Key Benefits:
Since the entry into force of the Plan Director of Information and Telecommunications Systems, approved by Order DEF/315/2002 of 14 February, remarkable progress has been made in the use of Information Technologies and Communications (ICT) in the Ministry of Defence, which have allowed, among other results, to centralise telecommunications contracts, a greater concentration of data processing centres and exploitation, to create a Global Interconnection Node and a Digital Identity Platform, and define a Unified Technical Architecture (ATU) next to a corporate Information Security policy.
However, it has not been possible to unify the Global Telecommunications Network that supports a homogeneous structure of information systems. In addition, during the last decade, there have been a number of changes in the strategic context, and in the areas of organic and technological structure, which require the revision of the aforementioned Director Plan.
In this sense, paragraph 4.4 of the National Defense Directive 2012, of July 2012, states that the greatest effectiveness of our Armed Forces (SAF) and the limitations imposed by the economic context require a rethinking the design of its structures and adapting procedures and processes in both management and the procurement and use of resources. Also, Royal Decree 872/2014, of October 10, establishing the basic organization of the Armed Forces, establishes a new concept of employment of the SAF, the Joint Force as a new form of action of the SAF, in willingness to be employed at any time and place, according to national interests.
From the General Administration of the State (AGE), Royal Decree 806/2014, of September 19, on the organization and operational instruments of information and communications technologies in the General Administration of the State and its Public Bodies, it compels the development of a Plan of Action for the digital transformation of the Ministry of Defense, which must converge with the principles, objectives and lines of action of the ICT Strategy of the AGE, safeguarding its particular characteristics in the field of national defence. Likewise, the Ministry of Defense must also resolve the Department's contribution to the National Defense in the telecommunications sector, pursuant to Article 4.3 of Law 9/2014, of 9 May, of Telecommunications, and others commitments related to the protection of critical infrastructures and their contribution to the National Civil Protection System.
On the other hand, the effectiveness of the SAF is conditioned not only by its integration in the AGE, but also by its interoperability with the allied international organizations and operational structures. Therefore, every CIS/ICT initiative must be made in convergence with the process of digital transformation of the AGE and incorporating the strategies, policies and initiatives of NATO and the EU, in order to achieve interoperability and greater efficiency in the operational employment of the SAF. In this sense, the new techniques used in the development and improvement of information and telecommunications systems are key to achieving interoperability between joint and combined systems, especially in the development of operations in which appropriate coordination and integration should be ensured.
To integrate all these conditions with a global vision, the Ministry of Defense must focus on information as a strategic resource supported by ICT. To do this, we need to complete this policy with an information strategy in the Department, in line with its Plan of Action for digital transformation, thus evolving towards an organization focused on knowledge.
To carry out this policy and to ensure its alignment with the strategic objectives of the Ministry of Defense, its development must be coordinated with the planning and procurement processes of the material resources of the of information and telecommunications, and with those of staff, considering their particular and differential characteristics within the Department.
It is therefore necessary an urgent review of the Policy of Information and Communications Systems and Communications (CIS/TIC) throughout the Department, including the Armed Forces, to adapt it to the needs of the National Defense and lay the foundation for a single, centrally managed, Comprehensive Defense Information Infrastructure (I3D).
For the control and monitoring of such a policy and its development, a new Government Structure of the Information and Communications Systems and Technologies of the Ministry of Defense should be established on the basis of the coordination and the collaboration of all actors with responsibility in the field. It will include the creation of the CIS/TIC Governing Council of the Ministry of Defense, as a collegiate body responsible for the coordination, monitoring and control of the CIS/TIC Policy. This will facilitate the services that will enable the entire Department to efficiently exercise its management functions and its tasks and missions, taking advantage of the latest technological advances and enhancing security in the face of the growing cyberthreats.
In its virtue, with the prior approval of the Minister of Finance and Public Administrations, I have:
Article 1. Object.
It is the object of this ministerial order to establish the Policy of Information and Communications Systems and Technologies (CIS/TIC) of the Ministry of Defense, and to define the structure of government that allows for its coordination, control and monitoring.
Article 2. Definitions.
Service Level Agreement (SLA): Agreement between a service provider and the service provider. The SLA describes the service, documents the service level objectives, and specifies the responsibilities of the service provider and the receiving agency. A single SLA can cover multiple services or affect multiple agencies.
