Law 8/2011, 28 April, By Which Establish Measures For The Protection Of Critical Infrastructure.

Original Language Title: Ley 8/2011, de 28 de abril, por la que se establecen medidas para la protección de las infraestructuras críticas.

Subscribe to a Global-Regulation Premium Membership Today!

Key Benefits:

Subscribe Now for only USD$20 per month, or Get a Day Pass for only USD$4.99.

TEXT

JOHN CARLOS I

KING OF SPAIN

To all who present it and understand,

Sabed: That the General Courts have approved and I come to sanction the following law.

PREAMBLE

Modern states are currently facing different challenges that give national security an increasingly complex character. These new risks, generated, to a large extent, by globalization, and among which international terrorism is counted, the proliferation of weapons of mass destruction or organized crime, are in addition to the existing ones, of which the Traditional terrorism was an exponent.

In this context, the dependency that societies have of the complex system of infrastructures that support and enable the normal development of the productive, management and citizen life sectors is increasing. in general. These infrastructures are often highly interdependent, which is why the security problems that can be triggered by the system itself have the potential to cause unexpected and increasing failures. serious in the basic services for the population.

To such an extent it is so that any unwanted disruption-even short-lived and due to natural or technical causes, well to deliberate attacks-could have serious consequences on vital supply flows or in the operation of the essential services, in addition to causing serious disturbances and dysfunctions in the area of security, which is the subject of particular attention to the National Crisis Situation Management System.

Within the strategic priorities of national security are the infrastructures, which are exposed to a series of threats. For their protection it is essential, on the one hand, to catalogue all those that provide essential services to our society and, on the other, to design a planning that contains effective prevention and protection measures against the possible threats to such infrastructure, both in terms of physical security and the security of information and communications technologies.

In this line, various actions have been undertaken at national level, such as the approval, by the Ministry of Homeland Security of the Ministry of the Interior, of a first National Plan for the Protection of Critical Infrastructures, of 7 May 2007, as well as the development of a first National Catalogue of Strategic Infrastructures. Also, on 2 November 2007, the Council of Ministers adopted an Agreement on the Protection of Critical Infrastructures, which gave a decisive impetus in this field. The development and implementation of this Agreement represents a qualitative step forward in order to ensure the security of citizens and the proper functioning of essential services.

In parallel, there are also a number of actions developed at international level at European level: after the terrible attacks in Madrid, the European Council of June 2004 called on the European Commission to draw up a global strategy on critical infrastructure protection. On 20 October 2004, the Commission adopted a Communication on the protection of critical infrastructure in the fight against terrorism, which contains proposals to improve Europe's prevention, preparedness and response to terrorist attacks. terrorists affecting them. Subsequently, in December 2004, the Council approved the EPPIC (European Programme for Critical Infrastructure Protection) and launched a network of information on alerts in critical infrastructure (Critical Infrastructures Warning). Information Network-CIWIN).

Today, the entry into force of Directive 2008/114 of the Council of 8 December on the identification and designation of European Critical Infrastructure and the assessment of the need to improve its protection (in Directive 2008 /114/EC) constitutes an important step in the field of cooperation in this field within the Union. This Directive lays down that the primary and ultimate responsibility for protecting European critical infrastructures is the responsibility of the Member States and the operators of such infrastructures, and the development of a series of obligations is determined and actions by those States, which are to be incorporated into national legislation.

The actions necessary to optimise the security of infrastructure are mainly framed in the area of protection against deliberate aggression and, in particular, against terrorist attacks, resulting in the led by the Ministry of the Interior.

However, the security of critical infrastructures requires that action be taken that goes beyond mere material protection against possible attacks or attacks, which is why it is inevitable to involve others. bodies of the General Administration of the State, other public administrations, other public bodies and the private sector. These critical infrastructures are increasingly dependent on information technologies, both for their management and for their links with other systems, for which they are based mainly on information and communication media. public and open. Therefore, it is necessary to have the cooperation of all the actors involved in the regulation, planning and operation of the different infrastructures that provide the essential services for the society, without prejudice to the coordination to exercise the Ministry of the Interior in collaboration with the Autonomous Communities.

Consequently, and given the complexity of the matter, its impact on the safety of persons and on the functioning of national and international basic structures, and in compliance with the provisions of the Directive 2008 /114/EC, it is necessary to draw up a standard whose purpose is, on the one hand, to regulate the protection of critical infrastructures against deliberate attacks of all kinds (both physical and cyber) and, on the other hand, the definition of an organisational system for the protection of such infrastructure which brings together Public administrations and private entities concerned. As a basic piece of this system, the Law creates the National Center for the Protection of Critical Infrastructures as an organ of assistance to the Secretary of State for Security in the execution of the functions entrusted to it as an organ. system.

