Document from CIS Legislation database © 2003-2021 SojuzPravoInform LLC

It is registered

Ministry of Justice of Ukraine

July 16, 2020

No. 668/34951

ORDER OF ADMINISTRATION OF PUBLIC SERVICE OF SPECIAL COMMUNICATION AND INFORMATION PROTECTION OF UKRAINE

of May 14, 2020 No. 269

About establishment of requirements for safety and information protection at skilled suppliers of electronic confidential services and their isolated registration Items

(as amended on 13-05-2021)

According to the paragraph to third part two of article 8 of the Law of Ukraine "About electronic confidential services", 37 parts one of article 14 of the Law of Ukraine "About Public service of special communication and information protection of Ukraine" and to the subitem 2 of Item 3 of the Regulations on Administration of Public service of special communication and information protection of Ukraine approved by the resolution of the Cabinet of Ministers of Ukraine of September 3, 2014 No. 411, ORDER to Item:

1. Approve Requirements for safety and information protection at skilled suppliers of electronic confidential services and their isolated registration Items (further - Requirements) which are applied.

2. In three-day time after signing of this order in accordance with the established procedure to provide to the director of the department of information protection of Administration of Public service of special communication and information protection of Ukraine its submission on state registration to the Ministry of Justice of Ukraine.

3. This order becomes effective from the date of its official publication.

4. To provide to skilled suppliers of electronic confidential services:

1) reductions of their activities in compliance with Requirements by modification of regulations of their work till November 07, 2020;

2) accomplishment of Items 1 and 2 of the Section IV of Requirements, before expiration of certificates of compliance on end-to-end system of information protection of information and telecommunication system which is applied by them to provision of qualified electronic confidential services, but no later than January 1, 2023.

5. To impose control of execution of this order on the deputy Chairmen of Public service special communication and information protection of Ukraine according to distribution of functional obligations.

Head of Service

V. Petrov

 

It is approved:

Deputy minister of digital transformation of Ukraine

 

L. Rabchinskaya

Chairman of the Antimonopoly Committee of Ukraine

Yu. Terentyev

Minister of Finance of Ukraine

S. Marchenko

Acting as Chairman of the Public regulatory service of Ukraine

A. Miroshnichenko

Approved by the Order of Administration of Public service of special communication and information protection of Ukraine of May 14, 2020 No. 269

Requirements for safety and information protection at skilled suppliers of electronic confidential services and their isolated registration Items

I. General provisions

1. Provisions of these Requirements are obligatory for skilled suppliers of electronic confidential services (further - the supplier) during provision of services by them to users of electronic confidential services (further - the user), and also for the isolated registration Items (further - OPR) during registration of users.

2. These Requirements disaggregate and determine method of accomplishment of provisions of the Law of Ukraine "About electronic confidential services" and Requirements in the field of the electronic confidential services approved by the resolution of the Cabinet of Ministers of Ukraine of November 7, 2018 No. 992, on safety and information protection of suppliers and OPR.

3. Safety of information of the supplier or OPR is performed by complex use of necessary set of complementary measures for information protection in ITS of the supplier or OPR, organizational (administrative) measures, compliance of rooms, storages, software and hardware complex and electronic means to technical requirements.

4. Activities for safety and information protection of the supplier (OPR) will be organized, constantly supported and coordinated by service of information protection (further - SZI) with observance of requirements of the legislation in the field of information protection, electronic confidential services and regulations of work of the supplier.

5. In these Requirements terms are used in such values:

vulnerability - insufficient stability of asset or action of neutralization to resist to realization of certain threat or set of threats;

threat - potential sales opportunity of vulnerability;

critical component - component which security violation influences provision of qualified electronic confidential services;

rooms - the rooms of the supplier or OPR intended for placement of software and hardware complex (further - PTK) or its components which are used during provision of qualified electronic confidential services and in extent of access restriction are divided into the security levels;

service premises (safety area) - rooms, access to which is provided using organizational and technical control measures (physical and logical control);

the special room (zone of the increased safety) - the room intended for placement of components of software and hardware complex for the purpose of generation, use, storage and reservation of personal keys of the supplier;

registration - the procedure within which are provided identification of the user, collection, check and entering into the register of users of the identification data necessary for rendering qualified electronic confidential service.

Warning!!!

This is not a full text of document! Document shown in Demo mode!

If you have active License, please Login, or get License for Full Access.

With Full access you can get: full text of document, original text of document in Russian, attachments (if exist) and see History and Statistics of your work.

Get License for Full Access Now

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info

Effectively work with search system

Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system

Get help

If you cannot find the required document, or you do not know where to begin, go to Help section.

In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.

You also may open the section Frequently asked questions. This section provides answers to questions set by users.

Search engine created by SojuzPravoInform LLC. UI/UX design by Intelliants.