home > Internet > Regulations on the department of information systems. Regulation on the use of the information system Regulation on the information system sample

Regulations on the department of information systems. Regulation on the use of the information system Regulation on the information system sample

Order of the Federal Service for Ecological,
technological and nuclear supervision
dated July 24, 2012 No. 416

"On approval of the Regulations on the automated information system
on the regulation of safety in the field of the use of atomic energy"

In order to improve the information support of the Federal Service for Ecological, Technological and Nuclear Supervision, to ensure the fulfillment of state functions for licensing activities in the field of the use of atomic energy and for supervision of the system of state accounting and control of nuclear materials, as well as in pursuance of paragraph 5 of the order of the Federal Environmental Service , Technological and Nuclear Supervision of February 13, 2012 No. 96 "On the development and modernization of special software for the Information System for Supervision of Accounting and Control of Nuclear Materials" I order:

1. Approve the attached Regulations on the automated information system for safety regulation in the field of atomic energy use.

2. Recognize invalid the order of the Federal Service for Ecological, Technological and Nuclear Supervision dated June 04, 2010 No. 454 "On Approval of the Regulations on the Information System for Supervision of Accounting and Control of Nuclear Materials".

3. To impose control over the implementation of this order on the Secretary of State - Deputy Head A.V. Ferapontov.

POSITION
ABOUT AUTOMATED INFORMATION SYSTEM
ON REGULATION OF SAFETY IN THE FIELD
USE OF NUCLEAR ENERGY

(approved by order of the Federal Environmental Service,
Technological and Nuclear Supervision of July 24, 2012 No. 416)

I. General provisions

1. This Regulation determines the main goals, objectives, structure and operation of the automated information system for safety regulation in the field of atomic energy use (hereinafter referred to as AIS NRS) of the Federal Environmental, Industrial and Nuclear Supervision Service.

2. AIS NRS is one of the tools for information support for the effective and high-quality performance of state functions by Rostechnadzor:

on licensing activities in the field of the use of atomic energy;

on issuing permits for the right to conduct work in the field of the use of atomic energy to employees of facilities using atomic energy;

on supervision of the system of state accounting and control of nuclear materials;

on supervision of the system of state accounting and control of radioactive substances and radioactive waste;

for the supervision of the physical protection of radiation sources, radioactive substances, storage facilities, storage facilities for radioactive waste at radiation hazardous facilities and at nuclear facilities.

3. The requirements of the Regulations are mandatory for employees of the central office and territorial bodies of Rostechnadzor in the performance of state functions of providing public services on licensing activities in the field of the use of atomic energy, on issuing permits for the right to conduct work in the field of the use of atomic energy to employees of nuclear facilities, on supervision of the system of state accounting and control of nuclear materials, on supervision of the system of state accounting and control of radioactive substances and radioactive waste, for the supervision of the physical protection of radiation sources, radioactive substances, storage facilities, storage facilities for radioactive waste at radiation hazardous facilities and at nuclear facilities.

4. Regulation on AIS NRS was developed on the basis of the following documents:

Regulations on the Federal Service for Ecological, Technological and Nuclear Supervision, approved by the Government Decree Russian Federation July 30, 2004 No.;

Regulations on licensing activities in the field of the use of atomic energy, approved by the Decree of the Government of the Russian Federation of July 14, 1997 No.;

The list of positions of employees of nuclear facilities that must obtain permits from the Federal Environmental, Industrial and Nuclear Supervision Service for the right to conduct work in the field of nuclear energy use, approved by Decree of the Government of the Russian Federation dated March 3, 1997 No.;

Administrative Regulations for the Federal Environmental, Industrial and Nuclear Supervision Service to Perform the State Function of Licensing Activities in the Field of the Use of Atomic Energy, approved by Order No. of the Ministry of Natural Resources and Ecology of the Russian Federation dated October 16, 2008;

