What are regulations on management of technical regulations and standards on information safety in Vietnam?
What are regulations on management of technical regulations and standards on information safety in Vietnam? What are regulations on classification of information systems in Vietnam? How to response to network emergencies that threaten online information safety in Vietnam? What are responsibilities of organizations and enterprises for information safety and information security in Vietnam?
What are regulations on management of technical regulations and standards on information safety in Vietnam?
Pursuant to Article 40 of the Decree 72/2013/NĐ-CP stipulating management of technical regulations and standards on information safety in Vietnam as follows:
1. Certification of conformity of information system with information safety regulations (hereinafter referred to as conformity certification) is the certification that the information system is conformable with technical regulations promulgated by the Ministry of Information and Communications and mandatory information safety standards established by the Ministry of Information and Communications.
2. Declaration of conformity of information system with information safety regulations is the organization or enterprise declaring the conformity of the information system with the technical regulations and standards on information safety.
3. Owners of information systems shall carry out conformity certification and conformity declaration in accordance with regulations of the Ministry of Information and Communications.
4. Conformity certification bodies are the units accredited or assigned by the Ministry of Information and Communications to carry out conformity certification.
5. The Ministry of Information and Communications shall specify the certification and declaration of conformity with regulations on information safety; make a list of information systems that need conformity certification and declaration; appoint and accredit certification bodies.
What are regulations on classification of information systems in Vietnam?
Pursuant to Article 42 of the Decree 72/2013/NĐ-CP stipulating classification of information systems in Vietnam as follows:
1. Classification of information systems are the assessment and determination of importance of such information systems to the entire information and communication infrastructure, economic and social development, national defense and security for providing solutions for assurance of information safety and information security.
2. The Ministry of Information and Communications shall cooperate with the Ministry of Public Security, relevant Ministries and agencies in formulating and organizing the regulations on classification of information systems, making the list of information systems of national importance, requirements for information safety and information security of information systems of national importance.
How to response to network emergencies that threaten online information safety in Vietnam?
Pursuant to Article 43 of the Decree 72/2013/NĐ-CP stipulating network emergency response in Vietnam as follows:
1. Computer emergency response is to handle and resolve the accidents that threaten online information safety.
2. Computer emergency response must:
a) Be responsive, accurately, and efficient;
b) Comply with the direction of the Ministry of Information and Communications;
c) Seek cooperation with Vietnamese and international organizations and enterprises.
3. Ministries, ministerial agencies, Governmental agencies, telecommunication enterprise, Internet service providers, the organizations in charge of information systems of national importance shall form or appoint computer emergency response teams (CERT) to take actions within their competence and cooperate with Vietnam Computer Emergency Response Team (VNCERT)
4. The Ministry of Information and Communications shall formulate and organize the implementation of regulations on coordinating network emergency response.
What are responsibilities of organizations and enterprises for information safety and information security in Vietnam?
Pursuant to Article 44 of the Decree 72/2013/NĐ-CP stipulating responsibilities of organizations and enterprises for information safety and information security in Vietnam as follows:
Vietnamese enterprises, Internet service providers, providers of online information, game service providers are responsible for:
1. Deploying technical systems and techniques to ensure information safety and information security.
2. Instructing Internet agents, public Internet access points, and gaming centers to take measures for ensuring information safety and information security.
3. Preparing premises, connection ports, and necessary technical conditions for competent authorities to ensure information safety and information security at the request of the Ministry of Information and Communications and the Ministry of Public Security.
4. Promulgating and implementing internal regulations, procedures for operating, providing, using services, and regulations on cooperation with the Ministry of Information and Communications and the Ministry of Public Security in assurance of information safety and information security.
Best regards!