Shared Scope: It encompasses the Ministry of Defense's media and services that are declared to be shared and mandated by the Information and Communications Technology Strategy Commission (ICT), where, by reason of their nature or the common interest, they meet the needs of a significant number of administrative units of the AGE and its Public Bodies (as set out in Article 10 of Royal Decree 806/2014, 19 of September on the organisation and operational instruments of ICT in the AGE and its public bodies.
Common Scope to the Department: It covers the means and services of the Sectoral Scope that by its nature, can satisfy the needs of the higher organs, managers and public bodies of the Ministry of Defense, of the whole of the Armed Forces (SAF), and the EMAD and the operational structure of the SAF.
Sectoral Scope: It encompasses the means and services of the Ministry of Defense that are not declared of shared and mandatory use with other AGE Departments because they serve their own and exclusive functions and functions. Ministry of Defense.
Service Management: A set of capabilities and processes to direct and control the activities of service provision and resources for the design, transition, and improvement of services.
Government of Information and Communications Systems and Technologies: The regulatory and structural framework through which the current and future use of CIS/TIC is coordinated, controlled and monitored. The Government of Information and Communications Systems and Technologies involves evaluating and directing the use of ICT to support the organization and monitoring of the use of the systems to achieve the achievement of the plans and of your objectives.
Ministry of Defense Information: That is officially generated by personnel of the Department or by other entities that carry out work for the Department according to the corresponding agreements; and all those who do not know finds collection in national or international agreements and specifically deposited with the Ministry of Defense for their official treatment.
Integral Defense Information Infrastructure (I3D): A technology infrastructure, under a single operational authority, that through the convergence of information and telecommunications systems and services provides, optimizes the use of the same and provides the agencies and users with effective access to the Defense Information resources, from whatever their geographic or dynamic situation (fixed, stationary or moving), and in all moment, safely. From this I3D, permanent CIS are part of the I3D and are integrated into the deployable CIS, to ensure their continuity in the strategic, operational and tactical environments.
Undeployable CIS Media: These are those that are set to allow for their rapid projection and cover geographic areas that are usually much smaller than those of the permanent CIS media. As they are designed to work in conflict zones and severe environmental and climate conditions, teams should generally present specifically military features.
Permanent CIS: These are the elements that make up the Ministry of Defense's infrastructure for the management and transmission of information to the entire Department, including the Armed Forces, other than the CIS means deployable. They are established in fixed installations, for long operating periods and covering extensive geographical areas.
Orientation to Services: Paradigm of the management of Information and Communications Technologies that, through processes, controls end-to-end a service and focuses it on the user who receives it. It leaves in a second plane the set of layers of technology that can intervene in said service and values the utility for the user and the adequacy to their needs.
CIS/TIC Personnel: Personnel responsible for the management, management, operation and proper operation of Information and Communications Systems and Technologies.
Service Provider: Organization or part of an organization that manages and provides one or more services to the user.
Service Receiver: Organization or part of an organization that receives one or more services.
ICT Service: Medium or functionality to make it easier for users of information systems and telecommunications to meet their requirements for information exchange and processing. From the perspective of a service provider, it is the product to deliver.
Information and Telecommunications Systems (CIS): Set of equipment, methods, procedures and personnel, organized in such a way as to allow users access to information, as well as transmission, processing, presentation and storage of the same. Systems are based on information and communications technologies and provide services.
Information and Communications Systems and Technologies (CIS/ICT): An integral concept that encompasses the systems and technologies that are the basis of the previous ones. It broadly covers the CIS and ICT concepts in any of its forms.
Information Technology (IT), (IT): Resources required to acquire, process, store and disseminate (handle) information. This term also includes the "Communication Technologies (TC)" and the term "Information and Communications Technologies (ICT)", (ICT).
Article 3. Scope of application.
CIS/TIC Policy will be applicable to the entire Ministry of Defense and its Public Bodies.
Article 4. Scope of the CIS/TIC Policy.
The scope of the CIS/ICT Policy comprises a comprehensive and comprehensive vision, based on the objectives and capabilities of the Ministry of Defense, to achieve with the contribution of these systems and technologies.
The planning and procurement of CIS/ICT, its control, organization, operation and maintenance, for the establishment and provision of ICT services, will be governed by the principles, objectives, strategic axes and guidelines of the This Policy.
Article 5. Principles of the CIS/ICT Policy.
1. Guidance to services, where information is identified as a strategic resource on which superiority should be sought to facilitate compliance and achieve the success of the tasks entrusted to the Ministry and the missions of FAS.
2. Centralization, to establish a global and unique vision of the ICS/ICT that allows for its ordination, coherence and rationalization, according to its function of transversal and integrative support of the organization of the Ministry of Defense.