Administrative Regulations for the Federal Environmental, Industrial and Nuclear Supervision Service to perform the state function of exercising control and supervision over the physical protection of nuclear installations, radiation sources, storage facilities, nuclear materials and radioactive substances, and systems of unified state accounting and control of nuclear materials, radioactive substances , radioactive waste, approved by order of the Federal Service for Ecological, Technological and Nuclear Supervision dated December 15, 2011 No.;

Administrative regulation on the provision by the Federal Service for Environmental, Technological and Nuclear Supervision of the state service for issuing permits for the right to conduct work in the field of the use of atomic energy to employees of nuclear facilities, approved by order of the Federal Service for Environmental, Technological and Nuclear Supervision of December 21, 2011 No.;

The Department for Safety Regulation of Nuclear Fuel Cycle Facilities, Nuclear Power Plants of Ships and Radiation Hazardous Facilities, Supervision of Accounting and Control of Nuclear Materials and Radioactive Substances and Physical Protection is responsible for entering information and maintaining up-to-date reference books No. -;

Department for Safety Regulation of Nuclear Fuel Cycle Facilities, Nuclear Power Plants of Ships and Radiation Hazardous Facilities, Supervision of Accounting and Control of Nuclear Materials and Radioactive Substances and Physical Protection and Department for Regulation

the safety of nuclear power plants and nuclear research installations are responsible for entering information and maintaining up to date Directory No.;

MTD NRS are responsible for entering information and maintaining up-to-date reference books - for the relevant supervised organizations;

Structural subdivisions of the central office and MTU NRS of Rostechnadzor, which are responsible for the organization and control over the performance of work on the technical support of the operation of special software tools, hardware complex and the AIS NRS information database, are responsible for entering information and maintaining up-to-date reference books No. , , and .

19. Making changes to the reference books - is carried out by the relevant responsible persons within three days from the date of receipt of information about the need to make changes.

20. To ensure the AIS NRS application task of registering organizations (including nuclear facilities) supervised by Rostekhnadzor, persons responsible for the timely entry of information should be appointed:

in the central office - in the Department for ensuring organizational-control and licensing-permitting activities;

in MTD NRS - in subdivisions that register and record information about supervised organizations.

21. To support the application tasks of the AIS NRS for planning inspections and recording inspections carried out for supervision of accounting for and control of nuclear materials, for supervision of accounting for and control of radioactive substances and radioactive waste, for supervision of the physical protection of radiation sources, radioactive substances, storage facilities, storage facilities for radioactive waste at radiation hazardous facilities and at nuclear facilities, registration of information on identified anomalies based on special reports from supervised organizations and registration of information on unauthorized actions in relation to nuclear materials and physical protection at supervised organizations should be appointed, persons responsible for the timely entry of information :

in the central office - in the Department for Safety Regulation of Nuclear Fuel Cycle Facilities, Nuclear Power Plants of Ships and Radiation Hazardous Facilities, Supervision of Accounting and Control of Nuclear Materials and Radioactive Substances and Physical Protection;

in MTD NRS - in the subdivisions involved in planning and conducting inspections for accounting and control of nuclear materials, registration and accounting of information on detected anomalies and unauthorized actions.

22. To support the application task of the AIS NRS on consolidated reporting on supervision of accounting and control of nuclear materials, on supervision of accounting and control of radioactive substances and radioactive waste, on supervision of the physical protection of radiation sources, radioactive substances, storage facilities, storage facilities for radioactive waste at at radiation hazardous facilities and at nuclear facilities, persons responsible for the timely input of information should be appointed:

at MTD NRS - in subdivisions collecting and summarizing reports on supervisory activities in the field of accounting and control of nuclear materials.

23. To ensure the AIS NRS application task of licensing activities in the field of atomic energy use, persons responsible for the timely input of information should be appointed:

in the central office - in the Department for Organizational and Controlling and Licensing and Licensing Activities, the Department for Safety Regulation of Nuclear Fuel Cycle Facilities, Nuclear Power Plants of Ships and Radiation Hazardous Facilities, Supervision of Accounting and Control of Nuclear Materials and Radioactive Substances and Physical Protection and in the Department on the regulation of the safety of nuclear power plants and nuclear research facilities;

at MTU NRS - in subdivisions involved in the consideration and issuance of licenses in the field of atomic energy use.

