of May 24, 2023 No. 32/ke, on May 25, 2023 No. 80
About modification and amendments in the joint order of the Chairman of Committee of homeland security of the Republic of Kazakhstan of October 25, 2016 No. 72 and the Minister of national economy of the Republic of Kazakhstan of November 9, 2016 No. 471 "About approval of criteria for evaluation of risk degree and checking sheets in the spheres of ensuring information security and special technical means intended for conducting investigation and search operations"
WE ORDER:
1. Bring in the joint order of the Chairman of Committee of homeland security of the Republic of Kazakhstan of October 25, 2016 No. 72 and the Minister of national economy of the Republic of Kazakhstan of November 9, 2016 No. 471 "About approval of criteria for evaluation of risk degree and checking sheets in the spheres of ensuring information security and special technical means intended for conducting investigation and search operations" (it is registered in the Register of state registration of regulatory legal acts No. 14509) the following changes and amendments:
state preamble in the following edition:
"According to Item 5 of Article 141 and Item 1 of article 143 of the Entrepreneurial code of the Republic of Kazakhstan we ORDER:";
in Item 1:
5) to state the subitem in the following edition:
"5) checking leaf concerning subjects (objects) of control performing activities for repair and realization of the special technical means intended for conducting investigation and search operations according to appendix 5 to this joint order;";
add with subitems 6), 7) in the following edition:
"6) checking leaf concerning the subjects (objects) of control performing activities for rendering services in identification of technical channels of information leakage and special technical means, intended for conducting investigation and search operations within activities of the operational center of information security according to appendix 6 to this joint order;
7) checking leaf concerning the subjects (objects) of control performing activities for rendering services in identification of technical channels of information leakage and special technical means, intended for conducting investigation and search operations within activities of service of response to incidents of information security according to appendix 7 to this joint order.";
1, of 2, of 3, 4 and 5 to be reworded as follows appendices according to appendices 1, of 2, of 3, 4 and 5 to this joint order;
add with appendices 6 and 7 according to appendices 6 and 7 to this joint order.
2. To provide to service of information and cyber security of Committee of homeland security of the Republic of Kazakhstan in the procedure established by the legislation of the Republic of Kazakhstan:
1) state registration of this joint order in the Ministry of Justice of the Republic of Kazakhstan;
2) placement of this joint order on Internet resource of Committee of homeland security of the Republic of Kazakhstan.
3. This joint order becomes effective after ten calendar days from the date of its first official publication.
|
Minister of national economy of the Republic of Kazakhstan
|
__________ A. Kuantyrov |
|
Chairman of Committee of homeland security of the Republic of Kazakhstan
|
__________ E.Sagimbayev |
|
It is approved Committee on legal statistics and special accounting of the Prosecutor General's Office of the Republic of Kazakhstan |
|
Appendix 1
to the Order of the Chairman of Committee of homeland security of the Republic of Kazakhstan and the Minister of national economy of the Republic of Kazakhstan of May 24, 2023 No. 32/ke, on May 25, 2023 No. 80
Appendix 1
to the joint Order of the Chairman of Committee of homeland security of the Republic of Kazakhstan and the Minister of national economy of the Republic of Kazakhstan of October 25, 2016 No. 72, on November 9, 2016 No. 471
1. These Criteria for evaluation of risk degree in the spheres of ensuring information security and special technical means intended for conducting investigation and search operations (further – Criteria) are developed according to Item 5 of article 141 of the Entrepreneurial code of the Republic of Kazakhstan, Rules of forming, regulatory state agencies of system of assessment and risk management approved by the order of the acting minister of national economy of the Republic of Kazakhstan of June 22, 2022 No. 48 (it is registered in the Register of state registration of regulatory legal acts at No. 28577), for the purpose of conducting the inspections which are carried out on compliance to qualification requirements according to the granted licenses (further – checks on compliance to requirements).
2. In these Criteria the following concepts are used:
1) subjects (objects) of control are the licensees performing activities in the spheres of ensuring information security and special technical means intended for conducting investigation and search operations;
2) point – quantitative measure of calculation of risk;
3) insignificant violation – violation of the requirements established by regulatory legal acts in the spheres of ensuring information security and special technical means intended for conducting investigation and search operations regarding transfer to permanent or temporary use of developed technique to the third parties without approval of the licensor;
4) normalization of data – the statistical procedure providing reduction of the values measured in different scales to conditionally general scale;
5) considerable violation – violation of the requirements established by the legislation of the Republic of Kazakhstan in the spheres of information security and special technical means intended for conducting investigation and search operations regarding discrepancy to qualification requirements: submission of the electronic report not in form, provision of doubtful data in electronic format, lack of the developed and approved techniques, violation of procedure for transfer of search technical means, discrepancy of the room to requirements imposed to it;
6) gross violation – violation of the requirements established by the legislation of the Republic of Kazakhstan in the spheres of information security and special technical means intended for conducting the investigation and search operations attracting the administrative responsibility provided by the Code of the Republic of Kazakhstan "About administrative offenses" regarding discrepancy to qualification requirements: non-presentation of the electronic report, absence of the specialist, lack of specially allocated room for implementation of the declared type of activity, lack of the work permit with the data constituting the state secrets, lack of minimum necessary equipment, violation of the notification procedure of the licensor, violation of procedure for transfer of the developed, realized or repaired special technical means intended for conducting investigation and search operations and documentation to them to the third parties;
7) risk – probability of damnification as a result of activities of the subject of control to legitimate interests of physical persons and legal entities, valuable interests of the state taking into account severity of its effects;
8) system of assessment and risk management – process of acceptance of the management decisions directed to decrease in probability of approach of adverse factors by distribution of subjects (objects) of control on risk degrees for the subsequent implementation of checks on compliance to requirements for the purpose of minimum possible extent of restriction of freedom of enterprise, providing at the same time admissible risk level in the corresponding fields of activity, and also directed to change of risk level for specific subject (object) of control and (or) release of such subject (object) of control from checks on compliance to requirements;
9) objective criteria for evaluation of risk degree (further – objective criteria) – the criteria for evaluation of risk degree used for selection of subjects (objects) of control depending on risk degree in certain field of activity and which are not depending directly on separate subject (object) of control;
10) criteria for evaluation of risk degree – set of the quantitative and qualitative indexes connected with the direct activities of the subject of control, features of industry development and factors influencing this development, allowing to carry subjects (objects) of control to different risk degrees;
11) subjective criteria for evaluation of risk degree (further – subjective criteria) – the criteria for evaluation of risk degree used for selection of subjects (objects) of control depending on results of activities of specific subject (object) of control;
Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info
Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system
If you cannot find the required document, or you do not know where to begin, go to Help section.
In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.
You also may open the section Frequently asked questions. This section provides answers to questions set by users.