You are here

Regulation

Regulation

on Information Security Committee under Ministry of Digital Development, Defense and Aerospace Industry, Republic of Kazakhstan

Chapter 1. General Provisions

1.Information Security Committee is an agency under Ministry of Digital Development, Defense and Aerospace Industry, Republic of Kazakhstan (hereinafter: Ministry) that performs regulatory, implementation and control functions and is also involved in performing Ministry’s strategic functions in the field of ensuring security in informatization.

2.The Committee exercises its activities in accordance with Constitution and laws of the Republic of Kazakhstan, acts by President and Government of the Republic of Kazakhstan, and other statutory and legal acts, as well as with this Regulation.

3.The Committee is a legal entity in the form of government-owned institution, has the seals and stamps bearing its name in national language, the standard forms, and – pursuant to legislation of the Republic of Kazakhstan – accounts in Treasury offices.

4.The Committee enters any civil law relations on its own behalf.

5.The Committee has the right to be a party to civil law relations on behalf of government, subject to being authorized to do so in accordance with legislation.

6.Regarding the matters in its competence, as required by law, the Committee makes decisions formalized with Orders by Chairman of Committee and with any other acts provided for by laws of the Republic of Kazakhstan.

7.The Committee’s organizational chart and the staffing limit shall be approved in accordance with applicable legislation.

8.The Committee’s location is 8 Mangilik Yel ave., House of Ministries entrance 1, Yessil district, 010000 Nur-Sultan city.

9.Official full name of the Committee is “Information Security Committee republican government-owned institution under Ministry of Digital Development, Defense and Aerospace Industry, Republic of Kazakhstan”.

10.This Regulation is the constitutive document of the Committee.

11.The Committee’s activities are funded by national budget.

12.The Committee is prohibited to enter into contractual relationships with any business entities with respect to performing the duties that are the Committee’s functions.

To the extent that the Committee is entitled by laws and regulations to carry out gainful activities, the revenues obtained from such activities shall be directed to national budget.

Chapter 2. Basic Goals, Functions, Rights and Responsibilities of Committee

13.Goals:

1)implementing government policy in information security in the field of informatization;

2) supervising government agencies’ activities on ensuring information security in the field of informatization;

3) fulfilling government administration and supervision in the governed domains;

4)ensuring, within its competence, control over compliance with laws of the Republic of Kazakhstan;

5)fulfilling any other goals imposed on Committee, within its competence.

14.Functions:

1) taking part in international cooperation within its competence;

2)fulfilling the obligations under international contracts entered into on behalf of the Republic of Kazakhstan;

3)performing regulatory functions and those of control and implementation and participating in performance of strategic functions of Ministry, within its competence;

4)approving legal and regulatory acts on matters that are within the Committee’s competence where there is a direct competence for approving thereof in orders by Minister, except for legal and regulatory acts that affect human and civil rights and freedoms;

5)drawing up protocols; handling cases of administrative offences and imposing administrative penalties under the procedure established by Code of the Republic of Kazakhstan on Administrative Offences;

6)enforcing laws and other regulatory and legal acts the Republic of Kazakhstan;

7) arranging activities on development of technical regulations and national standards, within its competence;

8) working out the public services’ standards and regulations;

9) working out the check lists, the risk assessment criteria in accordance with Commercial Code of the Republic of Kazakhstan;

10) bringing actions in courts in accordance with legislation of the Republic of Kazakhstan;

11) performing counter-terrorism within the competence established by legislation of the Republic of Kazakhstan;

12) making proposals on enhancement of national security system;

13) monitoring the performance of uniform requirements in the field of information and communication technologies and in ensuring information security;

14) coordinating the activities on developing the information protection facilities for detecting, analyzing and preventing information security threats so as to enable smooth operation of government agencies’ information systems and telecommunication networks;

15) working out the list of ICT infrastructure critical items, and also the policies and criteria for classification of ICT infrastructure items as critical ones;

16) working out the uniform requirements in the field of ICT and information security;

17) developing the methodology and rules for testing the e-Government items and the information systems classified as critical items of ICT infrastructure, for compliance with information security requirements;

18) issuing the acts on results of testing for compliance with information security requirements;

19) working out the rules for monitoring information security of e-Government informatization objects and as critical items of ICT infrastructure agreed upon with national security authorities;

20) working out the rules for monitoring the performance of uniform requirements in the field of ICT and information security;

21) sending the improvement orders when detecting the breaches of legislation of the Republic of Kazakhstan in the field of information security;

22) preparing the proposals on appointing the domain names administrator and registry, the rules for domain names registration, use and distribution within Kazakhstani Internet domain;

23) developing the rules for creating and operating the single national backup platform for digital information resources storage, for frequency of backup of resources of critical ICT infrastructure items;

24) developing the protection profiles and the methodology for developing such protection profiles;

25) working out the rules for exchange of information required to ensure information security between information security operation centers and National Information Security Coordination Center;

