Ir para conteúdo

National Reference Framework for Cybersecurity

The National Reference Framework for Cybersecurity (QNRCS) allows organisations to reduce the risk associated with cyber threats, providing the basis for any entity to meet the minimum security requirements of networks and information systems.

The document in question reflects the Portuguese organisational reality, responding to the need to implement Identification, Protection, Detection, Response and Recovery measures against threats that jeopardise the security of cyberspace.

The QNRCS presents a set of recommendations so that organisations can define a strategy that involves their entire structure. Entities can join on a voluntary basis and benefit from a homogeneous approach that promotes a national response to cyber threats.


To access the document

To access the english version




União Europeia
1616006349.jpg

Cybersecurity Capabilities Assessment Framework

Aimed at organisations to support their cybersecurity capacity building, the Cybersecurity Capabilities Assessment Framework is a complementary product to the National Reference Framework for Cybersecurity (QNRCS), following the CNCS strategy, as regards the availability of benchmarks and support tools.

The document in question presents, for each of the cybersecurity measures included in the QNRCS, the definition of three levels of capability (Initial, Intermediate and Advanced), so that organisations can meet the five cybersecurity objectives - identify, protect, detect, respond and recover, taking into account their context and size.

It should be remembered that the levels of capability applicable to each organisation depend on its specific characteristics and the document presented is flexible enough for application in different contexts. As an example, for an organisation with only 5 employees, it may not be necessary to define a security policy fully aligned with market standards or even have a formal documented procedure for recruiting staff.

To access the document







União Europeia
1616086487.jpg

Summary Table (Excel)

All the measures described in the National Reference Framework for Cybersecurity are available in the summary table.

The document is organised in an accessible way and divided by the five objectives: identify, protect, detect, respond and recover; which allows a more simplified visualisation.

To access the document

CiberCheckUp

CiberCheckUp is an instrument that allows assessing the state of an organisation in terms of cybersecurity, considering the National Reference Framework for Cybersecurity and the Evaluation Framework of Minimum Capacities in Cybersecurity. It is a complementary product to the National Reference Framework for Cybersecurity, responding to the strategy of the National Centre for Cybersecurity, as regards the availability of benchmarks and support tools.

To access the online tool
1616086487.jpg
Last updated on 08-09-2022