3. Security in systems and services, so that the protection of information does not affect your treatment or transmission, seeking the balance between the need to know and the responsibility to share.
4. Availability and survival of critical systems and services that allow for greater efficiency in decision-making processes and the conduct of military operations.
5. Efficiency in obtaining and employing CIS/ICT through cost reduction, preferably using already developed products and avoiding duplication.
6. Promotion and conservation of CIS/TIC knowledge in Ministry of Defense personnel.
7. Interoperability through alignment with the ICT Strategy of the AGE and with the policies of international organizations with responsibility for security and defense (North Atlantic Treaty Organization-NATO-and European Union) -EU-) to ensure the ability to operate and act jointly at national and multinational level, on and off national territory.
Article 6. Purpose and Strategic Ejes.
1. The purpose of the CIS/ICT Policy is to provide the Ministry of Defense with a set of common and unique common guidelines that, based on the principles of the Policy itself, will allow the information, by its strategic nature, to be reliable and accessible with due protection, at any time and place, for any user who requires it, in accordance with its authorised profile, and the requirements of such information.
2. The achievement of this purpose will be structured on the basis of the following strategic axes:
a) Advance to a single Comprehensive Defense Information Infrastructure (I3D), managed by the Information and Communications Systems and Technologies Center (CESTIC).
b) Give priority to actions aimed at meeting the requirements of CIS/TIC services of the Armed Forces in decision-making and conducting operations, in accordance with the requirements established during the process of Defence planning and specific agreements to the effect between the Chief of Defence Staff (JEMAD) and the Secretary of State for Defence (SEDEF). These agreements, which shall be in accordance with the format detailed in Annex I, shall ensure the authority of the JEMAD on the I3D in the operational field and the survival of the defence and FAS critical services, with the necessary scope for ensure the operation of the Military Command and Control System (SMCM) in the light of any deterioration in the provision of the services concerned and in any circumstances or circumstances of emergency, in peace or in the event of a conflict.
c) To promote the use of standardized, homogeneous and interoperable systems, with preferential employment of products already developed at national or allied level, in convergence with the process of digital transformation of the AGE and incorporating the strategies, policies and initiatives of NATO and the EU.
d) Consolidate security in CIS/ICT, through the strengthening of prevention, detection and response capabilities to cyber attacks, in line with the Ministry of Defence's Information Security Policy and with the Strategy of National Cybersecurity and of the international organizations of which Spain is a part.
e) Advancing towards a new model of integral governance of CIS/ICT, seeking maximum efficiency and efficiency in its definition, direction, planning and management.
f) Optimize the management of human resources related to CIS/ICT and rationalize the financial and material resources in this field, in a coordinated manner with the respective bodies responsible for the policies of the Ministry in relation to these aspects, in order to facilitate in a coherent and effective way the development of the previous strategic axes and, in short, to achieve the best provision of services at the lowest possible cost.
Article 7. General guidelines.
1. Services and infrastructure:
a) A service-oriented reference model for the procurement and management of information and communications systems (CIS-"Communication and Information Systems") resources will be defined, with the aim of to meet the needs of all the Ministry's bodies and with the priority of the SAF, with a particular impact on those relating to the military command and control function.
b) Progress towards centralization of the procurement of the CIS resources of the Ministry of Defense, considering the necessary security and sustainability of the systems throughout the entire life cycle.
c) A catalogue of services will be developed, structured in the sector of the Ministry of Defense and in the shared of the AGE. The catalogue of sectoral services and their updating must be approved by the CIS/TIC Governing Council of the Ministry of Defence.
d) All permanent CIS of the Ministry of Defence will be part of the I3D, and will be dependent on the CESTIC, taking into account their dependence on JEMAD in the operational field under the conditions set out in Article 6.2. b).
e) The services shared with the AGE and the sectorial permanent ones will be provided through the I3D by the CESTIC. This body, which will be run and operated by Ministry of Defence personnel, will manage the services of a permanent nature with full availability. The CESTIC shall have at least one backup Data Processing Center (CPD) to ensure the continuity of the services in any circumstances or emergency situations, in peace or in the event of conflict.
(f) The design and commissioning of systems that ensure the command and control and intelligence capabilities of the Armed Forces shall be prioritized, taking into account their operational requirements.
g) The survival of the services of the SMCM, identified in the specific agreements JEMAD-SEDEF, must be guaranteed to allow with own resources the most efficient decision making and the conduct of operations in any situation or circumstance. These services and their associated infrastructures shall be established and operated in accordance with national and NATO standards for cyber defence, in order to ensure their security and facilitate interconnection with networks, systems and services of the allies, and with the level of redundancy that determine the requirements of the Defense Staff.
