It is registered
Ministry of Justice
Republic of Uzbekistan
On May 21, 2014 No. 2587
of May 12, 2014 No. 47
About approval of standard Regulations on bodies for certification of objects of informatization
According to the resolution of the President of the Republic of Uzbekistan of July 8, 2011 "About additional measures for protection of national information resource" and the resolution of the Cabinet of Ministers of November 2, 1991 No. 278 "About Service of homeland security of the Republic of Uzbekistan" I order to No. PP-1572:
1. Approve Standard regulations on bodies for certification of objects of informatization, according to appendix.
2. This order becomes effective from the date of its official publication.
Chairman
R. Inoyatov
to the Order of the chairman of Service of homeland security of the Republic of Uzbekistan of May 12, 2014 No. 47
This Standard provision according to the resolution of the President of the Republic of Uzbekistan of July 8, 2011 No. PP-1572 "About additional measures for protection of national information resource" and the Regulations on approval procedure on work on certification of objects of informatization approved by the resolution of the Cabinet of Ministers of November 7, 2011 No. 296, establishes general requirements to bodies for certification of objects of informatization (further - bodies for certification), their standard structure, tasks and functions, the rights, obligations and responsibility in information security field of objects of informatization.
1. In case of certification of object of informatization its compliance to requirements for information protection from illegal access, including from impact of the computer attacks and information leakage on technical channels proves to be true.
2. Bodies for certification are component of organizational structure of system of certification of objects of informatization according to requirements of information security.
3. According to the Regulations on certification of objects of informatization according to requirements of information security approved by the resolution of the President of the Republic of Uzbekistan of July 8, 2011 No. PP-1572, bodies for certification the organizations of different patterns of ownership having permission of Service of homeland security of the Republic of Uzbekistan (further - Authorized body) on the carrying out certain work types on certification of objects of informatization issued according to the procedure, the established Regulations on approval procedure on work on certification of objects of informatization approved by the resolution of the Cabinet of Ministers of November 7, 2011 No. 296 are. Permission is issued for the term of no more than five years.
4. Bodies for certification in the activities are guided by the regulatory legal acts and other acts regulating requirements of information security in the Republic of Uzbekistan and also this Standard provision.
The body for certification on the basis of this Standard provision develops and approves domestic situation about the activities in the field of certification of objects of informatization according to requirements of information security.
Bodies for certification in interaction with Authorized body are developed and approve the documents regulating procedure for carrying out certification of objects of informatization.
5. The cost and payment procedure of works for carrying out certification are determined according to the legislation. Payment for carrying out certification is made at the expense of the applicant.
6. The body for certification shall be the legal entity of the Republic of Uzbekistan, have the trained staff, testing facilities, regulatory legal acts and other documents necessary for carrying out all complex of works.
7. The body for certification shall have in staff of the specialists who had special training in information security field and information protection from which separate category has the admission which is drawn up in the procedure established by the legislation to the state secrets.
Staff of body for certification performs the activities according to the legislation and job descriptions.
8. The main objectives of bodies for certification are the organization and carrying out certification of objects of informatization on compliance to requirements of information security.
9. Bodies for certification, within the competence, perform the following functions:
consider requests for certification of objects of informatization, plan works on certification of objects of informatization, bring terms of carrying out certification to the attention of applicants;
carry out the analysis of basic data on the certified objects, determine the scheme and techniques of carrying out certification, resolve issues of need of carrying out testing of not certified products used on object (hardware, program and hardware-software) in test laboratories (centers);
develop programs of carrying out certification inspections of objects of informatization;
will organize works on certification of objects of informatization;
task forces on remote objects of informatization send;
if necessary, on contractual basis involve specialists and the equipment of other bodies for certification;
consider results of certification testing of object of informatization and protocols of test laboratories, approve the conclusions by results of certification and issue to the applicant Attestat of compliance of object of informatization to requirements of information security (further - Attestat compliance);
record the certified objects of informatization, on the basis of the Certificates issued by them compliance;
create fund of the regulatory legal acts and other documents necessary for certification of specific object types of informatization, and if necessary participate in their development;
perform interaction with Authorized body and in accordance with the established procedure inform him on the course of the activities in the field of certification of objects of informatization.
10. Task forces are created by body for certification from among salaried employees, taking into account ensuring high-quality carrying out certification of object of informatization, for the purpose of assessment of its compliance to the required level of information security.
11. If necessary, task force specialists of other bodies for certification can be included.
Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info
Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system
If you cannot find the required document, or you do not know where to begin, go to Help section.
In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.
You also may open the section Frequently asked questions. This section provides answers to questions set by users.