The purpose of this rule is, therefore, to establish measures to protect critical infrastructures that provide an adequate basis for the effective coordination of administrations. Public and of the entities and bodies managing or owning infrastructure that provide essential services for society in order to achieve better security for those entities.

On this basis, the National Strategic Infrastructure Catalogue will be supported (in line with the Communication of the Council of the European Union of 20 October 2004, which states that each sector and each Member State will have to identify the infrastructures that are critical in their respective territories) and the National Plan for the Protection of Critical Infrastructures, as main tools in the management of the security of our infrastructures.

The Law consists of 18 articles, structured in 3 Titles. Title I is intended for the definitions of the terms coined by Directive 2008 /114/EC, as well as for the establishment of matters relating to the scope and subject matter. Title II is dedicated to regulating the organs and instruments of planning that are integrated in the System of Protection of Critical Infrastructures. Title III finally lays down the protective measures and the procedures to be followed by the application of that rule. The Law also consists of four Additional Provisions and five Final Provisions.

Although the material content of the Law is eminently organizational, especially regarding the composition, competencies and functioning of the organs that make up the Critical Infrastructure Protection System, as in all the different protection plans, it has been chosen to provide this standard of legal status, in accordance with the criteria of the State Council, in order to be able to sufficiently cover those obligations that the Law imposes and that require specific legal coverage.

TITLE I

General provisions

Article 1. Object.

1. The purpose of this Law is to establish the appropriate strategies and structures to direct and coordinate the actions of the various bodies of the Public Administrations in the field of critical infrastructure protection. identification and designation of the same, to improve the prevention, preparedness and response of our State in the face of terrorist attacks or other threats affecting critical infrastructures. To this end, the cooperation and involvement of the managing bodies and owners of these infrastructures will be further boosted in order to optimise the level of protection against deliberate attacks of all kinds, in order to contribute to the protection of the population.

2. In addition, this Law regulates the special obligations which public administrations and operators of infrastructure which are to be defined as critical infrastructures, as provided for in paragraphs e) and (f) Article 2 thereof.

Article 2. Definitions.

For the purposes of this Law, the following definitions shall apply:

(a) Essential service: the service necessary for the maintenance of basic social functions, the health, safety, social and economic well-being of the citizens, or the effective functioning of the institutions of the State and Public Administrations.

b) Strategic sector: each of the differentiated areas within the labor, economic and productive activity, which provides an essential service or that guarantees the exercise of the authority of the State or the security of the country. Its categorization is determined in the annex to this standard.

(c) Strategic sub-sector: each of the areas in which the different strategic sectors are divided, in accordance with the distribution contained, on the proposal of the ministries and bodies concerned, the technical document which is approved by the National Centre for the Protection of Critical Infrastructures.

(d) Strategic infrastructures: the facilities, networks, systems and physical and technology equipment of the information on which the operation of the essential services is based.

e) Critical infrastructures: the strategic infrastructures whose functioning is indispensable and does not allow for alternative solutions, so their disturbance or destruction would have a serious impact on the services essential.

(f) European critical infrastructure: critical infrastructures located in a Member State of the European Union, whose disruption or destruction would seriously affect at least two Member States, all in accordance with the to Council Directive 2008/114 of 8 December on the identification and designation of European Critical Infrastructures and the assessment of the need to improve their protection (hereinafter Directive 2008 /114/EC).

g) Critical zone: that geographical area continues where several critical infrastructures are established by different and interdependent operators, which is declared as such by the competent authority. The aim of the declaration of a critical area will be to facilitate the best protection and coordination between the different operators of critical infrastructure or critical European infrastructures located in a geographical area. reduced, as well as with the State Security Forces and Corps and the Autonomous Police of a comprehensive nature.

h) Horizontal criteria of criticality: the parameters according to which criticality is determined, the severity and consequences of the disturbance or destruction of a critical infrastructure will be evaluated according to:

1. The number of people affected, assessed on the basis of the potential number of fatalities or injuries with serious injuries and the consequences for public health.

