"/ >

PAe - New Report of good practice on the profile of compliance in the declaration of applicability in the ENS
the accesskey _ mod _ content

New Report of good practice on the profile of compliance in the declaration of applicability in the ENS

05 July 2019

Logo national security Scheme

El informe incluye el procedimiento para definir la declaración de aplicabilidad, la categorización de un sistema, la determinación de los niveles de seguridad por dimensión, de la categoría y de las medidas de aplicación, ejemplos y el perfil de cumplimiento.

The CERT from downtown National PKIX (CCN-CERT) has published a new report of good practices in the public part of its portal. document CCN-CERT BP / 14 (Opens in new window) aims to explain the procedure to define the declaration of applicability in the national security Scheme (NHIS).

The report includes the determination of the category of a system (primary, secondary or high), which is based on the valuation of the impact on the organization an incident affecting the security of the information or systems. Also, the document addresses the determination of safety levels depending on the dimension.

One of the main points is the determination of implementing measures necessary for the fulfilment of the basic principles and minimum requirements established in the ENS. In this sense, Annex II of the Royal Decree 3 / 2010 collects correspondence between the levels of security required in each dimension and security measures applicable.

El informe finaliza con una serie de ejemplos, un apartado dedicado al perfil de cumplimiento, conformado este por un conjunto de medidas de seguridad y su implementación concreta resultado de un análisis de riesgos, así como un decálogo de recomendaciones.

Original source of the news (Opens in new window)

  • Security
General access point
 
General access point