Document from CIS Legislation database © 2003-2022 SojuzPravoInform LLC

ORDER OF THE GOVERNMENT OF THE REPUBLIC OF KAZAKHSTAN

of August 9, 2018 No. 488

About approval of the National anti-crisis plan of response to incidents of information security

(as amended of the Order of the Government of the Republic of Kazakhstan of 01.10.2020 No. 630)

According to subitem 6-1) of article 6 of the Law of the Republic of Kazakhstan of November 24, 2015 "About informatization" the Government of the Republic of Kazakhstan DECIDES:

1. Approve the enclosed National anti-crisis plan of response to incidents of information security.

2. This resolution becomes effective after ten calendar days after day of its first official publication.

Prime Minister of the Republic of Kazakhstan

B. Sagintayev

Approved by the Order of the Government of the Republic of Kazakhstan of August 9, 2018, No. 488

National anti-crisis plan of response to incidents of information security

Chapter 1. General provisions

1. The national anti-crisis plan of response to incidents of information security (further - the plan) determines operations procedure of subjects of system by decrease in influence of incidents of information security on condition of information security with simultaneous minimizing of violations of their work.

2. This plan does not extend to the information systems in the protected execution carried to the state secrets according to the legislation of the Republic of Kazakhstan on the state secrets, and also network of telecommunications of special purpose and/or the governmental, presidential, secret, encoded and coded communication.

3. In this plan the following concepts are used:

1) objects of information and communication infrastructure (further - objects of IKI) - information systems, technological frameworks, the hardware and software, networks of telecommunications, and also systems of ensuring smooth functioning of technical means and information security;

Crucial objects of information and communication infrastructure (further - KVOIKI) - objects of IKI, including information and communication infrastructure of "the electronic government", violation or the termination of functioning of which leads 2) to emergency situation of social and (or) technogenic nature or to considerable negative effects for defense, safety, the international relations, economy, certain spheres of economy, infrastructure of the Republic of Kazakhstan or for life activity of the population living in the corresponding territory;

3) response system on incidents of information security (further - system) - set of forces and means of ensuring of information security intended for realization of nation-wide complex of actions for protection of electronic information resources, information systems and information and communication infrastructure from technological failures or unauthorized impact as a result of the computer attacks and liquidation of their effects;

4) incident of information security (further - incident of IB) - separately or serially arising failures in work of information and communication infrastructure or its separate objects creating threat to their proper functioning and (or) conditions for illegal obtaining, copying, distribution, modification, destruction or blocking of electronic information resources;

5) crisis situation in the field of information security - incident of IB or real premises to its origin on objects of IKI which can result in impossibility or restriction of provision of the state services, emergency situation of social and (or) technogenic nature or to considerable negative effects for defense, safety, the international relations, economy, certain spheres of economy, infrastructure of the Republic of Kazakhstan or for life activity of the population living in the corresponding territory;

6) national coordination Information Security Center (further - NKTsIB) - structural division of Public Technical Service joint-stock company;

7) subjects of system - the state bodies authorized on the solution of questions of information security or response to incidents of IB, NKTsIB, Operational staff, owners of objects of informatization of "the electronic government", owners of KVOIKI, operational Information Security Centers (further - OTsIB), services of response to incidents of information security;

8) the computer attack - purposeful attempt of realization of threat of unauthorized impact on information, electronic resource, information system or receipts of access to them using program or software and hardware (or protocols of network interconnection).

Other concepts applied in the plan correspond to the concepts used in the legislation of the Republic of Kazakhstan in the field of informatization and communication.

Chapter 2. Preventive actions

4. For the purpose of prevention and non-admission of incidents in the field of informatization and communication of NKTsIB on planned basis carries out explanatory works on incidents of IB, for this purpose on permanent basis performs collection, the analysis and generalization of information from subjects of system and other sources, including the foreign and international organizations in the field of information security.

5. OTsIB for the purpose of identification and suppression of threats of IB performs monitoring of the information and communication infrastructure connected to it and objects of informatization.

6. Interaction of OTsIB concerning monitoring of information security support of objects of informatization provides NKTsIB.

7. Subjects of system for increase in level of security of electronic information resources, the software, information systems and the information and communication infrastructure supporting them are guided by Single requirements in the field of information and communication technologies and information security support, and also other regulatory legal acts regulating the sphere of information security.

Chapter 3. Actions of owners and owners of crucial objects of information and communication infrastructure and objects of informatization of "the electronic government"

8. For the purpose of ensuring response to incidents of IB with criticality levels from 0 to 5 owners of objects of informatization of "the electronic government", owners of KVOIKI, OTsIB develop and approve plans of reaction in which measures for processing of threats (risks) of information security, ensuring continuous work and maintenance of the assets connected with means of information processing and the following obligatory events are provided on:

1) to the organization and holding actions for non-admission of emergence of crisis situation of information security;

2) to collection and data analysis about condition of information security in information and communication infrastructure;

3) to implementation of interaction with OTsIB and NKTsIB;

4) to the supporting measures of providing continuity of work and resistance to external changes;

5) to informing the interested subjects of system concerning the found incidents of information security and to their elimination;

Warning!!!

This is not a full text of document! Document shown in Demo mode!

If you have active License, please Login, or get License for Full Access.

With Full access you can get: full text of document, original text of document in Russian, attachments (if exist) and see History and Statistics of your work.

Get License for Full Access Now

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info

Effectively work with search system

Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system

Get help

If you cannot find the required document, or you do not know where to begin, go to Help section.

In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.

You also may open the section Frequently asked questions. This section provides answers to questions set by users.

Search engine created by SojuzPravoInform LLC. UI/UX design by Intelliants.