Document from CIS Legislation database © 2003-2021 SojuzPravoInform LLC

The document ceased to be valid since  July 31, 2018 according to Item 2 of the Order of the Minister of information and communications of the Republic of Kazakhstan of June 13, 2018 No. 263

I.O.'S ORDER OF THE MINISTER OF SOFTWARE TO INVESTMENTS AND DEVELOPMENT OF THE REPUBLIC OF KAZAKHSTAN

of January 28, 2016 No. 134

About approval of Rules of carrying out audit of information systems

According to the subitem 22) article 7 of the Law of the Republic of Kazakhstan of November 24, 2015 "About informatization" PRIKAZYVAYU:

1. Approve the enclosed Rules of carrying out audit of information systems.

2. Declare invalid the order of the Minister of Communications and information of the Republic of Kazakhstan of August 20, 2010 No. 200 "About approval of Rules of carrying out audit of information systems" (registered in the Register of state registration of regulatory legal acts of the Republic of Kazakhstan at No. 6488, published on November 6, 2010 in the Kazakhstanskaya Pravda newspaper and on November 9, 2010 in the Egemen Kazakstan newspaper).

3. To committee of communication, informatization and information of the Ministry for Investments and Development of the Republic of Kazakhstan (Kazangap T. B.) provide:

1) state registration of this order in the Ministry of Justice of the Republic of Kazakhstan;

2) the direction of the copy of this order in printing and electronic form on official publication in periodic printing editions and information system of law of Ad_let within ten calendar days after its state registration in the Ministry of Justice of the Republic of Kazakhstan, and also in the Republican center of legal information within ten calendar days from the date of receipt of the registered order for inclusion in reference control bank of regulatory legal acts of the Republic of Kazakhstan;

3) placement of this order on Internet resource of the Ministry for Investments and Development of the Republic of Kazakhstan and on the intranet portal of state bodies;

4) within ten working days after state registration of this order in the Ministry of Justice of the Republic of Kazakhstan submission to Legal department of the Ministry for Investments and Development of the Republic of Kazakhstan of data on execution of the actions provided by subitems 1), 2) and 3) of Item 3 of this order.

4. To impose control of execution of this order on the supervising vice-minister of investments and development of the Republic of Kazakhstan.

5. This order becomes effective after ten calendar days after day of its first official publication.

The acting minister on investments and development, the Republic of Kazakhstan

Zh. Kasymbek

Approved by the Order of the acting minister on investments and development of the Republic of Kazakhstan of January 28, 2016 No. 134

Rules of carrying out audit of information systems

1. General provisions

1. These rules of carrying out audit of information systems (further - Rules) are developed according to the subitem 22) of article 7 of the Law of the Republic of Kazakhstan of November 24, 2015 "About informatization" (further - the Law) and determine procedure for carrying out audit both information systems of state bodies, and non-state information systems.

2. Audit of information systems is performed for the purpose of receipt of assessment of current status of the information systems, actions and events which are taking place in them determining the level of their compliance to technical regulations, standards in the field of informatization, the specifications and technical documentation and (or) to requirements of the customer, and also requirements of information security.

3. In these rules the following concepts are used:

1) audit of information system – independent inspection of information system for the purpose of increase in efficiency of its use;

2) information and communication infrastructure – set of the objects of information and communication infrastructure intended for ensuring functioning of the technological circle for the purpose of forming of electronic information resources and provision of access to them;

3) authorized body in the field of informatization (further - authorized body) – the central executive body performing management and cross-industry coordination in the field of informatization and "the electronic government";

4) the specifications and technical documentation – set of the documents determining general tasks, the principles and requirements to creation and use (operation) of objects of informatization, and also control of their compliance to the established requirements in the field of informatization.

4. Audit of information systems is booked at stage of creation, implementation and operation of information systems at the initiative of the owner or the owner of information systems.

5. Carrying out audit of information systems is performed physical and (or) legal by persons having special knowledge and work experience in area of information and communication technologies.

6. Audit of the information systems in the protected execution carried to the state secrets are not carried out.

7. Audit client of information systems is the owner and (or) the owner of information system.

8. The main directions of audit of information systems are assessment:

1) compliance of functions of information system to its purposes and tasks;

2) compliance of development, implementation, maintenance and operation of information system to standards in the field of informatization;

3) the level of security of information systems, including application software and databases;

4) conditions of information and communication infrastructure of its technical condition and topology;

5) specifications and technical documentation compliance to standard requirements;

6) compliance to requirements of information security.

9. Audit of information systems is booked according to the agreement between the customer and person having special knowledge and work experience in the field of information and communication technologies.

10. When carrying out audit of the state information systems the choice of persons having special knowledge and work experience in area of information and communication technologies is performed according to Chapter 4 of the Law of the Republic of Kazakhstan of December 4, 2015 "About public procurements" following the results of which the relevant agreement on public procurements on carrying out audit of information systems is signed.

11. Expenses on carrying out audit of information systems are incurred by the party determined by agreed decision between the owner and (or) the owner of information system.

Warning!!!

This is not a full text of document! Document shown in Demo mode!

If you have active License, please Login, or get License for Full Access.

With Full access you can get: full text of document, original text of document in Russian, attachments (if exist) and see History and Statistics of your work.

Get License for Full Access Now

Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info

Effectively work with search system

Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system

Get help

If you cannot find the required document, or you do not know where to begin, go to Help section.

In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.

You also may open the section Frequently asked questions. This section provides answers to questions set by users.

Search engine created by SojuzPravoInform LLC. UI/UX design by Intelliants.