Document from CIS Legislation database © 2003-2021 SojuzPravoInform LLC

I.O.'S ORDER OF THE MINISTER OF DIGITAL DEVELOPMENT, INNOVATIONS AND AEROSPACE INDUSTRY OF THE REPUBLIC OF KAZAKHSTAN

of August 16, 2019 No. 199/Tax Code

About approval of Rules of carrying out monitoring of events of information security of objects of informatization of state bodies

(as amended on 02-02-2021)

According to subitem 5-1) of article 7-1 of the Law of the Republic of Kazakhstan of November 24, 2015 "About informatization" PRIKAZYVAYU:

1. Approve the enclosed Rules of carrying out monitoring of events of information security of objects of informatization of state bodies.

2. To provide to committee on information security of the Ministry of digital development, innovations and aerospace industry in the procedure established by the legislation of the Republic of Kazakhstan:

1) state registration of this order in the Ministry of Justice of the Republic of Kazakhstan;

2) within ten calendar days from the date of state registration of this order the direction it in the Kazakh and Russian languages in the Republican state company on the right of economic maintaining "Institute of the legislation and legal information of the Republic of Kazakhstan" for official publication and inclusion in Reference control bank of regulatory legal acts of the Republic of Kazakhstan;

3) placement of this order on Internet resource of the Ministry of digital development, innovations and the aerospace industry of the Republic of Kazakhstan after its official publication;

4) within ten working days after state registration of this order in the Ministry of Justice of the Republic of Kazakhstan submission to Legal department of the Ministry of digital development, innovations and the aerospace industry of the Republic of Kazakhstan of data on execution of the actions provided by subitems 1), 2) and 3) of this Item of the order.

3. To impose control of execution of this order on the supervising vice-minister of digital development, innovations and the aerospace industry of the Republic of Kazakhstan.

4. This order becomes effective after ten calendar days after day of its first official publication.

Acting Minister of digital development, innovations and aerospace industry of the Republic of Kazakhstan

It is approved

Committee of homeland security of the Republic of Kazakhstan

 

Approved by the Order of the acting minister of digital development, innovations and the aerospace industry of the Republic of Kazakhstan of August 16, 2019 No. 199/Tax Code

Rules of carrying out monitoring of events of information security of objects of informatization of state bodies

Chapter 1. General provisions

1. These rules of carrying out monitoring of events of information security of objects of informatization of state bodies (further - Rules) are developed according to subitem 5-1) of article 7-1 of the Law of the Republic of Kazakhstan of November 24, 2015 "About informatization" (further - the Law) and determine procedure for carrying out monitoring of events of information security of objects of informatization of state bodies.

2. In these rules the following concepts and determinations are used:

1) objects of informatization - electronic information resources, the software, Internet resource and information and communication infrastructure;

2) information security in the field of informatization (further - information security) - condition of security of electronic information resources, information systems and information and communication infrastructure from external and internal threats;

3) monitoring of events of information security - permanent observation of object of informatization for the purpose of identification and identification of events of information security;

4) event of information security (further - event of IB) - the condition of objects of informatization testimonial of possible violation of the existing security policy or about before unknown situation which can be related to safety of object of informatization;

5) incident of information security (further - incident of IB) - separately or serially arising failures in work of information and communication infrastructure or its separate objects creating threat to their proper functioning and (or) conditions for illegal obtaining, copying, distribution, modification, destruction or blocking of electronic information resources;

6) the public technical service - the joint-stock company created according to the decision of the Government of the Republic of Kazakhstan;

7) journalizing of events - process of data recording about the program or hardware events happening to object of informatization in the log of registration of events;

8) system of collection of logs of registration of events - the hardware and software providing centralized collection of logs of registration of events of objects of informatization, their storage and further transfer to event management system of IB;

9) national coordination Information Security Center (further - NKTsIB) - structural division of Public Technical Service joint-stock company.

Other concepts used in these rules are applied according to the Law.

3. Monitoring of events of information security of objects of informatization of state bodies (further - MSIB) is carried out by NKTsIB.

4. Objects of MSIB are the objects of informatization placed in the information and communication infrastructure which is in ownership of state body (further - GO).

5. Do not treat objects of MSIB:

1) the electronic information resources containing the data constituting the state secrets;

2) the information systems in the protected execution carried to the state secrets according to the legislation of the Republic of Kazakhstan on the state secrets, and also network of telecommunications of special purpose and/or the governmental, secret, encoded and coded communication;

3) the objects of informatization of National Bank of the Republic of Kazakhstan which are not integrated with objects of information and communication infrastructure of "the electronic government".

6. Within MSIB sources of events of IB are:

information security products in the information and communication infrastructure which is in ownership of GO (further - IKI GO), including, the established and accompanied NKTsIB (further - sources of events of IB);

IB NKTsIB event management system.

7. MSIB includes the following work types:

1) installation of sources of events of IB in IKI GO;

2) technical maintenance of sources of events of IB in IKI GO;

3) tracking of events of IB of objects of MSIB, for the purpose of detection of incidents of IB and subsequent on them reactions.

8. MSIB is carried out by one of the following options:

1) on one work type;

2) on several work types;

3) en banc work types.

9. MSIB is carried out based on contractual relations between Committee of homeland security of the Republic of Kazakhstan (further - KNB RK) and the Public Technical Service joint-stock company realizing tasks and the NKTsIB functions.

Warning!!!

This is not a full text of document! Document shown in Demo mode!

If you have active License, please Login, or get License for Full Access.

With Full access you can get: full text of document, original text of document in Russian, attachments (if exist) and see History and Statistics of your work.

Get License for Full Access Now

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info

Effectively work with search system

Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system

Get help

If you cannot find the required document, or you do not know where to begin, go to Help section.

In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.

You also may open the section Frequently asked questions. This section provides answers to questions set by users.

Search engine created by SojuzPravoInform LLC. UI/UX design by Intelliants.