National Security Scheme (ENS)

Aimed at companies that work with the Spanish public sector. It sets the minimum requirements that must be met by IT service providers with the Public Administration. Essential requirement for participation in public tenders.

TO WHOM IS THE ENS CERTIFICATION ADDRESSED?

If you are a service provider or a provider of IT services to the public administration, your organization may be required to be certified in the ENS (National Security Scheme) and computer security.
 

Benefits of your ENS certification

Commercial Lever in the Sector
Increasingly required by different entities of the public sector to maintain a commercial relationship, either already having existing services or to participate in contests or tenders.
Information Security Guarantees
The ENS is widely accepted in the sector, as it allows companies to improve their cybersecurity maturity, clearly establishing responsibilities and best practices for dealing with information risks.
Synergy with GDPR
It well represents a legal framework in itself, but which in turn offers synergies for GDPR compliance.

4 STEPS OF THE ENS CERTIFICATION

Secdat offers specialized services to help you in each step of the certification process

1

Gap Analysis

2

Implementation of controls

3

Certification Assistance

4

Monitoring and Continuous Improvement

1

Gap Anlysis

A gap analysis of your current processes and procedures will be carried out against information security controls based on the Scheme.

2

Implementation of controls

At this stage we will work with your organization to implement the ENS controls, draft the necessary documentation, assess the risks, advise on the technical implementation of the controls.

3

Certification Assistance

Help your organization with the preparation to face the certification audit, according to the requirements of the ENS, as well as in the registration process, to the choice of the certifying company.

4

Monitoring and Continuous Improvement

We accompany the organization until it feels certain of operating the required levels safely and independently, in order to face the next cycle.

A gap analysis of your current processes and procedures will be carried out against information security controls based on the Scheme and compliance with ISO 27701.

At this stage we will work with your organization to implement the ENS controls, draft the necessary documentation, assess the risks, advise on the technical implementation of the controls.

Help your organization with the preparation to face the certification audit, according to the requirements of the ENS and TISAX as well as in the registration process, to the choice of the certifying company.

We accompany the organization until it feels certain of operating the required levels safely and independently, in order to face the next cycle.

Your first step
to secure your organization

If you want to contract any of our services or speak to an expert who can advise you on our solutions, send us your queries and our team will contact you as soon as possible.

Our Values