(h) For the provision of services, the Service Level Agreements (SLA-"Service Level Agreement"-) shall be established between the CESIC, as a supplier, and the receiving agencies of such services. Such SLAs shall include, inter alia, the level of service, the level of quality, the availability, and the criteria for safety, assistance and maintenance. The SLAs shall apply to all sectoral services.
2. Security:
a) The security parameters of the I3D will be established in line with what is established by the Ministry of Defense Information Security Policy and with the criteria established by the Joint Cyber Defense Command. (MCCD).
b) A single reference architecture for Information Security in the Information and Telecommunications Systems (SEGINFOSit), which will develop the MCCD, shall be established, taking into account the security measures defined in Royal Decree 3/2010, of 8 January, which regulates the National Security Scheme in the field of the Electronic Administration, in the regulations concerning the protection of personal data, and in the regulations of the Centro Criptologico National (CCN) of the National Intelligence Center (CNI).
3. Technical standardisation:
a) The approved model of NATO architectures will be used as an instrument of coherence and technical integrity in the implementation of this Policy, and according to the following hierarchy:
1. Global architecture, which will describe at a high level the capabilities necessary to fulfill the purpose and strategic axes marked by this Policy, orienting the rest of architectures. It will be unique to the entire Department and will be approved by the Secretary of State for Defense.
2. º Reference Architects, which will identify the functionalities of the components of the systems and services and the programming of their implementation in the framework of the Strategic Plan of Information Systems and Technologies and the Communications (PIS). They will serve as a reference to the action plans and will be approved by the CIS/TIC Government Council of the Ministry of Defense, as a prerequisite for their budgetary allocation.
3. Objective/Solution Architecture, which will detail the processes and information flows of systems and services through the most appropriate and viable technological solutions within the action plans and within the framework of the the corresponding reference architectures. They will be approved by the CIS/TIC Executive Committee of the Ministry of Defense.
b) Common solutions applicable, currently in use in the AGE, in NATO ("NATO First Policy"), in the EU or allied countries, will be prioritized, wherever possible, to improve interoperability and lower costs. If not possible, commercial products already developed (COTS-"Commercial Off-The-Shelf") will be acquired for proven effectiveness and quality, and finally, only if strictly necessary, will the creation of a proprietary solution be addressed.
c) Open standards will be used, as far as possible, to achieve greater flexibility, lower cost, and shorter service entry deadlines. All standards of mandatory use will be collected in a Unified Catalogue of CIS/TIC Standards of the Ministry of Defense (CUE), permanently updated, which will be included in the Global Architecture.
(d) The services will be organised according to a taxonomy of the Ministry of Defence's own services, following the NATO model ("NATO C3 Classification Taxonomy") and organised in "Network and Telecommunications" services, "Computer Platform", "User Basic" and "Specific Function". These categories of horizontal character overlap two control verticals, identified as "Management, Operation and Maintenance", and " Security of the Information '. This taxonomy of services must ensure its alignment with this policy and its rules of application, as well as its support through the necessary human, financial, organization, legislation and regulations, for Conform to the full orientation of I3D services.
e) The application of emerging and contrasting technologies at the national and international level of the sector will be aimed at promoting the effectiveness, interoperability and efficiency of the use of systems and the provision of services.
f) Risk management will be developed throughout the life cycle of systems and services, and should be considered in all plans and projects that develop this policy to achieve the most appropriate decision-making.
g) Technical validation mechanisms will be established covering the entire life cycle of systems and services, including the operational certifications of the solutions to be integrated into the I3D. Also, quality and compliance audits will be carried out in an ordinary way.
h) Standard reference models and methodologies shall be adopted for good practice in the management of services and in the procurement, operation and maintenance of systems.
4. Staff, material and financial resources:
(a) For a better use of the capabilities of the personnel in the CIS/TIC field of the Ministry of Defense, a review of the training courses and of the high studies of the National Defense will be carried out. of the bodies with responsibility in this field. In this way, it would be possible to promote and homogenize the specialization of the CIS/TIC staff, according to the pace of evolution of the new systems and technologies and the needs of the templates.
b) To achieve greater coordination in the allocation of tasks and their balanced coverage throughout the Ministry of Defense, the CIS/TIC personnel templates of the Department will be reviewed by the agencies with responsibility in this field in coordination with the Directorate-General for Personnel (DIGENPER).
c) The CESTIC, in coordination with the Directorate General of Armament and Material (DGAM), will develop the procedures for collaboration and coordination of the processes of obtaining the CIS/TIC that are part of the resources of the Armaments and Equipment or R & D.
d) In coordination with the Directorate-General for Economic Affairs. (DIGENECO), CESTIC will manage centrally and with a global vision the budget related to CIS resources that are part of the I3D.