26) working out the rules for entrusted software and electronics industry products register maintenance, and also criteria to add software and electronics industry products to the entrusted software and electronics industry products register;

27) developing the procedure and terms to transfer backup copies of electronic information resources to the single platform for backup storage of electronic information resources;

28) working out the national bailout plan for information security incident response;

29) issuing information security statement for investment proposals and budget investments` financial feasibility studies based on the national technical service inspection;

30) approving technical specifications for creation and development of e-Gov informatization facility in terms of complying to the information security requirements based on the national technical service inspection;

31) participating in the commissioning of “e-Gov” informatization facilities;

32) providing assistance to owners and users of informatization facilities in terms of safe usage of ICT, including prevention of illegal activities on obtaining, copying, distributing, modifying, destructing or blocking electronic information resources;

33) performing government control in the field of informatization with regard to ensuring information security;

34)working out check list forms, risk level assessment criteria, and also semiannual check-out schedules pursuant to the Commercial Code of the Republic of Kazakhstan;

35)developing rules to perform monitoring of government agencies` informatization facilities` information security incidents upon consultation with the National Security Committee of the Republic of Kazakhstan;

36)participating in the development of legal, administrative and other measures to provide information security and control their implementation and abidance, and also participating in interdepartmental coordination of activities to provide information security;

37)making suggestions on the responsibility of government agencies` and organizations` management for failure to comply with laws` and regulations` requirements related to information security provision;

38)maintaining the register of entrusted software and electronics industry products;

39) informing citizens on the national security status and on the measures taken to provide it, in particular in the field of informatization observing legislation in the field of national secrets protection, and performing propaganda and counterpropaganda activities;

40)performing other functions in accordance with the legislation of the Republic of Kazakhstan.

15. Rights and responsibilities:

  1. provides the implementation of allotted tasks and functions;
  2. makes suggestions for the Republic of Kazakhstan legislation development;
  3. abides the Republic of Kazakhstan legislation, rights and legally protected interests of individuals and legal entities;
  4. accepts and considers requests submitted by individuals and legal entities pursuant to the procedure and within the time limit established by the Republic of Kazakhstan legislation;
  5. does not disclose trade secret information, sensitive information and any other secret protected by the law obtained during the exercise of duties, except for cases stipulated by the Republic of Kazakhstan laws;
  6. conducts meetings, seminars, conferences, round-table discussions, competitions and other events that are within the Committee`s competence;
  7. provides necessary materials and abstracts within its competence and within the limits of legislation in case of official requests from the Ministry`s structural divisions and government agencies;
  8. provides safety for national property that is in the Committee`s balance;
  9. carries out other rights and responsibilities in accordance with the Republic of Kazakhstan legislation.

Chapter 3. The Committee`s activities management

16.Chairman leads the Committee and bears personal responsibility for accomplishment of tasks assigned to the Committee and exercise of his functions.

17. The Committee Chairman is appointed to the position and dismissed from it in accordance with the legislation of the Republic of Kazakhstan.

18. The Chairman has deputies appointed to the position and dismissed from it in accordance with the legislation of the Republic of Kazakhstan.

19. The Committee Chairman`s duties and powers:

1)enforces instructions by the Minister, Secretary-General of the Ministry and Vice-Minister in charge;

2)determines duties and powers for his deputies, structural divisions` executives and the Committee`s staff;

3) issues orders within his competence;

4) appoints and dismisses the Committee`s employees, except for employees whose labour relations are attributed to the competence of higher-level government agencies and public officials;

5) decides on issues of business trips, leaves, financial help, training (retraining), further training, rewards, bonuses payment and also on disciplinary liability of the Committee`s staff, except for employees whose labour relations are attributed to the competence of higher-level government agencies and public officials;

6) represents the Committee in government agencies and other organizations in accordance with the existing legislation;

7)approves provisions on the Committee`s structural divisions as well as job descriptions for employees of the Committee`s structural divisions;

8) signs completion certificates following the procurement results;

9) ensures that the Committee`s employees follow the public officials` ethical requirements;

10) takes anti-corruption measures in the Committee and bears personal responsibility for it;

11) makes decisions on other issues that are within his competence.

Execution of the Committee`s Chairman powers during his absence is carried out by a deputy in accordance with the existing legislation.

20. Chairman determines deputies` duties and powers in accordance with the existing legislation.

Chapter 4. The Committee`s property

21.The Committee has separate property on the basis of operational management.

The Committee`s property consists of property that was given by government and of other property, the cost of which is shown on the Committee`s balance.

22.Property assigned to the Committee is a national property.

23. The Committee may not alienate or manage assigned property and property bought at the expense of funds allocated through funding scheme, unless otherwise provided by the legislation.

Сhapter 5. The Committee`s reorganization and liquidation

24.The Committee`s reorganization and liquidation is carried out in accordance with the Republic of Kazakhstan legislation.

Mobile version RSS Site map