Certify your company’s compliance with the principles and requirements of Spain’s National Security Scheme





Royal Decree 3/2010 of 8th January sets out the security policy that applies to the use of electronic media. Spain’s National Security Scheme (ENS) is made up of a set of basic principles and minimum standards that aim to ensure the adequate protection of information. These basic principles and requirements apply to the in-house systems used by public bodies as well as to those used by their private-sector providers. Both must be certified as ENS-compliant by November 2017.
The objectives of the ENS are as follows:
  • To foster the conditions required for the secure use of electronic media
  • To set out a policy on the secure use of electronic media
  • To introduce a set of common practices that provide a framework for the actions taken by public bodies and their providers in the field of IT security
  • To develop a common language so as to facilitate interaction between public bodies as well as the communication of IT-security requirements to industry
  • To provide a uniform approach to security
  • To facilitate an ongoing focus on security 


  • Proves the organisation’s commitment to and compliance with national security standards to providers and clients alike
  • Opens up the possibility of becoming a service provider to the Spanish public sector
  • Acts as a deterrent by demonstrating to the outside world that the systems of the company or public body are adequately protected
  • Provides certification that is entirely compatible with and complementary to international IT-security-system standards for industry (such as ISO 27001)
  • Actively involves all departments across a company or public body, increasing employee awareness of and participation in issues related to security-system culture and compliance