24. To ensure the application task of the AIS NRS for issuing permits for the right to conduct work in the field of atomic energy use, employees of nuclear facilities should be assigned persons responsible for the timely input of information:

at MTU NRS - in the divisions involved in the consideration and issuance of permits for the right to conduct work in the field of the use of atomic energy to employees of nuclear facilities.

25. As part of the applied tasks for planning inspections and recording inspections carried out for supervision of accounting and control of nuclear materials, for supervision of accounting for and control of radioactive substances and radioactive waste, for supervision of the physical protection of radiation sources, radioactive substances, storage facilities, storage facilities for radioactive waste at radiation-hazardous facilities and at nuclear facilities, registration of information on identified anomalies based on special reports from supervised organizations, registration of information on unauthorized actions in relation to nuclear materials and physical protection at supervised organizations, information must be entered into the AIS NRS within two days from the moment of its receipt.

26. As part of the applied task on consolidated reporting on supervision of accounting and control of nuclear materials, on supervision of accounting and control of radioactive substances and radioactive waste, on supervision of the physical protection of radiation sources, radioactive substances, storage facilities, storage facilities for radioactive waste at radiation hazardous facilities and at nuclear facilities, the information shall be entered into the AIS NRS within the time limits stipulated by the reporting documents of Rostechnadzor.

27. As part of the applied tasks of registering supervised organizations (including nuclear facilities) and licensing activities in the field of the use of atomic energy, entering information about the facility using atomic energy, receipt of an application for a license, making changes to the terms of the license, cancellation of a license or issuance of a duplicate of a license, issuance of a license, changes in the terms of the license is carried out on the day the documents are received.

Entering information about the progress of consideration of the application, the examination, inspection, etc. carried out within two days from the date of receipt of the information.

28. As part of the applied task for issuing permits for the right to conduct work in the field of the use of atomic energy, employees of nuclear facilities enter information about the receipt of an application for a permit, for extending the validity of a permit, for reissuing, canceling a permit or issuing a duplicate of a permit, issuing a permit , extension of the validity period or reissuance of the permit is carried out on the day the documents are received.

VI. Data exchange

29. Data exchange in AIS NRS is organized between all three levels. Within the framework of the AIS NRS, it is possible to organize work with the information database in two ways:

work with the central information database AIS NRS of the central office of Rostechnadzor through local network or dedicated communication channels;

work with the local information database of the AIS NRS of the MTU NRS or the inspection department.

When working with the central information database of the AIS NRS of the central office, data is entered directly into the information database of the central office of Rostechnadzor. When working with a local database, data is entered into the local database of the AIS NRS, information exchange with other local databases and with the database of the central office of Rostechnadzor is organized through uploading/downloading data in the format Microsoft Excel.

30. Inspection departments of the MTD NRS, working with the local AIS NRS database, must upload data from local server databases of the inspection department and send data in Microsoft Excel format to the appropriate ITD NRS. MTD NRS uploads data from the local databases of inspection departments to the local server of the AIS NRS database of the MTD NRS or to the central information database of the AIS NRS of the central office of Rostechnadzor.

31. MTD NRS, working with the local AIS NRS database, must download data from the local server of the MTD NRS database and send the data in Microsoft Excel format to the central office of Rostekhnadzor.

32. As part of the administration of the AIS NRS, the central office should be responsible for the collection of MTD NRS data and entry into the central database of the AIS NRS. The person responsible for data collection uploads data from the MTD NRS to the central database of the AIS NRS of the central office of Rostechnadzor.

33. If necessary, the person responsible for data collection should upload reference data from the central database of the AIS NRS of the central office of Rostechnadzor and send them to MTD NRS. MTD NRS should upload the reference data to the local database, as well as ensure the transfer of reference data to the local databases of the MTD NRS inspection departments (if necessary).

