Framework

Sovereign Revenue Edge Framework (SREF®)

The Sovereign Revenue Edge Framework (SREF®) is the first compliance methodology purpose-built for Saudi industrial edge environments.

It evaluates your organisation across three compliance domains: OTCC/ECC Auditability, Data Residency, and Edge-to-Cloud Control Integrity — aligned to OTCC-1:2022, ECC-2:2024, and IEC 62443.

It translates regulatory obligation into a structured, revenue-aware audit methodology — connecting compliance outcomes to commercial defensibility.

OTCC-1:2022 ECC-2:2024 IEC 62443 NCA Guidelines PDPL SREF® v1.26
01 / What's Inside

Built to Be Used, Not Just Read.

Each chapter is tied to a specific SREF® domain. Each domain includes evidence checklists, gap analysis templates, and remediation roadmaps drawn from live engagements across Saudi industrial sectors.

Domain 01
OTCC/ECC Auditability
Can you reconstruct what happened? Commands, overrides, approvals, events — and connect them to accountable ownership. Evidence checklist included.
Domain 02
Data Residency Enforcement
Where is your data actually processed, cached, mirrored, and backed up? A step-by-step methodology to prove residency compliance under PDPL and NCA guidelines.
Domain 03
Edge-to-Cloud Control Integrity
When states, commands, and configurations move between layers — are they synchronized, authorized, and tamper-resistant? Verification frameworks inside.
Domain 04
Sovereign Revenue Assurance
Mapping digital control failures to measurable revenue exposure. The chapter that turns a compliance conversation into a board-level business case.
Domain 05
Vendor & Platform Risk
Every foreign API and cloud dependency in your OT stack is a sovereignty exposure. Frameworks for mapping, scoring, and replacing them on a managed timeline.
SREF® Calculator
Readiness Assessment Tool
Included with the Practitioner's Guide and Bundle. Score your organisation against all 10 SREF® domains in 15 minutes. Outputs a priority-ranked remediation list.
International Market Entry

Written for Foreign Operators Entering Saudi Markets.

EXPOSED is designed for international companies, advisory practices, and investment committees evaluating Saudi industrial exposure. A different audience, the same rigour.

EXPOSED
Why Foreign Companies Keep Losing Saudi Industrial Bids
For foreign industrial companies, advisory practices, PE/VC firms, and investment committees evaluating Saudi market entry. Identifies the positioning gaps that cost contracts before the bid is scored.
SAR170
~$45 · Instant PDF · English
  • Why foreign bids fail Saudi evaluation criteria
  • The positioning gaps procurement committees actually assess
  • SREF®-aligned market entry framework
  • Documentation reframing methodology
  • Case studies from recovered tender cycles
Also on Amazon
02 / Editions

More Editions Coming Soon.

Digital PDF editions coming soon to this website.

Executive Edition
For Boards & Leadership
For boards, C-suite, and programme sponsors. Understand the revenue risk. Build the business case. Set the governance mandate. Covers revenue exposure mapping, KRI dashboards, and board reporting frameworks.
SAR365
$97 · Instant PDF · English
  • 168 pages — Executive Edition
  • Revenue risk & exposure mapping in SAR terms
  • KRI dashboard & board reporting frameworks
  • NCA, OTCC-1:2022, ECC-2:2024, IEC 62443 landscape
  • Four dimensions of sovereign assurance
Most Complete
Practitioner's Guide
For CISOs & Compliance Leads
For CISOs, compliance leads, and audit managers. Execute the 90-day SREF® validation mandate. Includes 10 audit domains, 47 test procedures, maturity scoring, remediation roadmaps, and every template you need to deliver an Executive Assurance Report.
SAR740
$197 · Instant PDF · English
  • 282 pages — Practitioner's Guide
  • 10 audit domains · 47 test procedures
  • 90-day SREF® Validation Mandate execution plan
  • SREF® Assessment Calculator
  • Remediation roadmaps & reporting templates
  • Crisis response: first 72 hours after sovereignty breach
Complete Bundle
Both Volumes — Complete Framework
The complete SREF® framework — both volumes, the SREF® Assessment Calculator, and a 15-minute SREF® readiness call included.
SAR925
$247 · Best Value · Saves SAR 180
  • Executive Edition (168 pages)
  • Practitioner's Guide (282 pages)
  • SREF® Assessment Calculator
  • 15-min SREF® Readiness Call
Assessment for Foreign Operators
Saudi Compliance Checklist
Score your Saudi market readiness across procurement positioning, documentation alignment, and compliance gaps. 10-minute self-assessment. Instant PDF download.

No spam. Instant download. Your data stays in the Kingdom.

Accepted: Mada Apple Pay STC Pay Visa / Mastercard Powered by Moyasar
SREF® Assessment
Not sure where you stand? Start with the SREF® Assessment.
Score your organisation against all 10 SREF® domains in 15 minutes. Outputs a priority-ranked remediation list with risk weighting. PDF download. No obligation — this is how we introduce the framework to decision-makers.

No spam. One email, the PDF, done. We may follow up if you're a fit for advisory.

03 / About the Author

Written From the Field.

AA
Ahmad Alqabbat
Founder & Principal Advisor, Alqabbat Advisory — Sovereign Architecture for the Industrial Edge

Ahmad Alqabbat advises the leadership of Saudi industrial operators — across oil & gas, petrochemicals, utilities, mining, and logistics — on sovereign infrastructure, OT security, and compliance architecture. He developed the SREF® Framework from direct engagement with the challenges these organisations face against the 2026 compliance deadline.

This book is not a theoretical exercise. It was written in the field, shaped by the gap between what regulators require and what operating teams can actually implement — and built to close that gap.

SAIP Registered Dhahran Techno Valley Partner Eastern Province HQ
04 / FAQ

Common Questions.

What format is the book delivered in?
PDF only. Delivered instantly to the email you provide at checkout. DRM-free — you own your copy. No app, no subscription, no renewal.
Will there be an Arabic edition?
Arabic editions are planned but not yet available. Follow us for updates on release timing.
Can I pay with Mada or Apple Pay?
Yes. All purchases are processed through Moyasar — a Saudi-licensed payment gateway (SAMA-regulated) that accepts Mada, Apple Pay, STC Pay, Visa, and Mastercard. No foreign cards required.
Is this also available on Amazon?
EXPOSED is available on Amazon.com and Amazon.sa in paperback and Kindle editions. The Executive Edition, Practitioner's Guide, Bundle, and assessment calculator are exclusive to this website.
My organisation wants multiple licences — is that possible?
The Complete Bundle covers up to 5 users within a single organisation. For larger team licences or a custom workshop-and-book package, reach out via LinkedIn or email — we handle these directly.
I want the book and advisory — how do I start?
Get the book first. It's designed to arm you for the advisory conversation — so when we meet, you're not hearing the problem for the first time, you're refining the action plan. Reach out via LinkedIn when you're ready.

Your Operations. Your Data. Your Decision.

2026 compliance is not optional. The question is whether you arrive at it prepared or reactively. This book is the preparation.

Get the Book Now
Advisory Services
SREF® Diagnostic
Find out exactly where your positioning gaps are — in two weeks, in writing. For foreign companies entering Saudi industrial markets.
Professional Programme
SREF® Certification Programme
The structured path from compliance knowledge to SREF®-certified practitioner status. For SAOs building lasting credentials.