AI Agents Cybersecurity Training Insights Let's talk
🇪🇸 ES 🇬🇧 EN CA
ENS + ISO 27001 certified

ENS Audit and Certification
in Barcelona

We guide you through the National Security Scheme certification. And we help you fund it with available public grants.

Free assessment Talk to an expert
100%
ENS certifications obtained
Across all accompanied processes
2-5
Months on average
Depending on Basic/Medium/High level
70%
Shared controls
With ISO 27001 (dual certification)
3
ENS levels
Basic, Medium and High

The 3 ENS levels

The level you need depends on the information you handle and the services you provide to the public administration.

Basic level
For whom

Systems handling low-level information

Scope

Essential security controls

Estimated timeline

4-8 weeks

Medium level
For whom

Systems with medium-level information or relevant public services

Scope

Reinforced controls + periodic audits

Estimated timeline

8-12 weeks

High level
For whom

Critical administration systems or classified information

Scope

Advanced controls + continuous monitoring

Estimated timeline

12-20 weeks

Why choose us for your ENS

Certified ourselves

Delbion holds active ENS and ISO 27001 certifications. We are not theoretical consultants: we live compliance every day and know what auditors look for.

Public sector specialists

We know the specific requirements of the Spanish public administration. We have worked with suppliers to local councils, regional governments and national bodies.

We help you with grants

We identify which grants you can apply for (Kit Digital, Generalitat, Next Gen EU) and advise on the application to reduce your certification cost.

Dual ENS + ISO 27001 certification

We leverage the synergies between both frameworks. If you need both, the incremental effort is minimal and the value to your organisation multiplies.

ENS certification process

Proven methodology in 4 phases. Each step has clear deliverables.

1

System categorisation

1 week

We determine the required security level (Basic, Medium or High) based on the security dimensions and the type of information you handle.

2

Gap analysis

1-2 weeks

We assess your current state against the applicable ENS controls for your level. We identify exactly what is missing and prioritise actions.

3

Controls implementation

4-12 weeks

We deploy the necessary security measures: policies, procedures, technical controls and staff training. Everything documented for the audit.

4

Audit and certification

2-4 weeks

We support you throughout the ENS certification audit. We manage any non-conformities and ensure you obtain the certificate.

Available grants and funding

Several public funding channels can significantly reduce the cost of your ENS certification.

Kit Digital

Active

Grants of up to €12,000 for SMEs that need to implement cybersecurity measures. Partially covers ENS consultancy.

Generalitat Grants

Variable

Digitisation and cybersecurity programmes for Catalan businesses. Check current calls for your sector.

INCIBE

Ongoing

Business cybersecurity support programmes from the National Cybersecurity Institute. Resources, tools and advisory.

Next Generation EU

Active

European funding for digital transformation and cybersecurity. Available through various national and regional calls.

Grants change with each call. We advise on the options currently available for your case.

Frequently asked questions

Is ENS mandatory for my company?
ENS is mandatory for all public sector entities and for private sector suppliers that provide them with technology services or handle public information. If you work with public administrations (local councils, regional governments, ministries), you need ENS.
What is the difference between ENS and ISO 27001?
ENS is a Spanish regulation mandatory for the public sector. ISO 27001 is a voluntary international standard (though frequently required). They share approximately 70% of controls. We can prepare you for both in parallel, leveraging the synergies.
How much does ENS certification cost?
It depends on the level (Basic, Medium, High) and the size of your organisation. Basic level projects for SMEs start from €6,000. Medium and High levels are more complex. Subsidies are also available that can cover part of the cost. We provide an exact quote after the initial analysis.
Can I access grants to fund the certification?
Yes. Kit Digital, Generalitat grants and Next Generation EU funds can cover part of the cost. We advise on which subsidies apply to your case and help with the application.
How long does the full process take?
For Basic level, between 2 and 3 months. Medium level, 3 to 5 months. High level can take 6 months or more. It depends on your organisation's maturity and the system scope.
What happens after certification?
The ENS certificate is valid for 2 years. During that period, you must maintain operational controls and carry out surveillance audits. We offer maintenance retainers to ensure ongoing compliance.

Start with a free assessment

In 1 hour we assess your situation, determine your required ENS level and tell you which grants you can apply for. No commitment.

Request free assessment Contact us

Or write to us directly at info@delbion.com