34. Frequency of data exchange between local databases of inspection departments and MTD NRS is established by orders for the corresponding MTD NRS, but at least once a quarter.

35. Data exchange between the local databases of the MTD NRS and the central database of the AIS NRS of the central office of Rostechnadzor (except for data on licensing activities in the field of the use of atomic energy) is carried out quarterly until the 10th day of the month following the end of the quarter (or at the request of the central office).

The exchange of data on licensing activities in the field of atomic energy use between the local databases of the MTD NRS and the central database of the AIS NRS of the central office of Rostechnadzor is carried out monthly until the 10th day of each month (or at the request of the central office).

36. MTD NRS should appoint a responsible unit, as well as persons personally responsible for data exchange in AIS NRS.

APPROVED

director's order

CJSC "Horns and Hooves"

dated "__" _____ 20__ No. _____

Muhosransk, 2012

1. General Provisions. 3

2. Terms and definitions. 3

3. Obligations and rights of users. four

4. Registration of users and equipment. 6

5. Duties and rights of the system administrator. 6

6. General rules work at AWP ……………………………………………………………………………...

7. Responsibility. 7

8. Management and maintenance of the document. 9

9. Application list ……………………………………………………………………..10

1. GENERAL PROVISIONS

1.1. Statement of use information resources(hereinafter referred to as the Regulations) streamlines the use of information resources of the network of CJSC Roga i Kopyta (hereinafter referred to as the Company) in order to increase the efficiency of the implementation of production plans and other activities provided for by the production need, as well as to prevent the improper use of information resources, hardware and software Companies.

1.2. This Regulation applies to users of any computer equipment (computers, computer peripherals, communication equipment) connected to the local area network of the unit, as well as to users performing remote access to the equipment of the Company's local network from other local networks and the Internet.

1.3. The Regulation defines the rights and obligations of both users of computer equipment and system administrators.

1.4. Non-compliance with the Regulations by employees may serve as a basis for the application of a disciplinary sanction.

2. TERMS AND DEFINITIONS

2.1. Local Area Networks (LANs) are networks of closely spaced computers, most often located in the same room, building, or closely spaced buildings. Local computer networks covering a certain enterprise and uniting heterogeneous computing resources in a single environment are called corporate networks.

2.2. Server - a hardware and software complex that performs the functions of storing and processing user requests, not intended for local access users (dedicated server, router and other specialized devices) due to the high requirements for ensuring the reliability, availability and security measures of the enterprise information system.

2.3. Work station - Personal Computer(terminal) designed for user access to the resources of the Enterprise Automated System, receiving, transmitting and processing information.

2.4. ARM - workplace, secured (staffed) workstation and peripherals (printer, scanner) having/not having access to resources corporate network data transmission

2.5. Automated system (AS) - a set of software and hardware designed to store, transmit and process data and information and perform calculations.

2.6. System administrator - an official whose duties include maintaining the entire hardware and software complex of the company, managing access to network resources, as well as maintaining the required level of fault tolerance and data security, their backup and recovery.

2.7. User - an employee of the Company who has access to the information system of the company to perform job duties.

2.8. Account - information about the network user: username, password, access rights to resources and privileges when working in the system. The account may contain Additional information(address Email, telephone, etc.).

2.9. Password - a secret string of characters (letters, numbers, special characters) presented by the user to a computer system in order to gain access to data and programs. The password is a means of protecting data from unauthorized access.

2.10. Changing permissions - the process of creating deletion, making changes to AS user accounts, creating, deleting, changing names mailboxes and email addresses, creating, deleting, changing security groups and mail distribution groups, as well as other changes that lead to the expansion (reduction) of the amount of information or resources available to the user AS.

2.11 Incident - an event that occurred as a result of a computer failure or a human factor, which led to the partial or complete inoperability of the workstation or the AU.

