What are the standards and technical regulations on cyberinformation security in Vietnam?

What are the standards and technical regulations on cyberinformation security in Vietnam? (Internet image)

Regarding this issue, LawNet would like to answer as follows:

1. What are the standards and technical regulations on cyberinformation security in Vietnam?

According to Article 37 of the Law on Cyberinformation Security 2015, technical standards and regulations for cyber information security are as follows:

- Standards on cyberinformation security include international standards, regional standards, foreign standards, national standards and manufacturer standards on information systems, hardware, software, and systems for management and safe operation of cyberinformation which are announced and recognized for application in Vietnam.

- Technical regulations on cyberinformation security include national technical regulations and local technical regulations on information systems, hardware, software, and systems for management and safe operation of cyberinformation which are developed, promulgated and applied in Vietnam.

2. Regulations on management of standards and technical regulations on cyberinformation security in Vietnam

Regulations on management of standards and technical regulations on cyberinformation security in Vietnam according to Article 38 of the Law on Cyberinformation Security 2015 are as follows:

- Cyberinformation security regulation conformity certification means a conformity certification organization certifying the conformity of information systems, hardware, software, and systems for management and safe operation of cyberinformation with technical regulations on cyberinformation security.

- Cyberinformation security regulation conformity announcement means an organization or enterprise announcing the conformity of information systems, hardware, software, and systems for management and safe operation of cyberinformation with technical regulations on cyberinformation security.

- Cyberinformation security standard conformity certification means a conformity certification organization certifying the conformity of information systems, hardware, software, and systems for management and safe operation of cyberinformation with standards on cyberinformation security.

- Cyberinformation security standard conformity announcement means an organization or enterprise announcing the conformity of information systems, hardware, software, and systems for management and safe operation of cyberinformation with standards on cyberinformation security.

- The Ministry of Science and Technology shall assume the prime responsibility for, and coordinate with related agencies in, appraising and announcing national standards on cyberinformation security in accordance with the law on standards and technical regulations.

- The Ministry of Information and Communications shall:

= Draft national standards on cyberinformation security, except national standards mentioned in Clause 7 of Article 38 of the Law on Cyberinformation Security 2015;

= Promulgate national technical regulations on cyberinformation security, except national technical regulations mentioned in Clause 7 of Article 38 of the Law on Cyberinformation Security 2015; and stipulate cyberinformation security regulation conformity assessment;

= Manage the quality of cyberinformation security products and services, except civil cryptographic products and services;

= Register, designate, and manage the operation of, cyberinformation security conformity certification organizations, except conformity certification organizations for civil cryptographic products and services.

- The Government Cipher Committee shall assist the Minister of National Defense in drafting national standards on civil cryptographic products and services for submission to competent state agencies for announcement and guidance for implementation; develop and submit to the Minister of National Defense for promulgation national technical regulations on civil cryptographic products and services;

Designate, and manage the operation of, conformity certification organizations for civil cryptographic products and services; and manage the quality of civil cryptographic products and services.

- Provincial-level People’s Committees shall develop, promulgate, and guide the implementation of, local technical regulations on cyberinformation security; and manage the quality of cyberinformation security products and services in localities.

>> CLICK HERE TO READ THIS ARTICLE IN VIETNAMESE