Log in
logo

COUNTERING CYBER THREATS

barra-separadora

The National Security Scheme (ENS) requires Public Administrations to carry out a regular assessment of the security status of the system. Pursuant to article 35 of the ENS, the Sectorial Committee of the Electronic Administration will provide the required procedures to have a regular update on the status of the main security parameters in the information systems referred to in the Royal Decree, so that it produces an overview of the security status in Public Administrations. Additionally, the ENS stresses the need for establishing a system to measure the security of the system, and establish a number of indicators to measure the actual performance of the system regarding security in the following aspects:

a) Level of implementation of the security measures.

b) Effectiveness and efficiency of the security measures.

c) Impact of security incidents.

In order to comply with this mandate, the CCN has developed the project INES (National Report on Security Status) in order to provide participating bodies with assistance. The project has a new data transmission platform (access is allowed through this website), which provides Public Administrations with a faster and more intuitive knowledge of their level of adaptation to the ENS and the security status of their systems.

The platform permits compiling information in an organized, delegated and controlled manner. The person responsible for security is the person in charge of the interface with INES, providing, validating and analyzing the security information of the entity and consolidated at the level of public administration. Another advantage of INES is that entities can have access to, complete or check their data —that will be classified per years— to monitor evolution. The INES project —like the Guide CCN-STIC 824 on the Report on the Security Status— pursues a preventive assessment of security, by analyzing compliance with certain aspects that are critical for entities, an estimate of the efficacy and efficiency of the activities in the field of security and an estimate of the human and economic efforts devoted to IT security.

Guía CCN-STIC 815 Indicadores y métricas en el ENS

Guía CCN-STIC 824 Informe del Estado de Seguridad

Guía CCN-STIC 844 Manual de Usuario de INES / Anexo / Anexo II (SHA) / Anexo III

Instrucción Técnica de Seguridad (ITS) de Informe del Estado de la Seguridad.

Access to INES

In order to access the INES tool, you must be registered in the CCN-CERT portal.
In case of you aren't registered user, you have to complete the registration form.
If you are a registered user, you can request access by e-mail ines@ccn-cert.cni.es. INES support team will contact you as soon as you have access permissions to the application.

PGP Key Download

FINGERPRINT AC95 9103 1415 8243 7025 9FD6 1219 02B5 7C5C C5B1

Go back

Esta web utiliza cookies, puedes ver nuestra política de cookies Si continuas navegando estás aceptándola Modificar configuración