National Framework

ENS

National Security Framework (Spain)

The mandatory cybersecurity framework for Spanish public administrations and their technology providers. Establishes security principles, requirements and measures proportional to risk level.

Manage ENS with ermine Talk to an expert

The National Security Framework (ENS), regulated by Royal Decree 311/2022, establishes the security policy for the use of electronic means by Spanish public sector entities and their technology providers.

Security levels

ENS classifies systems into three categories (Basic, Medium, High) based on the impact a security incident would have on the organization’s functions and the services it provides.

Security measures

The framework includes 75 measures organized across three frameworks: Organizational Framework, Operational Framework and Protection Measures. Their application depends on the level assigned to the system.

Who does it apply to?

Spanish public administrations (national, regional, local) and private companies that provide services to the administration or process public data.

ermine and ENS

ermine includes the complete ENS template with all 75 measures, enables system categorization and generates the Adequacy Plan and Conformity Declaration or Certification required by the CCN-CERT.

What does ENS cover in ermine?

Pre-configured templates and workflows for each area of the standard.

Pre-configured template

Controls, risks and evidence ready to adapt to your organization.

Cross-framework mapping

Reuse controls between ENS and other regulations you already comply with. One evidence, multiple frameworks.

Automatic evidence

Collection from your current integrations: Drive, Excel, ERP, CRM, email.

Roles & responsibilities

Assign owners, recorders and auditors per control or procedure.

Reports & declarations

Generate SoA, audit reports and dashboards for your board.

External audit access

Grant granular access to external auditors without exposing sensitive data.

How ermine helps with ENS

Up and running in 2 weeks

ENS template imported in your tenant from day one.

Automatic mapping

Reuse controls between ENS and other regulations. One evidence, multiple frameworks.

Evidence & audit

Generate reports and statements of applicability automatically. Your team decides, doesn't chase PDFs.

ENS

Ready to implement ENS?

Free 30-minute demo. We show you how ermine would fit your organisation.

  • Template ready in your tenant from day 1
  • Cross-mapping with regulations you already comply with
  • Demo tailored to your sector and company size

Request your demo

No commitment. We reply within 24 h.

By submitting, you accept our privacy policy.

Keep exploring

IS

ISO 27001

The international standard for Information Security Management Systems. It defin...

IS

ISO 31000

The international framework for risk management in any type of organization. Pri...

IS

ISO 9001

The world's most widely adopted quality management standard. It defines requirem...