NCA readiness on a platform your whole entity uses
Manage policies, risk, NCA controls, evidence, and remediation in one connected system. The GRC team runs the program; departments respond to their assigned actions. Built in Saudi Arabia, with data resident in the Kingdom and on-premises deployment available.
The mandate is clear
The evidence is everywhere
The obligations are real and time-bound but the work still lives in shared drives, email, and spreadsheets, with much of the evidence held outside the GRC team.
Authors, reviewers, approvers, and the employees who must acknowledge them are rarely in one system.
IT, HR, and Finance hold the proof, while the GRC team is accountable for collecting it.
Overlapping requirements lead teams to gather and review the same evidence more than once.
Start with the NCA frameworks pre-mapped
Activate what is in scope, assign ownership, and track implementation, evidence, and remediation in one place, reusing shared controls wherever mappings apply.
See the NCA frameworks we supportThe GRC team owns the program The entity does the work with them
The GRC team runs the program in Org View. Departments acknowledge, answer, and submit evidence in Employee View, and every response returns to one auditable workflow.
An audit trail that is ready before the auditor is
Evidence is requested from the departments that hold it, versioned, and reviewed in one place. Every state change is logged with the actor, the timestamp, and what changed. The person who uploads evidence cannot approve it, and the control owner is not the reviewer, so separation of duties is enforced by the system, not by a spreadsheet. Downloaded documents are watermarked with the platform logo, the user, the date, and the timestamp.
Designed in Arabic and English
HAKTIV is designed in Arabic and English from the ground up, not translated after the fact, including full right-to-left support. Your team works in the language it operates in, and bilingual policies, controls, and evidence stay consistent across both.
SaaS, dedicated tenant, or on-premises. Data stays in the Kingdom
Public-sector requirements differ by entity, so HAKTIV offers three deployment options: SaaS, a dedicated tenant, or on-premises. For cloud deployments, customer and compliance data is hosted, stored, and processed in the Google Cloud Dammam region, with no processing or transfer outside the Kingdom of Saudi Arabia. On-premises deployment is available today for entities that require it.
The information your security and procurement teams will ask for
Run a structured pilot with your own framework and data
Book a 30-minute walkthrough tailored to your entity. We will scope a pilot around the NCA frameworks in your scope, your deployment requirements, and the departments that need to participate.
Book a demo