The Spanish Council of Ministers approved on 8 January 2010 two Royal Decrees that regulate the National Interoperability Framework and the National Security Framework respectively. Both will be published shortly in the Official Gazette of the State.

Together with the 'Law on Citizens' Electronic Access to Public Services' of 2007, these two frameworks pave the way to a more secure and more efficient eGovernment in Spain; they establish the minimal requirements that every Public Administration shall apply in order to (1) provide a genuinely seamless public eService to citizens and (2) generate the citizens' confidence in electronic communication means to exercise their rights and fulfil their obligations. Citizens will be able to access and enjoy a Government service without having to know which public authority is competent.     

The National Interoperability Framework ('Esquema Nacional de Interoperabilidad' in Spanish - ENI) is a set of technological criteria and recommendations applying to the conservation and standardisation of information, as well as the formats and applications that the Public Administrations shall take into account when making decisions impacting on the interoperability of systems. Furthermore, the ENI lays down the conditions that are needed in order to ensure an adequate level of interaction among the Public Administrations.  

The ENI moreover addresses questions that are fundamental for eGovernment progress, such as: the dimensions of interoperability, the communications between Administrations, technology re-use and transfer, interoperability in the framework of the eSignature policy, the recovery and conservation of electronic documents, and the constant update of the Interoperability Framework itself. 

The National Security Framework ('Esquema Nacional de Seguridad' in Spanish - ENS) sets out a security policy for the use of electronic means. It formulates the basic principles and the minimal requirements that guarantee the appropriate protection of the information through measures ensuring the security of the systems, the data, the electronic communications and the eServices. The ENS pays particular attention to the proportioned protection of the information which is managed and the services that are delivered by categorising the information systems. The need to perform regular security audits is also enshrined in the security framework; it provides for the regular performance of an audit, every two years at least.   

Last but not least, the ENS defines the methodology to respond to incidents affecting security and outlines the important part played by the National Cryptology Centre, either as the editor of the Security Guides for the Administration or as the main actor of the coordination of response to security breaches.

 

Further information: 

• Official press release - Ministry of the Presidency (in Spanish)
• Information on the National Interoperability Framework (in Spanish)
• Information on the National Security Framework (in Spanish)