of December 10, 2024 No. 259
About change of orders of Operational analytical center in case of the President of the Republic of Belarus of March 28, 2014 No. 26 and of February 20, 2020 No. 66
Based on item 4 of article 33 of the Law of the Republic of Belarus of July 17, 2018 to No. 130-Z "About regulatory legal acts", subitem 6.4 of Item 6, of subitems 7.7 and 7.8 of Item 7 of the Regulations on technical and cryptographic information security approved by the Presidential decree of the Republic of Belarus of April 16, 2013 No. 196, I ORDER:
1. Make changes to the following orders of Operational analytical center in case of the President of the Republic of Belarus:
1.1. on resources of the republican data-processing center and (or) republican platform approved by the order of Operational analytical center in case of the President of the Republic of Belarus of March 28, 2014 No. 26, the word "joint" to exclude from the paragraph of third Item 2 of the Regulations on procedure for placement of program technical means, information systems (resources) of the state organizations;
1.2. in the order of Operational analytical center in case of the President of the Republic of Belarus of February 20, 2020 No. 66 "About measures for implementation of the Presidential decree of the Republic of Belarus of December 9, 2019 No. 449":
exclude item 4;
The regulations on procedure for technical and cryptographic information security in the information systems intended for information processing, distribution and (or) provision of which are limited, approved by this order, to be reworded as follows (are applied);
The regulations on procedure for certification of systems of information security of the information systems intended for information processing distribution and (or) provision of which are limited, approved by this order, to be reworded as follows (are applied);
To be reworded as follows the regulations on procedure for submission to Operational analytical center in case of the President of the Republic of Belarus of data on events of information security, condition of technical and cryptographic information security approved by this order it (is applied).
2. The designing, creation and (or) certification of systems of information security of information systems performed based on the agreements signed before entry into force of this order, but not performed for date of its introduction in force:
are performed according to the legislation existing for date of the conclusion of the specified agreements;
according to the decision of owners (owners) of information systems can be performed according to this order if other is not provided by legal acts.
3. This order becomes effective in the following procedure:
subitem 1.2 of Item 1 and Item 2 – since March 1, 2025;
other provisions of this order – after its official publication.
Chief
A. Yu. Pavlyuchenko
Approved by the Order of Operational analytical center in case of the President of the Republic of Belarus of February 20, 2020 No. 66
1. In this Provision according to the paragraph the second subitem 6.4 of Item 6 of the Regulations on technical and cryptographic information security approved by the Presidential decree of the Republic of Belarus of April 16, 2013 No. 196, determines procedure for technical and cryptographic information security in the information systems intended for information processing, distribution and (or) provision of which is limited, not carried to the state secrets.
This Provision can not be applied:
owners (owners) of information systems in which only public personal data and (or) personal data obtained after application of methods of depersonalization – concerning such information systems are processed;
operators of telecommunication – owners (owners) of the information systems providing management of engineering procedures and intended only for transfer of personal data on technological networks of telecommunication – concerning such information systems. For the purposes of application of this paragraph operators of telecommunication approve with Operational analytical center in case of the President of the Republic of Belarus (further – OATs) lists of the specified information systems to which structural and logical schemes of each information system included in the list shall be attached.
2. For the purposes of this provision terms are used in the values determined in Regulations on technical and cryptographic information security, the Law of the Republic of Belarus of November 10, 2008 No. 455-Z "About information, informatization and information security", the Law of the Republic of Belarus of May 7, 2021 No. 99-Z "About personal data protection" and also the following terms and their determinations:
assets of information system – computer aids, the telecommunication equipment, system and the application software, information resources which are part of information system;
secure channel of data transmission – the data transmission channel established between means of cryptographic information security of the sender and receiver of information in which confidentiality and control of integrity of the transmitted data are provided with cryptographic methods of information security;
compromise of cryptographic key – event as a result of which the cryptographic key or its part become known to persons which do not have access rights to this key.
3. Works on technical and cryptographic information security include:
information security system design;
creation of system of information security;
certification of system of information security according to Regulations on procedure for certification of systems of information security of the information systems intended for information processing, distribution and (or) provision of which is limited, the approved order approving this Provision;
ensuring functioning of system of information security in use information system;
ensuring information security in case of the termination of operation of information system.
4. Works on designing, creation and (or) certification of systems of information security at the owner (owner) of information system can be carried out:
division of information security or other division (official) responsible for ensuring information security. Employees of such division (official) shall have the higher education in the field of information security either the highest, or average special, or vocational training and to undergo retraining or advanced training concerning technical and cryptographic information security according to the procedure, established by the legislation;
the organizations having licenses for activities on technical and (or) cryptographic information security regarding the corresponding components this type of activity of works and (or) services (further – the specialized organizations).
Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info
Database include more 50000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system
If you cannot find the required document, or you do not know where to begin, go to Help section.
In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.
You also may open the section Frequently asked questions. This section provides answers to questions set by users.