2. The economic impact based on the magnitude of economic losses and the deterioration of products and services.

3. The environmental impact, degradation at the site and its surroundings.

4. Public and social impact, due to the impact on the population's confidence in the capacity of the Public Administrations, the physical suffering and the disruption of daily life, including the loss and serious deterioration of services essential.

i) Risk analysis: the study of possible threat scenarios to determine and assess the vulnerabilities in the different strategic sectors and the potential impact of the disturbance; destruction of the infrastructure that supports it.

j) Interdependencies: the effects that a disturbance on the operation of the facility or service would produce in other facilities or services, distinguishing the repercussions in the sector itself and in other sectors, and the impacts of local, regional, national or international level.

k) Critical infrastructure protection: the set of activities aimed at ensuring the functionality, continuity and integrity of critical infrastructures in order to prevent, mitigate and neutralize the damage caused by a deliberate attack on such infrastructure and to ensure the integration of these actions with the others that come from other responsible subjects within the scope of their respective competence.

l) Sensitive information on strategic infrastructure protection: the specific data on strategic infrastructures that, if revealed, could be used to plan and carry out actions aimed at provoking the disturbance or destruction of these.

m) Critical operators: the entities or bodies responsible for the investments or the day-to-day operation of an installation, network, system, or physical or information technology equipment designated as critical infrastructure pursuant to this Act.

n) Level of Security: the one whose activation by the Ministry of the Interior is provided for in the National Plan for the Protection of Critical Infrastructures, in accordance with the general assessment of the threat and with the specific one in each scenario is carried out on each infrastructure, under which it will be responsible to declare a specific degree of intervention by the different security bodies.

(o) National Strategic Infrastructure Catalogue: complete, updated, verified and computerized systematised information on the specific characteristics of each of the strategic infrastructures existing in the national territory.

Article 3. Scope of application.

1. This Law shall apply to critical infrastructures located in the national territory linked to the strategic sectors defined in the Annex to this Law.

2. The infrastructure dependent on the Ministry of Defence and the Security Forces and the Security Corps, which shall be governed by its own rules and procedures, shall be exempted from its application.

3. The application of this Law shall be without prejudice to:

a) The mission and functions of the National Intelligence Center established in its specific regulations, always counting with the necessary collaboration and complementarity with those.

(b) The criteria and provisions contained in Law 25/1964 of 29 April on nuclear energy and standards for the development of nuclear energy, and in Law 15/1980 of 22 April of the establishment of the Nuclear Safety Council, reformed by Law 33/2007 of 7 November.

(c) The provisions of the National Civil Aviation Safety Programme referred to in Law 21/2003 of 7 July of the Air Safety Act and its supplementary legislation.

Article 4. The National Strategic Infrastructure Catalogue.

1. The Ministry of the Interior, through the Secretariat of State of Security, will be responsible for the National Catalogue of Strategic Infrastructures (hereinafter the Catalogue), an instrument that will contain all the information and assessment of the strategic infrastructure in the country, including those classified as European Criticism or Criticism, under the conditions to be determined in the Regulation implementing this Law.

2. The competence to classify an infrastructure as strategic, and where appropriate, as critical infrastructure or critical European infrastructure, as well as to include it in the National Strategic Infrastructure Catalogue, will correspond to the Ministry of the Interior, through the Secretariat of State of Security, including proposals, if any, of the competent body of the Autonomous Communities and Cities with Statute of Autonomy that have statutory powers recognized for the protection of persons and property and for the maintenance of public order in relation to with the infrastructure located in its territorial demarcation.

TITLE II

The Critical Infrastructure Protection System

Article 5. Purpose.

1. The Critical Infrastructure Protection System (hereinafter the System) consists of a number of institutions, bodies and companies, both from the public and private sectors, with responsibilities for the correct functioning of the system. essential services or in the security of citizens.

2. They are agents of the System, with the functions to be determined regulatively, the following:

(a) The Secretary of State for Security of the Ministry of the Interior.

b) The National Center for the Protection of Critical Infrastructures.

(c) The Ministries and bodies integrated into the System, which shall be included in the Annex to this Law.

(d) Autonomous Communities and Cities with Autonomy Statute.

e) Government Delegations in the Autonomous Communities and in the Cities with Autonomy Statute.

f) Local Corporations, through the Association of Local Entities with the highest national level.

g) The National Commission for the Protection of Critical Infrastructures.

h) The Interdepartmental Working Group for the Protection of Critical Infrastructures.

i) Critical public and private sector operators.

Article 6. The Secretary of State for Security.

The Secretary of State for Security is the top organ of the Ministry of the Interior responsible for the National Critical Infrastructure Protection System.

