Ir para conteúdo
National Reference Framework for Cyber Security certification scheme

Within the scope of the national cyber security certification and capacity building activities, the National Cyber Security Centre is developing a certification scheme for compliance with the National Reference Framework for Cyber Security (QNRCS), which aims to certify the compliance of the implementation in national public and private candidate organisations of the measures established in the QNRCS for the identification, protection, detection, response, and recovery against the threats that could jeopardise the security of their networks and information systems, as well as their information.

In alignment with the main international standards in this area and the certification schemes under development in the context of the European Framework for Cyber Security Certification, the Certification Scheme for the National Cyber Security Framework (EC QNRCS), comprising an assessment methodology based on the collection of evidence of implementation of the QNRCS measures proposed in the Cyber Security Capabilities Assessment Framework (QACC), establishes the QNRCS in a manner analogous to that of a certifiable standard.


DRAFT EC QNRCS

In December 2021, CNCS published the EC QNRCS project and associated documentation to collect comments and suggestions alluding to it.

The process of developing the scheme resulted in a new version of the EC QNRCS and its Annex 5 - Criteria and Audit Decisions, where the aforementioned implementation requirements and respective evidence are defined for the purposes of certification of compliance.

The CNCS publishes today this new version of the draft EC QNRCS and the "Audit Criteria and Decisions", for a second round of collecting comments and suggestions. The remaining associated documentation, which remains available on this page, will still have to be updated depending on the changes produced in the meantime. All contributions will be duly appreciated for the definition of the final versions of the documents, including with regard to the documentation not yet updated.

See the documentation by clicking on the captions:

  • Documents available for contributions:
 1640904941.jpg          1640875385.jpg      
    Certification Scheme               Application Form    

  1640875406.jpg          1640875422.jpg
        Model and brands                       Disclosure policy

                          1654771072.jpg
                                Critérios e decisões de auditoria  


  • Benchmarks for the certification scheme:
      1640875447.jpg                  1640875464.jpg
                 QNRCS                                                   QACC


SUBMISSION OF CONTRIBUTIONS


Interested parties are requested to send their contributions, in writing and in Portuguese, by e-mail to the address drsc@cncs.gov.pt, preferably by 08 July 2022.
Last updated on 07-09-2022