ORDER OF THE MINISTER OF DIGITAL DEVELOPMENT, INNOVATIONS AND AEROSPACE INDUSTRY OF THE REPUBLIC OF KAZAKHSTAN

of February 29, 2024 No. 110/Tax Code

About approval of Rules of functioning of single repository of "the electronic government"

According to subitem 17-2) of article 7-1 of the Law of the Republic of Kazakhstan "About informatization" PRIKAZYVAYU:

1. Approve Rules of functioning of single repository of "the electronic government" according to appendix 1 to this order.

2. Declare invalid some orders of the Minister of digital development, innovations and the aerospace industry of the Republic of Kazakhstan according to the list according to appendix 2 to this order.

3. To provide to committee on information security of the Ministry of digital development, innovations and aerospace industry of the Republic of Kazakhstan in the procedure established by the legislation:

1) state registration of this order in the Ministry of Justice of the Republic of Kazakhstan;

2) placement of this order on Internet resource of the Ministry of digital development, innovations and the aerospace industry of the Republic of Kazakhstan;

3) within ten working days after state registration of this order in the Ministry of Justice of the Republic of Kazakhstan submission to Legal department of the Ministry of digital development, innovations and the aerospace industry of the Republic of Kazakhstan of data on execution of the actions provided by subitems 1) and 2) of this Item.

4. To impose control of execution of this order on the supervising vice-minister of digital development, innovations and the aerospace industry of the Republic of Kazakhstan.

5. This order becomes effective after ten calendar days from the date of its first official publication.

Appendix 1

to the Order of the Minister of digital development, innovations and the aerospace industry of the Republic of Kazakhstan of February 29, 2024 No. 110/Tax Code

Rules of functioning of the Single repository of "the electronic government"

Chapter 1. General provisions

1. These rules of functioning of the Single repository of "the electronic government" (further - Rules) are developed according to subitem 17-2) of article 7-1 of the Law of the Republic of Kazakhstan "About informatization" (further - the Law) and determine procedure for functioning of the Single repository of "the electronic government".

2. In these rules the following concepts are used:

1) objects of informatization - electronic information resources, the software, Internet resource and information and communication infrastructure;

2) commercial operation of object of informatization - stage of lifecycle of object of informatization throughout which use of object of informatization in the normal mode according to the purposes, tasks and requirements stated in technical documentation and the specifications and technical documentation is performed;

3) trial operation of object of informatization - the operation of object of informatization in pilot zone which is carried out for the purpose of identification and remedial action of its functioning and determination of compliance to requirements of technical documentation;

4) authorized body in the field of information security support (further - authorized body) - the central executive body performing management and cross-industry coordination in the field of information security support;

5) artifacts - executable files, help files, files with data, models and other files used during the work of the software and which are part of the software;

6) program tab - it is reserved the function object entered to the software providing illegal access and (or) impact on object of informatization;

7) the software (further - software) - set of programs, program codes, and also software products with the technical documentation necessary for their operation;

8) software platform - set of the software and the tools provided to developers for creation and ensuring functioning of the software;

9) checksum - the fixed line of characters created on the basis of conversion of files;

10) the source code - the text of the program (set of instructions and teams) created in any programming language, intended for compilation in the performed code;

11) static analysis of the source code - process of detection of vulnerability in the source code;

12) backdoor - the malicious application intended for receipt of illegal access to the software by authentication bypass, and also other standard methods and security technologies;

13) not declared opportunities (further - NDV) - the functionality of the software which is not reflected or not corresponding to the described functionality in technical documentation;

14) compilation - transfer of the program from language of the high level in machine language;

15) library - set of ready decisions in the form of the functions, classes and objects used for software development;

16) the public technical service - the joint-stock company created according to the decision of the Government of the Republic of Kazakhstan;

17) the performed code - the source code compiled in the machine teams;

18) dynamic analysis of the performed code - process of detection of vulnerability in the started performed code of web applications and mobile applications;

19) vulnerability - lack of object of informatization which use can lead to violation of integrity and (or) confidentiality, and (or) availability of object of informatization;

20) the applicant - the owner or the object owner of the analysis, and also the physical person or legal entity authorized by the owner or the object owner of testing who submitted the request for carrying out testing of object of informatization for compliance to requirements of information security;

21) subject of the analysis - object of informatization concerning which works on the analysis on compliance to requirements of information security are carried out;

22) the analysis of dependences - process of detection of vulnerability in the third-party components used as a part of the software;

23) the circle of testing - the part of object of informatization separated the circle of operation of object of informatization, intended for expansion of the performed code, carrying out dynamic analysis of the performed code and removal of checksum of the started performed code;

24) function object - element (the procedure, function, branch or the component) of the software performing accomplishment of actions for realization of the finished program algorithm fragment;

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info