Unofficial translation
In compliance with subparagraph 20) of article 7-1 of the Law of the Republic of Kazakhstan dated November 24, 2015 "On informatization" ORDER:
1. To approve the attached Rules for confirming the conformity of information systems, hardware, software and hardware and software (products), technical means of protecting information with information security requirements.
2. The Committee for Information Security of the Ministry of Digital Development, Innovation and Aerospace Industry of the Republic of Kazakhstan shall ensure:
1) state registration of this order with the Ministry of Justice of the Republic of Kazakhstan;
2) posting this order on the Internet resource of the Ministry of Digital Development, Innovation and Aerospace Industry of the Republic of Kazakhstan;
3) within ten working days after the state registration of this order, the submission to the Legal Department of the Ministry of Digital Development, Innovation and Aerospace Industry of the Republic of Kazakhstan information on the implementation of the measures provided for in subparagraphs 1) and 2) of this paragraph.
3. Control over the implementation of this order shall be entrusted to the supervising Vice-Minister of Digital Development, Innovation and Aerospace Industry of the Republic of Kazakhstan.
4. This order shall be enforced upon the expiration of ten calendar days after the day of its first official publication.
| The Minister of Digital Development, | |
| Innovation and Aerospace Industry | |
| of the Republic of Kazakhstan | B. Mussin |
"AGREED"
Ministry of Trade and Integration
Republic of Kazakhstan
| Approved by the order | |
| Minister of Digital Development, | |
| innovation and aerospace | |
| Republic of Kazakhstan | |
| dated October 19, 2020 No. 392 / НҚ |
Rules for confirming the conformity of information systems, hardware, software and hardware and
software tools (products), technical means of protecting information with information security requirements
Chapter 1. General provisions
1. These Rules for confirming the compliance of information systems, hardware, software and hardware and software tools (products), technical means of protecting information with information security requirements (hereinafter - the Rules) are developed in accordance with subparagraph 20) of article 7-1 of the Law of the Republic of Kazakhstan dated 24 November 2015 "On Informatization" and determine the procedure for confirming the compliance of information systems, hardware, software and hardware and software (products), technical means of information protection with information security requirements.
2. The following basic concepts and abbreviations are used in these Rules:
1) information security in the field of informatization (hereinafter - information security) - the state of protection of electronic information resources, information systems and information and communication infrastructure from external and internal threats;
2) body for confirmation of conformity - a legal entity accredited in the prescribed manner to perform work on confirmation of conformity.
3. Confirmation of compliance of information systems, hardware, software and hardware and software (products), technical means of protecting information with information security requirements is carried out on a voluntary basis at the initiative of the owner and (or) the owner of the informatization object, or by persons authorized by them in accordance with the Law of the Republic Kazakhstan dated November 9, 2004 "On technical regulation".
Chapter 2. The procedure for confirming the conformity of information systems, hardware, software and hardware and
software (products), technical means of information protection with information security requirements
4. Confirmation of compliance of information systems, hardware, software, hardware and software (products), technical means of protecting information with information security requirements is carried out in accordance with the Uniform requirements in the field of information and communication technologies and information security, approved by the Government of the Republic of Kazakhstan dated December 20, 2016 number 832.
5. Confirmation of conformity of information systems, hardware, software, hardware and software (products), technical means of information security with information security requirements is carried out by conformity assessment bodies accredited in accordance with the Law of the Republic of Kazakhstan dated July 5, 2008 "On accreditation in the field of assessment conformity ".
6. The procedure for concluding contracts for confirming the conformity of information systems, hardware, software, hardware and software (products), technical means of protecting information with information security requirements by conformity confirmation bodies is determined in accordance with the Civil Code of the Republic of Kazakhstan dated December 27, 1994.