5. Information and Knowledge Management: The implementation of an information and knowledge management structure at ministerial level will be enhanced, which will develop its strategy in this regard, in close coordination with its Plan of Action. for digital transformation to achieve better use of ICT services and to facilitate the review of procedures, processes and structures that the digitalisation process entails.
6. Communication plan. A Communication Plan will be developed for the Ministry of Defense's agencies and users, including actions to raise awareness and disseminate this policy and its related plans, and to provide support during the transition for deployment.
Article 8. Development of the CIS/ICT Policy.
1. For the development of this Policy, the Strategic Plan of Information and Communications Systems and Technologies will be developed, which will integrate operational requirements at strategic, operational and tactical levels; and will be supported in the global architecture. It will concretize the relations between the planning bodies and the implementing bodies in the field of the Department's competences. Its elaboration will be the responsibility of the CESTIC, with the collaboration of DGAM for those parts of the Strategic Plan that affect systems of its competence, and will be approved by an instruction of the Secretary of State of Defense.
2. The EIBS shall be developed through the corresponding derivative action plans which are defined, as outlined in Annex II, on the development of the Information and Communications Systems and Technology Policy of the Ministry of Defense.
Article 9. Government of the CIS/ICT of the Ministry of Defense.
1. The Government of the CIS/ICT of the Ministry of Defense, constitutes the frame of reference within which the monitoring, coordination and control of the CIS/TIC Policy of the Department and its implementing regulations will be developed.
2. This CIS/TIC Government is articulated in:
a) CIS/TIC Governing Council of the Ministry of Defense, as a collegiate body responsible for the coordination, monitoring and control of the CIS/TIC Policy.
b) CIS/ICT Executive Committee of the Ministry of Defense, as the subordinate body for the coordination, monitoring and control of the IASS that will develop the CIS/TIC Policy.
c) CIS/TIC Committees of the Ministry of Defense, as organs for the follow-up of action plans that are derived from the SDS.
3. The functions of assistance and support to the CIS/TIC Governing Council will be carried out by the CESTIC.
Article 10. Composition and functions of the CIS/TIC Governing Council.
1. The CIS/TIC Governing Council shall be composed of the following members:
a) President: The Secretary of State for Defense.
b) Co-President: The Chief of Defence Staff
c) Permanent Vocals:
1. The Chief of the Joint Chiefs of Defense
2. The Second Chief of Staff of the Army of the Earth.
3. The Second Chief of Staff of the Navy.
4. The Second Chief of the Air Staff.
5. The Director General of Armament and Material.
6. The Director General of Economic Affairs.
7. The Director General of Infrastructure.
8. The Technical Secretary General.
9. The Director General of Personnel.
10. The Director General of Military Recruitment and Teaching.
11. The Director General of Defense Policy.
(d) Non-permanent Vocals: When subjects are dealt with, the Director-General of the National Aerospace Technical Institute "Esteban Terradas", the Managing Director of the Housing Institute, will attend. Defense Infrastructure and Equipment, the General Secretary of the Armed Forces Social Institute, the General Counsel of Defense, the General Controller of Defense, or the Defense Inspector General of Health.
e) Secretary: The Director of the CESTIC.
2. The President and the Co-Chair, on a proposal from the members of the CIS/TIC Governing Council, may invite technical or specialist personnel to be incorporated, with a voice but without a vote, in the subjects to be dealt with.
3. The permanent members of the CIS/TIC Governing Council shall have the appointment of alternate members appointed by the members of their respective organs and units. These alternate vowels shall have a minimum rank of deputy director general (or minimum brigade/rear admiral employment).
4. The CIS/TIC Governing Council shall, in general, meet in ordinary session at least once a year, either on a call from its President or on an extraordinary call at the initiative of the President himself or upon request, at least, half of its members.
