Accredited services, delivering confidence in cybersecurity
A wide range of accredited conformity assessment services help increase the cybersecurity and the resilience of digital products, processes, systems and services and promote a safer use of cyberspace.
The digital space has a strong influence on shaping the current context with innovative technologies (blockchain, artificial intelligence, robotics, big and smart data…). However, the advantages of digital networking make us more dependent on cyber-infrastructures and more vulnerable to hostile actions against them. In this way, cybersecurity has become an essential need for companies and society and a main objective on most governments’ agendas, as it may affect National Security.
In this sense, Regulation (EU) 2019/881, better known as the ‘Cybersecurity Act’, aims to provide more effective support to Member States in the fight against cybersecurity threats and attacks. It establishes a European cybersecurity certification framework to create a single digital market for ICT products, services and processes that will allow certificates issued in the Member States to be valid throughout the European Union. This framework considers accreditation fundamental, since the Regulation only contemplates the option of accredited certification, regardless of the certification body that would operate.
- Testing and certification of Information Technology (IT) Security Products and Systems according to standards such as Common Criteria.
- Testing for LINCE cybersecurity scheme
- Certification under the National Security Scheme
- Product certification for the certification of trust services providers in accordance with European Regulation 910/2014 (eIDAS)
- Certification of Information Technology Security Management Systems (ISO 27001) ensuring the confidentiality, integrity and availability of information, a crucial asset of any organisation
- Certification of the Information Technology Management Service (ISO 20000), ensuring that the definition and delivery of IT services are focused on the organisation's business
- Tests on software quality
- Inspection of compliance with the requirements of RD 1112/018, on accessibility of websites and applications for mobile devices of the public sector
- Projects management processes certification and software implementation carried out by VSEs (very small entities)
- User safety tests, such as measurement of exposure to electromagnetic fields, specific absorption rate readings for mobile devices and tests on the electrical safety of equipment
- Tests on the functionality and interoperability of equipment, devices and communication systems of the different mobile and wireless technologies, quality of video signals, characterisation of antennas, TDT receivers, electromagnetic compatibility
- Verification of common telecommunications infrastructure projects for access to telecommunications services inside buildings
- Certification within the National Security Scheme
- Certifications of the security of information technologies products and systems, according to standards such as Common Criteria or Lince, the Essential National Security Certification scheme developed by the National Cryptological Centre (CCN)
- Certification of the requirements of eIDAS Regulation