Services
Five fronts, a single point of contact
We manage the entire FSC lifecycle end to end: clearance, the adaptation of classified areas, ICT security in CIS environments, security documentation and specialist training. A single point of contact coordinates every action to ensure coherence, traceability and operational efficiency.
01 · Service
Obtaining the FSC
We provide specialist support to the company throughout the entire process of obtaining the Facility Security Clearance (FSC — in Spanish, HSES), including the analysis of the contractual scope, the adaptation of the security measures and the preparation of the documentation required for its submission to the National Security Office (ONS).
Scope
We analyse the contract, programme or classified activity that gives rise to the need for clearance, determine the level and applicable regulatory framework, and support the company in preparing and following up the file before the National Security Office (ONS).
Deliverables
Comprehensive development of the clearance file, including the FASE, the Protection Plan, technical documentation, operating and emergency procedures, and the records required by the Security Authority to obtain and maintain the FSC.
Typical timelines
The timelines for obtaining an FSC range between 12 and 18 months, depending on the level required, the state of adaptation of the premises and the Authority's review times. We plan each phase against realistic schedules aligned with the client's contractual commitments.
02 · Service
ZAR / ZAP
We design, implement and maintain Restricted Areas (ZAR) and Protected Administrative Areas (ZAP) in accordance with the national regulations for the protection of Classified Information (CI) and the applicable NATO, EU and ESA frameworks.
Scope
We assess the premises and define the security perimeter of the ZAR/ZAP, including structural and electronic measures and solutions for holding Classified Information (CI). We coordinate the technical implementation with specialist suppliers in accordance with the Authority's requirements.
Deliverables
Technical documentation for the ZAR/ZAP, including the descriptive report, security drawings, the specification of physical and electronic measures, operating procedures, access-control records and the maintenance plans associated with the physical protection infrastructure.
Typical timelines
The documentary design phase is usually completed within four to eight weeks. The implementation of the physical and electronic measures will vary depending on the prior state of adaptation of the premises and the availability of the specialist suppliers.
03 · Service
CIS accreditation
Design, adaptation and accreditation of Classified Information Systems (CIS) in accordance with national regulations and the NATO, EU and ESA frameworks applicable to classified ICT environments.
Scope
Design of secure ICT architectures for classified environments, selection of accredited cryptographic solutions, preparation of the CIS security documentation and specialist support to the company throughout the accreditation and operation of the system in accordance with the Authority's requirements.
Deliverables
Comprehensive development of the CIS security documentation, including the CO/DRES/POS, the risk analysis and the technical accreditation file in accordance with the National Accreditation Procedure.
Typical timelines
CIS accreditation processes (A-CIS) are usually completed within nine to eighteen months, depending on the system architecture, the level of the CI and the applicable security requirements. In certain projects, the A-CIS may be coordinated in parallel with the FSC process.
04 · Service
Documentation
We develop and maintain the security documentation required by the Security Authority to ensure the traceability, currency and continuity of the FSC throughout its entire lifecycle.
Scope
Comprehensive development of the body of documentation associated with the FSC, including the FASE, Protection Plans, operating and emergency procedures, control records, and the security policy required by the Security Authority to obtain, maintain and inspect the clearance.
Deliverables
A complete body of documentation, ready for inspection, with version control, documentary traceability and evidence of internal review and approval in accordance with the Security Authority's requirements.
Typical timelines
The first complete version of the documentation is usually produced within six to ten weeks. Documentary maintenance is carried out continuously throughout the term of the FSC, with mandatory reviews whenever the scope, premises or systems change.
05 · Service
Training
Specialist training in the protection of Classified Information (CI), tailored to the various profiles, roles and access levels defined within the organisation.
Scope
Design and delivery of training and awareness programmes in the protection of Classified Information (CI), including initial training, periodic refreshers, specialist training for Heads of Security and their deputies, and sessions aimed at management and staff with responsibilities relating to classified environments.
Deliverables
Complete documentation of the training programme, including teaching materials, attendance records, evidence of assessment and follow-up, internal certificates and the multi-year training plan in accordance with the FSC maintenance requirements.
Typical timelines
Training sessions last between four and sixteen hours, depending on the profile, role and access level of the personnel. The multi-year training plan is reviewed periodically to ensure it remains aligned with organisational change and the FSC maintenance requirements.
Initial clearance assessment
We analyse the scope of the requirement, the applicable regulatory obligations, the estimated timelines and the capabilities needed to approach the FSC process with assurance, traceability and regulatory compliance.