ENS documentation
Complete documentary evidence
We draft and maintain the full documentary corpus the auditor will request: from the Security Policy approved by top management to every STIC procedure, plus the Statement of Applicability and formal Risk Analysis.
Add-on to Implementation or standalone service
What's included
Scope, deliverables and timeline are fixed upfront. No surprise costs.
- Security Policy aligned with RD 311/2022
- User regulations and operational procedures
- Statement of Applicability with per-control justification
- Risk analysis in PILAR or equivalent
- STIC procedures: incidents, access, continuity, traceability…
- Integrated data-protection policy (GDPR/LOPDGDD)
- Business continuity plan and incident response plan
- Security RACI matrix with committee, responsible party, operators and users
Deliverables
Everything delivered in editable format. If tomorrow you change providers, your work stays with you.
- Complete editable document pack
- Signed and filed versions
- Version control and review plan
- Optional English translation of key documents
FAQ for this service
Do you provide a generic Statement of Applicability or one tailored to my organisation?
Is documentation ENS-only or does it cover GDPR too?
In what format do you deliver documents?
Other services
ENS implementation
Gap analysis, system categorisation (Annex I) and rollout of all 73 Annex II controls, with CCN-STIC-aligned policies and procedures.
See details →Audit escort
Internal pre-audit, evidence preparation and on-site support during the ENAC-accredited certification audit.
See details →Training & maintenance
ENS best-practice training for staff and ongoing support for continual improvement, annual monitoring and biennial recertification.
See details →Ready to get ENS certified?
Free, no-commitment initial assessment. We reply within 24 business hours.