Company's activities / Information protection - Normative documents

AM-SOFT. Professionalism. Quality. Timeliness. HomepageContacts
РусскийEnglish
Search

Subscribe to News
 
 Company's activities / Information protection
Normative documents

Normative base

It is necessary to follow the following normative and legal base in the field of information security:

Laws of Ukraine:

  • The law of Ukraine “About State Secret”: this Law regulate public relations concerning attribution of information to State secret, classification, declassification its material carriers and protection of State secret with the purpose of protection of national safety of Ukraine;
  • The law of Ukraine “About Information”: this Law sets general legal frameworks of reception, use, distribution and storage of information, fixes the right of person for information in all fields of social and state life of Ukraine, as well as for system of information, its source, defines the status of information relations participants, regulates access to information and provides its protection, protects person and society from non-veracious information;
  • The law of Ukraine “About protection of information in automated systems”: the purpose of this Law is establishment of legal relations regulation frameworks concerning protection of information in automated systems subject to loyalty of property rights of citizens of Ukraine and legal persons for information and its access, right of owner of information for its protection, as well as restriction on access to information set by current legislation. Force of Law is applied to any information processed in automated systems;
  • The law of Ukraine “About electronic documents and electronic document circulation”: this Law sets the main organization and legal principles of electronic document circulation and use of electronic documents;
  • The law of Ukraine “About electronic digital signature”: this Law defines legal status of electronic digital signature and regulates relations appeared during use of electronic digital signature;
  • The law of Ukraine “About alteration in the Law of Ukraine “About protection of information in automated systems”: this Law regulates relations in the field of information protection in information, telecommunication and information-telecommunication systems.

Decrees:

  • # 505 from 22.05.1998 “About Regulation about order of cryptographic protection of information in Ukraine”: this regulation defines the order of cryptographic protection of information with limited access which disclosure can do harm to state, society or person.

Regulation of the Cabinet of Ukraine (CU):

  • CU, the Regulation of CU from 28.10.2004 # 1451 “About adoption of Statement about central certifying body”: tasks and rights of the central certifying body are stated in the Statement;
  • CU, the Regulation of CU from 28.10.2004 # 1452 “About adoption of Order of electronic digital signature application by governmental bodies, local authorities, enterprises, institutions and organizations of state pattern of ownership”: this Order defines requirements to application of electronic digital signature by governmental bodies, local authorities, enterprises, institutions and organizations of state pattern of ownership;
  • CU, the Regulation of CU from 13.06.2004 # 903 “About adoption of Order of key certification center accreditation”: this Order defines procedure of key certification center accreditation, conditions of rendering of electronic digital signature services by the center, requirement to its personnel and information protection;
  • CU, the Regulation of CU from 26.05.2004 # 680 “About adoption of Order of electronic document (electronic data) presence certification at certain point of time”: this Order defines conditions and requirements to procedure of electronic document (electronic data) presence certification at certain point of time;
  • CU, the Regulation of CU from 16.02.1997 # 180 “About adoption of Statement about maintenance of secrecy when processing of information being a State secret in automated systems”: restricted.

Orders of Department of Special Telecommunication Systems and Information Protection of Security Service of Ukraine (DSTSIP of SSU):

  • DSTSIP, the Order from 08.11.05 # 125 “About adoption of Procedure of complex information protection system creation in information-telecommunication system”;
  • DSTSIP, the Order from 13.01.2005 # 3 about consummation of the normative document “About adoption of Rules of enhanced certification”;
  • DSTSIP, the Order from 30.04.2004 # 31 about consummation of the normative document “About alteration of Regulation about the order of development, manufacturing and operation of confidential information cryptographic protection facilities”;
  • DSTSIP, the Order from 02.04.2003 # 33 about consummation of the normative document “ND TIP 2.5-010-03 Requirements to protection of information of WEB-page from unauthorized access”;
  • DSTSIP, the Order from 13.12.2002 # 84 about consummation of the normative document “ND TIP 2.5-008-2002 Requirements on protection of confidential information from unauthorized access when processing in automated systems of class 2”;
  • DSTSIP, the Order from 24.12.2001 # 76 “About adoption of Order of state information resources protection in information-telecommunication systems”;
  • DSTSIP, the Order from 09.07.2001 # 329/32 about consummation of the normative document ”The Order of general purpose information technical protection facilities certification»;
  • DSTSIP, the Order from 1.03.2001 # 52 about consummation of the normative document “The Code of State secret data”;
  • DSTSIP, the Order from 09.02.2001 # 2 about consummation of the normative document “ND TIP 2.1-001-2001 Creation of information technical protection complexes. Certification of complexes. Fundamentals”;
  • DSTSIP, the Order from 25.12.2000 # 62 about consummation of the normative document “Regulation about state expertise in the field of information cryptographic protection”;
  • DSTSIP, the Order from 20.12.2000 # 60 about consummation of the normative document “ND TIP 3.6-001-2000 Technical protection of information. Computer systems. The order of creation, implementation, support and modernization of facilities of technical protection of information from unauthorized access”;
  • DSTSIP, the Order from 04.12.2000 # 53 about consummation of the normative document “ND TIP 1.4-001-2000 Typical regulations about service of information protection in automated system;
  • DSTSIP, the Order from 29.12.1999 # 62 about consummation of the normative document “About adoption of Regulation about state expertise in the field of information technical protection”;
  • DSTSIP, the Order from 30.11.1999 # 53 about consummation of the normative document “About adoption of Regulation about the order of development, manufacturing and operation of confidential information cryptographic protection facilities”;
  • DSTSIP, the Order from 28.04.1999 # 22 about consummation of the normative document “ND TIP 3.7-001-99 Methodical instructions on development of requirements specification for creation of complex system of information protection in automated system”;
  • DSTSIP, the Order from 28.04.1999 # 22 about consummation of the normative document “ND TIP 2.5-005-99 Classifications of automated systems and standard functional profiles of security of processed information from unauthorized access”;
  • DSTSIP, the Order from 28.04.1999 # 22 about consummation of the normative document “ND TIP 2.5-004-99 Criteria of estimation of information security from unauthorized access in computer systems”;
  • DSTSIP, the Order from 28.04.1999 # 22 about consummation of the normative document “ND TIP 1.1-002-99 General provisions on protection of information in computer systems from unauthorized access”;
  • DSTSIP, the Order from 10.07.1995 # 35 about consummation of the normative document “Temporary regulations about categorization (TRC-95)”;
  • DSTSIP, the Order from 09.06.1995 # 25 about consummation of the normative document “Temporary recommendations on technical protection from leak by channels of collateral electromagnetic radiations and pickup. (TR TIP-CCERP-95)”;
  • DSTSIP, the Order from 09.06.1995 # 25 about consummation of the normative document “Temporary recommendations on technical protection of information in computing machinery, automated systems and networks from leak by channels of collateral electromagnetic radiations and pickup. (TR CM-95)”.
Top
Information protection -> | Information security audit | Complex systems of information protection | ISO 27001:2005 | Normative documents | ISS |
© "Art-master" Ltd 2000 - 2012. All rights reserved.