5. The CIS/TIC Governing Council will develop the following functions:
a) Coordinate the implementation of the CIS/TIC Policy of the Ministry of Defense, through the monitoring of plans and projects, ensuring its coherence with the provisions of this policy.
b) Follow investments, actions and services through the results reports of the CIS/ICT Executive Committee to maintain consistency with the CIS/ICT Policy and approve, where appropriate, the proposed measures for correct identified deficiencies or deficiencies.
c) Control the achievement of the principles, objectives and strategic axes of the CIS/ICT Policy and the fulfilment of its general guidelines.
d) Monitor the development of the CIS/ICT Policy in relation to the global architecture, which should ensure the standardisation, homogeneity and interoperability of networks, systems and services. Approve the reference architectures that develop it.
e) Approve the service catalog and its updates.
f) Ensuring coordination to establish a unique position of the Ministry of Defense, in international forums and in the relationship with other Departments and Organizations of Public Administrations in Spain, in the field of CIS/TIC.
g) Give guidelines to the CIS/TIC Executive Committee on any matter of its competence.
Article 11. Composition and Functions of the CIS/TIC Executive Committee.
1. The CIS/TIC Executive Committee shall be composed of the following members:
a) President: The CESTIC Director.
b) Co-President: The Head of the Armed Forces ' Head of Information and Telecommunications Systems.
c) Permanent Vocals:
1. The Commander-in-Chief of the Joint Cyber Defense Command.
2. The Head of the Head of the Earth Army's Information, Telecommunications and Technical Assistance Systems.
3. The Head of the Head of General Services, Technical Assistance and Information Systems and Telecommunications of the Navy.
4. The Head of the Head of Technical Services and Information Systems and Telecommunications of the Air Force.
5. A representative of the DIGENECO, with the rank of deputy general manager.
6. A representative of the DGAM, with the rank of deputy general manager.
7. A representative of the DIGENIN, with the rank of deputy general manager.
8. A SEGENT representative, with the rank of deputy general manager.
9. A representative of the DIGENPER, with the rank of deputy general manager.
10. º A representative of the DIGEREM, with the rank of deputy general manager.
11. º A representative of the DIGENPOL, with the rank of deputy general manager.
(d) Secretary: A Colonel or official with level 29 of the structure of the CESTIC, appointed by the President of the CIS/TIC Executive Committee.
2. The President and the Co-Chair, on a proposal from the members of the CIS/TIC Executive Committee, may invite technical or specialized personnel to be incorporated, with a voice but without a vote.
3. The members of the CIS/TIC Executive Committee shall have the appointment of alternate members appointed by the members of their respective organs and units. These Alternate Vowels, wherever possible, must have a minimum rank of deputy director-general (or minimum employment of Brigadier General/Rear Admiral).
4. As a general rule, the CIS/TIC Executive Committee shall meet in ordinary session at least twice a year by convening its President, or in extraordinary convocation at the initiative of the President himself or upon request, at least, half of its members.
5. The CIS/ICT Executive Committee will develop the following functions:
a) Control and evaluate the programs, projects and actions that are carried out for the development of the PIS, monitoring and controlling its coherence with the Reference Architects, with the programming and budgets approved, and with the relevant level of risk, which must be permanently updated. Approve the Target/Solution Architects for Action Plans.
b) Monitor and control the results of performance metrics and indicators related to the exploitation and delivery of ICT Services, collected in the Catalogue.
c) Develop and raise to the CIS/TIC Governing Council the report of the results of the Department's activities, investments and CIS expenses, associating them with the Principles, Finality, Strategic Ejes and Policy Guidelines CIS/TIC, and identify, where appropriate, corrective measures to address identified deviations, deficiencies or deficiencies.
d) Coordinate the development of change management and outreach and awareness processes associated with the implementation of the SDS.
e) Establish the CIS/TIC Committees required for the follow-up of CIS Action Plans that are derived from the PIS.
f) Give guidelines to the CIS/TIC Committees on any matter of their competence.
Article 12. Composition and functions of the CIS/TIC Committees.
1. At least the following CIS/TIC Committees shall be established for the respective I3D Action Plans:
(a) The Telecommunications Committee of the Ministry of Defense corresponding to the Network and Telecommunications Services Action Plan, chaired by a representative of the CESTIC.
(b) The Information Systems Committee of the Ministry of Defense with respect to the Action Plan of the Information Platform, User Basic and Specific Function Services, chaired by a representative of the CESIC.
(c) The Information Security Committee in the Information and Telecommunications Systems of the Ministry of Defence in relation to the Information Security Services Action Plan, chaired by a representative of the Ministry of Defence Joint Cyber Defense Command.