In order to carry out its duties, the Implementing Regulation of this Law will determine its powers in this matter, which will be exercised with the assistance of the other members of the System and, mainly, of the National Center for Protection of Critical Infrastructures.

Article 7. The National Center for the Protection of Critical Infrastructures.

1. The National Centre for the Protection of Critical Infrastructures (hereinafter the CNPIC) is hereby established as a ministerial body responsible for the impetus, coordination and supervision of all the activities entrusted to it by the Secretariat of State Security in relation to the protection of Critical Infrastructures in the national territory.

2. The CNPIC will depend organically on the Secretariat of State for Security, and its functions will be those that are regulated.

3. Without prejudice to the above paragraph, it shall be for the CNPIC to perform high, low and infrastructure modifications in the Catalogue, as well as the determination of the criticality of the strategic infrastructure included in the same.

Article 8. Ministries and agencies integrated into the Critical Infrastructure Protection System.

1. For each strategic sector, at least one ministry, body, entity or body of the General Administration of the integrated State shall be appointed. The appointment, discharge or discharge of a ministry or body with responsibility for a strategic sector shall be made by amending the Annex to this Law.

2. The ministries and agencies of the System will be responsible for promoting, in the field of their competences, the security policies of the Government on the different national strategic sectors and to ensure their implementation, acting equally as contact points specialized in the field. To do this, they will collaborate with the Ministry of the Interior through the Secretariat of State for Security.

3. With such objectives, the ministries and agencies of the System shall perform the functions which they shall regulate.

4. A system ministry or body may also have powers in respect of two or more strategic sectors, as set out in the Annex to this Act.

Article 9. Government Delegations in the Autonomous Communities and in the Cities with Autonomy Statute.

1. The Government's Delegates in the Autonomous Communities and in the Cities with Autonomy Statute will have, under the authority of the Secretary of State for Security, and in the exercise of their powers, a series of powers with respect to the critical infrastructures located in their demarcation.

2. The regulatory development of these powers in any case will include the intervention, through the Security Forces and Forces, in the implementation of the different Specific Protection and Operational Support Plans, as well as the proposal to the Secretary of State for Security of the declaration of an area as critical.

3. By way of derogation from the first paragraph of this Article, the Autonomous Communities with statutory powers recognised for the protection of goods and persons and the maintenance of public order shall develop, infrastructure located in its territory, the powers of the Government Delegations regarding the coordination of the autonomous police bodies and, where appropriate, the activation by those of the Operational Support Plan corresponding to the responding to a security alert.

Article 10. Autonomous Communities and Cities with Autonomy Statute.

1. The Autonomous Communities and Cities with the Statute of Autonomy which have statutory powers recognized for the protection of persons and property and for the maintenance of public order may develop, on the infrastructure located in their territorial demarcation, the powers that they regulate are determined in respect of their protection, without prejudice to the coordination mechanisms to be established.

2. In any event, the Autonomous Communities referred to in the previous paragraph shall participate in the process of declaring an area as critical, in the approval of the corresponding Operational Support Plan, and in the meetings of the Working Group. Interdepartmental. They will also be members of the National Commission for the Protection of Critical Infrastructures.

3. The Autonomous Communities not included in the preceding paragraphs shall participate in the Critical Infrastructure Protection System and in the Organs provided for in this Law, in accordance with the competencies that recognize their respective Statutes. of Autonomy.

Article 11. National Commission for the Protection of Critical Infrastructures.

1. The National Commission for the Protection of Critical Infrastructures (hereinafter the Commission) is hereby established as a collegiate body attached to the Secretariat of State for Security.

2. The Commission will be competent to approve the different Sectoral Strategic Plans as well as to designate the critical operators, on a proposal from the Interdepartmental Working Group for the Protection of Critical Infrastructures.

3. Its functions and composition shall be those that are regulated.

Article 12. Interdepartmental Working Group for the Protection of Critical Infrastructures.

1. The System will have an Interdepartmental Working Group for the Protection of Critical Infrastructures (hereinafter the Working Group), whose composition and functions will be determined regulatively.

2. In any case, it will be up to the Commission to draw up the various Sectoral Strategic Plans and the proposal to the Commission for the designation of the critical operators for each of the defined strategic sectors.

Article 13. Critical operators.