3. RESPONSIBILITIES AND RIGHTS OF USERS.

3.1. Users are required to:

read the Regulations before starting work on computer equipment,
be registered, instructed and receive personal access attributes (name, password) to work with equipment with established powers,
set a personal access password (if the user is given the opportunity to change the password) in accordance with clause 6.2 of this provision,
use computer equipment exclusively for activities stipulated by the production need and job descriptions,
install the workstation in a place convenient for work, on a solid (stable) surface away from potential sources of pollution (open windows, flower pots, aquariums, teapots, flower vases, etc.), so that the ventilation openings of the means computer science were opened for air circulation

Wipe the workstation equipment from dust at least once every two weeks in compliance with the requirements of safety regulations;

report noticed malfunctions of computer equipment and shortcomings in the operation of public software,
rational use of limited shared resources (disk memory of public computers, bandwidth of the local network) and consumables,
comply with the requirements of the system administrator, as well as persons appointed responsible for the operation of specific equipment, in terms of the security of the network complex and equipment,
follow the rules of work computer network,
comply with the mandatory recommendations of responsible persons on computer security,
at the request of the system administrator, provide correct information about the network programs ah, about users who have access to a PC or are registered in multi-user operating systems,
provide access to the PC to system administrators to check the serviceability and compliance with the established rules of work,
assist system administrators in the performance of their duties,
immediately notify the system administrator of observed cases of violations of computer security (unauthorized access to equipment and information, unauthorized distortion or destruction of information).

3.2. Users are prohibited from:

use equipment for activities that are not due to production needs and job descriptions,
interfere with the work of other users, interfere with the operation of computers and the network,
turn on, turn off, switch, move, disassemble, change the setting of public equipment, except for the direct indication of the person in charge and except in cases of fire danger, smoke from the equipment, or other threats to life and health of people or threats to the safety of property,
connect new computers and equipment to the local network without the participation of a system administrator,
transfer to other persons their personal access attributes (registration name and password) to the computer equipment and the network of the department,
access the equipment and network using someone else's personal access attributes or using someone else's session,
delete files of other users on public servers,
to attempt unauthorized access to computer equipment and information stored on computers and transmitted over the network,
use, distribute and store programs designed to carry out unauthorized access, crack passwords, disrupt the functioning of computer equipment and computer networks, as well as computer viruses and any programs infected by them,
use, distribute and store network management and monitoring programs without special permission from the system administrator,
violate the rules of remote computers and remote equipment accessed through the unit's equipment or network,
provide access to computer equipment to unregistered users,
use on your workstations removable drives and other devices without a preliminary check for possible threats (virus penetration, malware, the probability of physical failures). In the case when the user cannot independently verify that there are no threats, he can involve the system administrator for analysis.
Change the configuration of the workstation (open the PC, change, add, remove nodes and parts);
Remove or modify installed software (SW).
Install on your computer software that is not designed to perform production tasks;
Perform actions and commands, the result and consequences of which are not known to the user;
Change IP addresses;
Create and maintain, using the resources of corporate workstations, personal WEB pages on servers that are not part of the company's LAN, except as agreed by the management of departments;

3.3. Users have the right:

to receive a proper and serviceable workstation, to perform direct functional duties
apply for the right to access public equipment,
apply for allocation and modernization of computer equipment for personal use,
apply for an increase in quotas for computer resources and meeting the needs for consumables, if the average norms are exceeded, a justification must be provided,
make offers to install free and purchase commercial software for general use,
make proposals for the purchase of computer equipment,
make proposals for improving the settings of equipment and software for general use, for improving working conditions,
receive advice from the system administrator on working with computer equipment and software for general use, on computer security issues,
in case of disagreement, appeal against the actions of the system administrator with the immediate supervisor,
make proposals to change this Regulation,
receive notifications of changes to these Regulations and work rules on specific hardware.

4. REGISTRATION OF USERS AND EQUIPMENT.

4.1. Registration of new equipment connected to the Company's network is carried out by the system administrator. Equipment for personal use is assigned to an employee who takes responsibility for its operation. The responsible person is obliged to notify the system administrator who keeps records about moving the equipment to another room, about changing the configuration, about putting it in for repair, about transferring responsibility for the equipment to another person.