(d) The Ministry of Defense's Committee on the Management and Operation of CIS/ICT for the Action Plan of the Permanent Management and Operation Services, chaired by a representative of the CESIC.
2. They shall be composed, in general, by the following members:
a) President: for the cases not mentioned in the previous point, he will be a representative of the scope to which the corresponding Plan of Action CIS, appointed by the Executive Committee CIS/TIC, will approve its terms of reference.
b) Vocals, will participate, at least the following:
1. CSTIC Representative.
2. Deputy Chief of Defense Staff.
3. Representative of the Directorate-General for Economic Affairs, where appropriate.
4. Representatives to be appointed by their respective Vocals in the CIS/TIC Executive Committee.
3. They shall meet in general every two months.
4. Develop the following functions:
a) Control the level of achievement of their respective Action Plans and identify corrective measures to correct any deviations that may have occurred.
b) Ensure the technical coherence of the programs, projects and actions that are carried out for the development of the Action Plans, by checking their alignment with the corresponding Objective/Solution Architects.
c) Develop and raise to the CIS/TIC Executive Committee a report of the results of the activities, investments and expenditures, associating them with the objectives of the respective Action Plan.
d) Develop the mandatory report, for those contracts that are excluded from the report of the Ministerial Digital Administration Commission, as set out in Ministerial Order 2071/2015 of 5 October, in line with the Royal Decree 806/2014 of 19 September 2014 on the organisation and operational instruments of information and communications technologies in the General Administration of the State and its Public Bodies.
Article 13. Director of the CESTIC and CIO of the Ministry of Defense.
1. He will be responsible for promoting the development of the CIS/ICT Policy and for coordinating the management of Information and Knowledge at the departmental level, assuming the functions of Director of Systems and Technologies of Information and Communications, CIO ("Chief Information Officer").
Their functions of coordination of the CIS/ICT Policy and of monitoring compliance with it, will be developed under the guidelines established by the CIS/TIC Government Council of the Ministry of Defense.
2. As responsible for the management of the I3D, it will depend on the JEMAD in the operational field, under the conditions set out in the specific agreements established to the effect between JEMAD and SEDEF. He will be appointed by the Minister of Defense on the proposal of the JEMAD and SEDEF.
Article 14. Coordination with other Ministries and International Organizations in the CIS/TIC field.
1. According to Law 8/2011, of 28 April, establishing measures for the protection of critical infrastructures, the CIO of the Ministry of Defense will represent this Department in the elaboration of the Strategic Strategic Plan Information and Communications Technologies.
2. For the purposes of coordination and collaboration, the Director of the CESTIC and CIO of the Ministry of Defense, will represent this Department in the Management Committee of Information and Communications Technologies, a support body attached to the Directorate of Information and Communications Technologies, regulated in Royal Decree 806/2014 of 19 September, on the organisation and operational instruments of information and communications technologies in the General Administration of the State and its Public Bodies.
3. The CIO of the Ministry of Defense will represent this Department to the Ministry of Industry, Energy and Tourism in the interministerial organs that are created for the defense of the field of telecommunications as provided for in Law 9/2014 9 May, General Telecommunications. Likewise, the CIO will coordinate with this Ministry the planning of the I3D in the part that corresponds to the Telecommunications System of the Armed Forces, in order to ensure, as far as possible, its compatibility with the civil services, and the precise technical coordination programmes shall be drawn up to facilitate the harmonisation, approval and use, joint or indistinct, of the civil and military means, systems and networks in the field of telecommunications.
4. Coordination in CIS/TIC matters will be strengthened with the authorities responsible for the National System of Crisis Management and Civil Protection and the capabilities of the National Emergency Network (RENEM) will be consolidated, as input from the Ministry of Education. Defense to the State Civil Protection Plans.
5. As regards the representation of the Department and the international dialogue, as regards aspects arising from the present CIS/ICT policy or impact on it, these will be held by the Director of the CESTIC and the Ministry of Defense in coordination with the Defense General Staff and the Directorate General for Defense Policy.
Additional disposition first. Collegiate bodies.
1. The collegiate bodies set up in this ministerial order shall be in accordance with the provisions laid down in respect of the bodies referred to in Chapter II of Title II of Law No 30/1992 of 26 November 1992 on the legal system of public and public administrations. Common Administrative Procedure and Title II, Chapter IV of Law 6/1997 of 14 April of the Organization and the Functioning of the General Administration of the State.
2. Membership or participation in the meetings of these collegiate bodies shall not imply the perception of any kind of remuneration or compensation that would increase public expenditure.
