MAGERIT is a formal method to assess the risks incurred by information systems and recommend appropriate measures to manage them.
Risk assessment and management is a key aspect of Royal Decree 3/2010, of 8 January, regulating the National Security Scheme (ENS) for E-Government, aimed at the fulfilment of the proportionality principle in accordance with the fundamental principles and minimum standards for an adequate protection of information.
MAGERIT facilitates the implementation of the National Security Scheme (ENS), providing the fundamental principles and minimum standards for an adequate protection of information.
MAGERIT is listed on the European Union Agency for Network and Information Security (ENISA) Inventory of Risk Management/Risk Assessment Methods and Tools: http://rm-inv.enisa.europa.eu/methods_tools/m_magerit.html
MAGERIT is the risk assessment/management tool developed by the High Council of E-Government.
MAGERIT enables users to:
• Assess the risks associated with information systems and their environments. MAGERIT analyses the risks involved in the assessment of the impact of a security breach on the organisation, points out existing risks, identifies threats to information systems and evaluates system vulnerability in threat prevention, obtaining results.
• Manage risks based on risk assessment, suggesting adequate measures to understand, prevent, avoid, reduce or control the identified risks, thus reducing their potential for damage or harm
Responsible Organisms
Ministerio de Política Territorial y Función Pública
Secretaría de Estado de Función Pública
Secretaría General de Administración Digital
Intended Audience
Any Public Administration