1. The operators considered critical under this Law will have to collaborate with the competent authorities of the System, in order to optimize the protection of the critical infrastructures and the European critical infrastructures managed. To that end, they shall:

(a) To technically advise the Ministry of the Interior, through the CNPIC, on the assessment of the infrastructure that is provided to the Catalogue, updating the available data at an annual frequency and, in any case, requirement of the Ministry.

b) Collaborate, as appropriate, with the Working Group on the elaboration of the Sectoral Strategic Plans and on the realization of the risk analyses on the strategic sectors where they are included.

c) Develop the Operator's Safety Plan in terms and with the content that is determined to be regulated.

d) Develop, as provided for in regulation, a Specific Protection Plan for each of the infrastructures considered to be critical in the Catalogue.

e) Designate a Security and Liaison Officer in the terms of this Law.

f) Designate a Security Delegate for each of its infrastructures considered to be Critical or European Critical by the Ministry of the Interior, communicating its designation to the corresponding organs.

g) Facilitate inspections to be carried out by the competent authorities to verify compliance with the sectoral regulations and to take the necessary safety measures in each Plan, with the lowest possible time. possible deficiencies found.

2. It will be a requirement for the designation of critical operators, both in the public and private sectors, that at least one of the infrastructure that manages the consideration of Critical Infrastructure, through the corresponding proposal of which, in any case, the CNPIC shall inform the operator before proceeding to its final classification.

3. The designation as such of the critical operators in each of the defined strategic sectors or sub-sectors shall be carried out on the terms that are regulated.

4. Critical operators will have the direct point of contact with the Ministry of the Interior in the CNPIC as regards their responsibilities, duties and duties. In the event that the critical operators of the Public Sector are linked or dependent on a Public Administration, the competent body of the Public Administration may be established, through the CNPIC, in the interlocutor with the Ministry of the Interior.

TITLE III

System Instruments and Communication

Article 14. System planning instruments.

1. The protection of Critical Infrastructures against any threats that may put them at risk requires the adoption and implementation of the following action plans:

a) The National Plan for the Protection of Critical Infrastructures.

b) Sectoral Strategic Plans.

c) The Operator Security Plans.

d) Specific Protection Plans.

e) The Operational Support Plans.

2. The Ministry of the Interior, through the Secretariat of State of Security, will prepare the National Plan for the Protection of Critical Infrastructures, this being the structural document that will allow to direct and coordinate the actions needed to protect critical infrastructures in the fight against terrorism.

3. The Sectoral Strategic Plans shall also be drawn up by the Working Group and approved by the Commission and shall include, by sector, the criteria for the measures to be taken to address a risk situation.

4. The Operator Safety Plans and the Specific Protection Plans shall be developed by the critical operators in respect of all their infrastructures classified as European Critical or Critical. These are planning instruments through which those assume the obligation to collaborate in the identification of these infrastructures, to specify the policies to be implemented in terms of security of the same, as well as to implement the general protection measures, both permanent and temporary, which, where appropriate, are to be adopted to prevent, protect and react to possible deliberate attacks against those.

5. The Operational Support Plans shall be drawn up by the State Police Corps or, where appropriate, autonomic, with competence in the demarcation, for each of the infrastructures classified as European Criticism or Criticism endowed with a Plan of Specific protection, including measures for surveillance, prevention, protection or reaction to be provided, in addition to those provided for by the critical operators.

6. The specific content and the procedure for the preparation, approval and registration of each of the plans shall be those which are determined by regulation.

Article 15. Communications security.

1. The Secretariat of State of Security shall arbitrate management systems that allow for a continuous update and review of the information available in the Catalogue by the CNPIC, as well as its dissemination to the authorised bodies.

2. The Public Administrations shall ensure the confidentiality of the data on strategic infrastructures to which they have access and of the plans that for their protection are derived, according to the classification of the information stored.

3. Systems, communications and information concerning the protection of critical infrastructures shall have the necessary security measures to ensure their confidentiality, integrity and availability, depending on the level of classification to be assigned to them.

Article 16. The Security and Liaison Officer.

1. Critical operators shall appoint and communicate to the Ministry of the Interior a Security Officer and Liaison with the Administration within the time limit to be established.

2. In any case, the Security Officer and the designated liaison shall have the security director issued by the Ministry of the Interior as provided for in the private security regulations or with the equivalent rating, according to your specific regulations.

3. The specific functions of the Security and Liaison Officer shall be those provided for in regulation.

Article 17. The Critical Infrastructure Security Delegate.

