Content: plan152fz.zip (26.82 KB)
Uploaded: 21.12.2012

Positive responses: 0
Negative responses: 0

Sold: 0
Refunds: 0

$7
A sample of the internal document - the plan and guidelines smev for those who work in state or municipal sphere, it is useful to the Director and the Chief of the Department of automation, system administrators, security administrators, HR specialist.

Available disclosed questions: SMEV setup diagram personal data protection system, certification FSTEC, personal data protection, software licensing with registration requirements FSTEC.


The plan: to bring the information system in compliance with the legislation of the Russian Federation in the sphere of information security and personal data. With notes and explanations.

For those who need to know about:


How To Get Passport FSTEC

Resolution FSTEC

Certificate FSTEC

Work FSTEC

Licensing FSTEC


Instructions SMEV help and other organizations, where processing of personal data, and to whom you want to start the implementation of laws:


152-FZ On Personal Data,

149-FZ On Information, Information Technologies and Protection of Information,

210-FZ On the organization of public and municipal services.

Start to prepare the organization to connect the system of interagency electronic interaction - SMEV and RSMEV (formerly SIR - system of execution of regulations in certain regions)


Contents:


Where to start to build the information system of personal data - ISPDn

In which case, you need security certificates FSTEC

In which case the necessary sticker SPZ - special protective sign

How to keep intellectual and copyright

How to choose a certification scheme of protection of information - GIS

What types of licenses to choose the server operating system

What types of licenses to select a database management system - database

The main functions of Roskomnadzor, FSTEC and the FSB on the protection of personal data

Stages of construction of the system of protection of personal data - personal data protection system

Important stages and results of building personal data protection system

What methodologies define the functions of the system administrator and the administrator of information security

System requirements for public services in electronic form using digital signature - EDS for its legitimacy

Priority actions for the modernization of the information system - an example

Strategic direction of development of the information system of the modern organization

What documents are needed for the organization of the right to personal data processing - PD

Excerpt: Special requirements and recommendations for technical protection of confidential information needed for state and municipal institutions - PAGE K - reference list of documents necessary for the organization to handle the PD


Review summarizes these issues from disparate data into a single concise document guiding the character, in fact, is the main reference point for the construction of PDIS.
4 pages.

Note: The document should be regarded as a model or basis, but was written for a real municipal institutions.
No feedback yet