4.2. The transfer of equipment is carried out only in the case of bilateral signing of an act of liability between the transferring and receiving parties.

4.3. User registration is performed by the system administrator responsible for granting access to specific equipment.

5. DUTIES AND RIGHTS OF THE SYSTEM ADMINISTRATOR

5.1. The system administrator must:

to improve the operation of equipment and software for general use in order to increase the efficiency of the performance of users of their official duties,
monitor the stable operation of workstations, servers, programs installed on them and automated systems,
monitor the relevance of accounts, passwords and user permissions,
provide users with the information necessary to work on public computer equipment,
bring to the attention of users information about changes in the rules or mode of operation of public equipment,
to reduce to the minimum necessary downtime of equipment due to malfunctions and service work,
conduct explanatory work among users on computer security issues,
to bring to the attention of users the rules for working on specific equipment,
not to disclose information obtained in the course of the performance of official duties and not directly related to the duties performed.

5.2. The system administrator has the right to:

issue warnings to users who violate established rules work, as well as inform the immediate management of the incident.
demand from the user a detailed report on the work, if during this work there was a failure or failure of equipment or software of general use,
require justification for the need to allocate limited resources to the user or Supplies above the average planned level,
check the serviceability of computers connected to the Company's LAN, the correct configuration of network programs and compliance with the rules of work, using, if necessary, administrative access to the PC for the duration of the check,
promptly disconnect from the network, block operation or decommission equipment in the event of a violation of computer security, due to a malfunction or gross violation of the rules of operation,
in an emergency, to ensure the uninterrupted operation of the network and public computers, disconnect the equipment in the absence of a responsible person or user and without prior notice.
the system administrator has the right to delete user files containing game programs and programs designed to violate computer security, infected files from the disks of public computers without warning computer viruses, files containing multimedia information that is not related to the activities of the Company.

6. GENERAL RULES OF WORK ON ARM

6.1. When accessing AC services and resources, the user is required to enter his name and password (with the exception of public resources).

6.2. Requirements for user passwords and how to work with them

6.2.1 Passwords must be generated by special software or chosen independently by users, and, if necessary, by administrators, taking into account the following requirements:

the user password must be at least 8 characters long;
password characters must contain letters and numbers;
it is desirable to use punctuation marks in the password characters, Special symbols (" ~ ! @ # $ % ^ & * () - + _ = \ ! / ?).
6.2.2 The password must not consist of:
last name, first name, patronymic of the user in any form, i.e. written in lowercase, uppercase, mixed, backwards, twice, etc.;
surnames, names, patronymics of relatives and friends of the user in any form;
names of pets, car numbers, phone numbers and other meaningful combinations of letters and characters that can be guessed based on information about the user;
well-known names, dictionary and slang words;
sequences of characters and signs (111, qwerty, abcd, etc.);
generally accepted abbreviations and abbreviations (computer, LAN, USER, etc.);
denominations account user.

6.3 Entering a password

When entering a password, the user must exclude the possibility of his peeping by unauthorized persons (a person behind his back, observation by a person of the movement of fingers in direct line of sight or in reflected light) and technical means (stationary and built-in Cell phones video cameras, etc.).

6.4. Password storage

It is forbidden to write down passwords on paper, in files, electronic notebooks and other information carriers, including objects.
It is forbidden to communicate passwords to other users, service personnel of automated information systems and register them in systems under your account, except in cases of troubleshooting (in the presence of the user).
It is forbidden to send the password in clear text in e-mail messages.
Storing your password on paper is allowed only in the password owner's personal safe.

6.5. Changing passwords

Scheduled password changes must be carried out at least once every 180 days.

For ACs that allow policy setting password protection and user access, the following principles for changing passwords are used:

when creating an account, the administrator sets an option that regulates the password change period (180 days);
the password is changed by the user independently in accordance with the system warning that occurs when the current password expires.

For ASs that do not have the ability to configure a password protection policy and user access, passwords are changed by the administrator by generating a new User password. The created password is transferred to the User in a way that excludes its compromise.

