Compare 14 partners delivering Saudi Vision 2030 digital-transformation programmes for Saudi government entities, giga-projects (NEOM, Red Sea, Qiddiya, ROSHN, Diriyah Gate), public-investment-fund portfolio companies, and KSA-headquartered banks and conglomerates. Engagements cover the Vision 2030 digital programme alignment, the Saudi Personal Data Protection Law (PDPL) compliance build, the National Cybersecurity Authority (NCA) Essential Cybersecurity Controls (ECC) and Cloud Cybersecurity Controls (CCC) implementation, the SDAIA Personal Data Protection regulations and AI-ethics programme, the data-localisation and sovereign-cloud workstreams on Microsoft Azure KSA, Google Cloud KSA, and Oracle Cloud Riyadh regions, the in-Kingdom workforce localisation programme, and the giga-project technology master-planning. Listings cover Big Four KSA practices, global SIs with established Riyadh and Jeddah delivery, India-heritage SIs with regional offices, and the Saudi-headquartered technology houses. No partner pays for placement on this directory.
KSA Vision 2030 programmes break into four typical workstreams. Strategy and digital programme design, where the partner aligns the technology agenda to Vision 2030 themes (digital government, smart cities, fintech, tourism, ESG), runs the operating-model design with the Digital Government Authority (DGA) or SDAIA, sets the cloud and data-localisation strategy across the Microsoft Azure, Google Cloud, and Oracle Cloud KSA regions, and builds the in-Kingdom workforce localisation plan against Saudization targets. Cybersecurity and regulation, where the partner implements the National Cybersecurity Authority (NCA) Essential Cybersecurity Controls (ECC-1:2018), the Cloud Cybersecurity Controls (CCC-1:2020), the Critical Systems Cybersecurity Controls (CSCC-1:2019), and the SAMA Cyber Security Framework for banks and payment service providers. Data protection and AI, where the partner builds the Saudi Personal Data Protection Law (PDPL) compliance programme, registers controller-of-record responsibilities, runs the cross-border-transfer assessments, aligns to the SDAIA AI ethics principles, and sets the governance for generative AI use. Giga-project and PIF portfolio delivery, where the partner builds the technology master plan for NEOM, Red Sea, Qiddiya, ROSHN, and Diriyah, the platform reference architectures, and the integrated digital-twin and smart-infrastructure programmes.
Three procurement archetypes recur. Big Four KSA practices (PwC, Deloitte, EY, KPMG) lead at PIF portfolio companies and government entities where Vision 2030 advisory, programme governance, and policy work drive the engagement. Global SIs and India-heritage SIs (Accenture, IBM, Capgemini, NTT, TCS, Infosys, Wipro) lead on technology build, ERP, sovereign-cloud workloads, and large-scale managed services. KSA national technology houses (Elm, stc Solutions / Center3, SmartWorld) lead at government, telco-anchored, and giga-project programmes where in-Kingdom delivery, sovereign infrastructure, and ministerial relationships are determining factors. Friction point: the Saudization (Nitaqat) framework imposes minimum Saudi-national headcount ratios on partners, and the pace of demand has outstripped the supply of senior Saudi technologists for several years. Partners who under-resource in-Kingdom often hit the visa and headcount constraints mid-programme, causing slippage of 4-9 months. Buyers running large multi-year programmes routinely revisit the partner Saudization roadmap quarterly.
For complementary research see digital government platforms, smart city platforms, sovereign cloud platforms, GRC platforms, and data residency platforms. For adjacent services see GCC digital transformation, digital transformation consulting, public-sector IT consulting, cybersecurity services, ISO 27001 implementation, and data privacy services.
Tell us what you're evaluating and we'll send a tailored shortlist of vendors that actually fit — no vendor funding, no pay-to-play.
6,000+ vendors · 893 comparisons · 48 country guides · Independent & vendor-neutral