Additional provision second. No increase in public spending.
The measures included in this ministerial order will not entail any increase in appropriations, remuneration, or other personnel costs.
Single repeal provision. Regulatory repeal.
1. Order DEF/315/2002, dated 14 February, is hereby repealed, approving the Plan Director of Information and Telecommunications Systems and establishing, for its management, management and monitoring, the Commissioner of the Plan.
2. Likewise, any other provision of equal or lower rank shall be repealed as set out in this ministerial order.
Final disposition first. Dispositive faculties.
The Chief of Defense Staff and the Secretary of State of Defense are empowered to dictate how many provisions require the application of this ministerial order.
Final disposition second. Entry into force.
This ministerial order shall enter into force on the day following that of its publication in the "Official State Gazette".
Madrid, December 3, 2015. -Minister of Defense Pedro Morenes Eulate.
ANNEX I
Format for specific JEMAD-SEDEF agreements that must be developed to ensure the authority of the JEMAD on the Integral Defense Information Infrastructure (I3D) in the operational scope
The JEMAD-SEDEF specific agreements will contain at least the following:
1. Object.
2. Scope.
3. Dependency on the CESTIC holder of the JEMAD in the operational field.
4. A catalogue of systems and services critical to the operational structure of the Armed Forces and the Joint Force.
5. Transfer of authority over the systems and services dedicated to the operational structure of the Armed Forces and the Joint Force.
6. Service Level Agreements (SLAs) of the CESTIC with the Head of Information Systems and Telecommunications of the Armed Forces (JCISSFAS).
ANNEX II
Development of the Defense Ministry's Information and Communications Systems and Technologies Policy
The development of the CIS/ICT Policy will be realized through the elaboration and implementation of the Strategic Plan of Information and Communications Systems and Technologies (EIPTS) with a medium-term and the corresponding short-term action plans, oriented to the concrete subjects of the CIS/TIC, aligned with the financial and material resources, derived from the Defense Planning process.
a) Strategic Plan of Information and Communications Systems and Technologies. Consider:
1. Introduction with an executive summary of the policy from which it is derived.
2. Scope, Scope, and General Lines.
3. The implementation of the relationship between the planning bodies and the implementing bodies in the department's field of competence.
4. General criteria for staff training.
5. General criteria for obtaining the CIS/TIC media (I3D and dependent infrastructures directly from the General Headquarters of the Armies and Armies).
6. Human, material and financial resources for the development of the PIS.
7. º Guidelines for transitioning from the current model to I3D.
8. Guidelines for action plans, options and scenarios, metrics, associated risks, and their management.
9. º Gantt detailed diagram of the PIS.
The PIS will identify the reference architectures to develop and integrate the necessary capabilities with the aspects, operations, services, systems and technicians, that allow the development of the action plans corresponding.
b) Action Plans. They will develop specifically and in detail the different aspects of the PIS, from a technical, functional or operational point of view. They shall include all factors related to the CIS capabilities and the resources and organisation necessary for their development. Each action plan shall establish the target/solution architectures required for the procurement of the systems and the provision of the necessary services.
Action plans will be as follows:
1. Common Industry Action Plans:
I3D action plans, which will develop the I3D in relation to the migration and unification of networks and systems, and with the provision of services, as well as the reference and objective architectures/solution of the I3D. These plans will include the Network and Telecommunications Services Action Plan, the Information Platform Services Action Plan, User Basic and Specific Function, the Action Plan for the Security Services of the The Information and Action Plan of the Permanent Management and Operation Services, in relation to the process of transition to service orientation, defining the catalog, the SLAs, and their management structure.
Plan of Action for Planning and Obtaining the CIS Resources for I3D, which will develop the I3D in relation to the planning and procurement processes of the CIS resources. It will be aligned with the Ministry of Defence's Director of Financial Resources and Materials Plan and contribute to the Ministry of Defence's (PACDEF) Annual Recruitment Plan.
Organization Action Plan, which will develop the IDS in relation to the CIS organization, with human and financial resources, as well as outreach and awareness.
2. Specific Action Plans:
The specific action plans necessary for the integration of the networks and systems of a deployable character in the I3D, to be developed by the EMAD, the Armies and Armies.
The Action Plan for Digital Transformation, under Royal Decree 806/2014 of 19 September on the organisation and operational tools of information and communications technologies in the administration General of the State and its Public Bodies, to be established by the Ministry of Defense's Ministerial Committee on Digital Administration and shall conform to the criteria of the IDS, based on the corresponding reference architecture.