6.6 Actions in case of loss or compromise of the password.

Oral request of the User to change the password is not a basis for such changes.

6.7. Connecting user workstations to AS services and resources, setting access rights.

Users are connected to AS resources and services by the system administrator on the basis of an application drawn up in accordance with the Instructions on the Procedure for Connecting Users to LAN Network Resources and Eliminating Incidents in AS CJSC Roga and Hooves
The network administrator does not have the right to independently change the access rights of a particular user without an agreed application, except for the cases described in clause 3.2, when the user, by his actions, violates the provisions of this manual or other operating regulations of the AU. In this case, the administrator has the right to temporarily disconnect the user (his workstation) from the resources and services of the AS and initiate an internal investigation into the user's illegal actions.

6.8. Work with incidents in the AS of the company.

It is carried out on the basis of the Instruction on the procedure for connecting users to local network resources and eliminating incidents in ZAO Roga i Kopyta.

7. RESPONSIBILITY

7.1. This Regulation is approved by the Company's management and communicated to employees through the heads of departments and system administrators. In the event of a conflict, legal users are required to comply with the current requirement of the specified persons, and then contact the management to resolve the conflict.

7.2. The user is responsible for maintaining the confidentiality of his passwords for entering the network environment of the company's computer resources. Users are prohibited from acting or failing to contribute to the disclosure of their password.

7.3. The Company is not responsible for the illegal or unethical actions of its employee (employees) in the field of computer or telecommunications technologies, if such actions are committed off-duty and from the territory and by means of equipment not under the jurisdiction of the Company. In this situation, the references of such a person (persons) to belonging to the Company cannot serve as a basis for legal prosecution of the Company for the actions of its employee (employees).

7.4. Roga i Kopyta CJSC is also not responsible for the user's own installation of software that is not included in the approved "List of corporate software (software)", as well as for improper and poor-quality operation of this software.

7.5. Elimination of all possible malfunctions and failures in the operation of the company's computer resources that arose due to self installation by an employee of software that is not included in the "Corporate list of software (software)", or as a result of irrational use of equipment, is carried out at the expense of the user's own funds.

7.6. The Company reserves the right to prosecute an employee (employees) for illegal or unethical actions in the field of computer or telecommunications technologies, if such actions are committed on the territory of the Company or through its computer resources.

8. MANAGEMENT AND DOCUMENT MAINTENANCE

8.1. A copy of the approved Regulations with the order of the Director of the Company on its introduction (set) is kept by the employee of the Company, who is responsible for personnel records management.

8.2. The employee of the Company, who is responsible for personnel records management, introduces employees who have direct access to the software and hardware Companies, with the Regulations, amendments and additions made to it.

8.3. If it is necessary to adjust the Regulations, the director of the company prepares an instruction to amend and supplement it.

8.4. The HR manager prepares a draft Regulation, which is approved and put into effect by the order of the director of the company.

8.5. An approved copy of the Regulation is registered by the office manager.

9. APPS

9.1 Instructions on the procedure for connecting users to network resources and eliminating incidents in CJSC Horns and Hooves

CENTRAL BANK OF THE RUSSIAN FEDERATION

POSITION

ON THE ELECTRONIC INFORMATION SYSTEM OF THE BANK OF RUSSIA

This Regulation has been developed in accordance with the Federal Law "On the Central Bank of the Russian Federation (Bank of Russia)" (Sobraniye Zakonodatelstva Rossiyskoy Federatsii, 2002, No. 28, Art. 2790; 2003, No. 2, Art. 157, No. 52, Art. 5032) , the Federal Law "On Information, Informatization and Protection of Information" (Sobraniye Zakonodatelstva Rossiyskoy Federatsii, 1995, N 8, Art. 60; 2003, N 2, Art. 167) and establishes the conditions and general rules for using the Electronic Information System of the Bank of Russia.

The subject of these Regulations are the principles for creating the Electronic Information System of the Bank of Russia and interaction between users of the Electronic Information System of the Bank of Russia.