1. Operators with Infrastructures considered as Critical or European Criticas by the Ministry of the Interior shall communicate to the Government Delegations or, where appropriate, the competent authority of the Autonomous Community with statutory powers. recognized for the protection of persons and property and for the maintenance of the public order in which they are located, the existence of a Security Delegate for such infrastructure.

2. The time limit for such communication, as well as the specific functions of the Critical Infrastructure Security Delegate, will be those that are regulated.

Article 18. Security of the classified data.

The critical operator shall ensure the security of classified data relating to its own infrastructure, by means of protection means and the appropriate information systems that are regulated by regulation.

Additional disposition first. Regulations and economic regime applicable to the National Commission for the Protection of Critical Infrastructures and the Interdepartmental Working Group for the Protection of Critical Infrastructures.

As not provided for in this Law, the provisions of Chapter II of Title II of Title II of Law 30/1992, of 26 November, of the Legal Regime of Public Administrations, shall be in accordance with the provisions of this Law. and the Common Administrative Procedure. The operation and work of the Commission, as well as of the Working Group provided for in this standard, shall be carried out in accordance with the budgetary allocations and the personal and technological means of the Ministry of the Interior, without which involve an increase in public expenditure.

Additional provision second. Classification of Plans.

The Plans referred to in Article 14 of this Law shall have the classification corresponding to them in accordance with the regulations in force in this field, which shall be expressly stated in the instrument of their approval.

Additional provision third. Security forces and bodies.

The references made in this Law to the Security Forces and Forces include, in any case, the Police Corps that are dependent on the Autonomous Communities with recognized statutory powers for the protection of the law. of persons and property and for the maintenance of public order.

Additional provision fourth. Ceuta and Melilla.

According to the Statutes of Autonomy of the Cities of Ceuta and Melilla, the Governing Councils of both, according to the Delegation of the respective Government, may issue reports and proposals in the adoption of specific measures on the infrastructure located in them that are the subject of this Law.

Final disposition first. Competence title.

This law is dictated by the jurisdiction attributed to the State under Article 149.1.29. of the Spanish Constitution in the field of public security.

Final disposition second. Competence in the field of Civil Protection.

The provisions of this Law are without prejudice to the provisions of the autonomous civil protection legislation, in accordance with the powers corresponding to each territory under the provisions of the provisions of the corresponding Statutes of Autonomy.

Final disposition third. Incorporation of Community law.

This Law and its subsequent regulatory developments incorporate into Spanish law Council Directive 2008 /114/EC of 8 December on the identification and classification of European Critical Infrastructure and the assessment of the need to improve their protection.

Final disposition fourth. Enabling regulatory development.

1. The Government is enabled to dictate the Rules of Procedure of this Law within six months.

2. The Government is also empowered to amend by Royal Decree, at the proposal of the holder of the Ministry of the Interior and the holder of the competent department for the reason of the matter, the Annex of this Law.

3. In the field of their powers, the Autonomous Communities may also draw up the regulatory standards necessary for the implementation of this Law.

Final disposition fifth. Entry into force.

This Law shall enter into force on the day following that of its publication in the "Official Gazette of the State".

Therefore,

I command all Spaniards, individuals and authorities, to keep and keep this law.

Madrid, April 28, 2011.

JOHN CARLOS R.

The President of the Government,

JOSE LUIS RODRIGUEZ ZAPATERO

ANNEX

Strategic Sectors and Ministries/Competent System Agencies

Sector

Ministry/System

Administration.

Ministry Presidency.

Office.

Defense.

National Intelligence Center

Ministry of Territorial Policy and Public Administration

.

Ministry of Defense.

Industry.

Ministry of Industry, Tourism and Commerce

Nuclear Security.

Industry.

of Science and Innovation.

of Science and Innovation.

Ministry of Science and Innovation.

Environment, and Rural and Marine Environment

Water.

Ministry of Environment Environment, and Rural and Marine Environment

Ministry of Health, Social Policy and Equality.

Energy.

Ministry of Industry, Tourism and Commerce

Health.

Ministry Health, Social Policy, and Equality

Ministry of Science and Innovation

Information and Communications Technologies (ICT).

Ministry Industry, Tourism, and Commerce

of Defense

National Intelligence Center.

Ministry of Science and Innovation.

Ministry of Territorial Policy and Public Administration

Transport.

Ministry Fomento.

.

Environment Ministry, and Rural and Marine Environment.

Ministry Health, Social Policy, and Equality.

Ministry Industry, Tourism, and Commerce

System financial and tax.

Ministry of Economy and Finance