of April 4, 2006 No. ZRU-30
About information security in the automated bank system
Accepted by Legislative house on November 16, 2005
Approved by the Senate on February 24, 2006
The purpose of this Law is relations management in the field of information security in the automated bank system.
The legislation on information security in the automated bank system consists of this Law and other acts of the legislation.
If the international treaty of the Republic of Uzbekistan establishes other rules, than those which are stipulated by the legislation the Republic of Uzbekistan about information security in the automated bank system then are applied rules of the international treaty.
The automated bank system is the information system intended for implementation of collection, storage, search, processing and use of information in the sphere of banking activity.
Information security in the automated bank system is performed for the purpose of:
ensuring information security and cyber security of information systems and resources of banks and protection of bank secrecy;
prevention of leakage, plunder, loss, misstatement, blocking, counterfeit of information and other unauthorized access to it, and also copying and other forms of intervention in the automated bank system.
The organization of information security in the automated bank system is performed in the way:
development and observance of rules on information security, ensuring the information security and cyber security of information systems and resources, and also control over the implementation of the actions directed to information security processed in the automated bank system;
uses of the certified technical means and means of information protection;
creations of service of information security in the automated bank system;
coordination of activities for collection and use of methods of information processing in the automated bank system.
The information access in the automated bank system is provided to the user of the automated bank system with the permission of the owner of information.
Provision of information access in the automated bank system without the permission of the owner of information is allowed only in the cases provided by the law.
The owner of the automated bank system shall be the legal entity.
The owner of the automated bank system coordinates interaction between the owner of information and the user of the automated bank system.
The owner of the automated bank system shall inform the owner of information and the user of the automated bank system on features of methods of information processing in the automated bank system, and the owner of information and the user of the automated bank system shall confirm the consent to application of the offered methods of processing and lack of claims.
The owner of the automated bank system shall provide information security, according to the rules established by the Central bank of the Republic of Uzbekistan and shall notify the owner of information on all facts of violation of protection of its information.
The owner of the automated bank system shall provide information security, containing the state secrets or being confidential, according to the procedure, established by the Cabinet of Ministers of the Republic of Uzbekistan.
Certification of technical means in the automated bank system, and also remedies of this system (including cryptographic) which process the information containing the state secrets or being confidential is performed according to the legislation.
In the Central bank of the Republic of Uzbekistan and banks the service of information security in the automated bank system shall be created.
Service of information security in the automated bank system:
will organize control of ensuring safety of information;
gives methodical and practical help in questions of information security;
participates in designing, testing and acceptance of system of information security in the automated bank system;
takes measures for information security in the automated bank system in case of identification of attempts of unauthorized information access, other forms of intervention and in case of abuse of regulations of functioning of system;
carries out the analysis of condition and efficiency of measures for information security;
performs other powers according to the legislation.
Disputes in the field of information security in the automated bank system are resolved according to the procedure, established by the legislation.
Persons guilty of violation of the law about information security in the automated bank system, bear responsibility in accordance with the established procedure.
This Law becomes effective from the date of its official publication.
President of the Republic of Uzbekistan
I. Karimov
Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info
Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system
If you cannot find the required document, or you do not know where to begin, go to Help section.
In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.
You also may open the section Frequently asked questions. This section provides answers to questions set by users.