1. General Provisions

1.1. The Electronic Information System (EIS) of the Bank of Russia was created at the expense of the Bank of Russia to ensure the exchange of electronic messages between the Bank of Russia and users of the EIS of the Bank of Russia in order to carry out banking operations and other types of activities stipulated by law.

1.2. The functioning of the EIS of the Bank of Russia is provided by the computing and technical centers of the Bank of Russia, equipped with hardware and software, for the purpose of collecting, processing, storing and transmitting administrative, economic, accounting, reporting, operational information, information on settlement transactions (including payment information) and other information in accordance with the rules and conditions established in the regulations and organizational and administrative documents of the Bank of Russia, information exchange agreements (hereinafter referred to as the agreement). The electronic information system of the Bank of Russia interacts with the telecommunications system of the Bank of Russia.

1.3. Participants in the electronic information exchange using the EIS of the Bank of Russia are divided into internal and external users of the EIS of the Bank of Russia.

1.4. The internal users of the EIS of the Bank of Russia include: the central office of the Bank of Russia, territorial offices of the Bank of Russia, OPERU-1, the Central Depository of the Bank of Russia, field offices, computer centers, other divisions of the Bank of Russia in accordance with the structure of the Bank of Russia, determined by the organizational and administrative documents of the Bank of Russia.

Internal users of the EIS of the Bank of Russia, when interacting with each other using the resources of the EIS of the Bank of Russia, act on the basis of the regulations of the Bank of Russia, organizational and administrative documents of the Bank of Russia, which determine the procedure for accessing EIS resources and the rules for their use.

1.5. EIS of the Bank of Russia can be used by external users, which include credit institutions (branches of credit institutions), authorities state power and local governments, their organizations, other clients of the Bank of Russia.

External users of the EIS of the Bank of Russia, in order to interact with the Bank of Russia using EIS resources, conclude an agreement with the Bank of Russia.

Procedure for access of external users of the EIS of the Bank of Russia to the computing and information resources of the EIS of the Bank of Russia, rules for their use and provision information security determined by the Bank of Russia.

1.6. For the purposes of this Regulation, the following terms and definitions are used:

Authentication of an electronic message is a procedure for monitoring the integrity and confirming the authenticity of an electronic message (ES).

Computing resources of the EIS of the Bank of Russia - hardware and software of the Bank of Russia that provide information processing.

The key (identifier) of the ES authentication code is a unique data used by the exchange participant when creating and verifying the authentication code.

Authentication code (KA) - data used to control the integrity and authenticate the ES.

An emergency situation is a state of the computing and information resources of the EIS of the Bank of Russia that is not provided for by the documentation for the EIS of the Bank of Russia and leads to system failures and failures, the absence of a service provided to users of the EIS of the Bank of Russia and requires intervention to restore the normal functioning of the system.

Authentication - verification of a message transmitted electronically, allowing the recipient to determine that the message comes from a specified source.

Rules of the electronic information system (EIS rules of the Bank of Russia) - a set of norms, regulations and organizational and administrative documents of the Bank of Russia that establish the conditions for access to the EIS of the Bank of Russia, registration of exchange participants and their KA keys, documents provided, the procedure for using the EIS of the Bank of Russia, formats EC, EC control procedure, permits conflict situations, actions in emergency situations, management of spacecraft keys, information security.

Authentication tools (CA) - hardware and (or) software tools that ensure the creation and verification of the CA.

Telecommunication system of the Bank of Russia - hardware and software that provide data transmission over communication channels.

Electronic message formats (FES) - an ordered sequence of characters included in the ES according to uniform rules, presented in a formalized form, in a prescribed sequence and dimension, used for transmission over communication and processing channels.

Electronic exchange participant - internal and external users of the EIS of the Bank of Russia, defined in paragraphs 1.4 and 1.5 of these Regulations.

Electronic message (ES) - a set of data corresponding to the established by the Bank of Russia electronic format, suitable for unambiguous perception of its content, equipped with an authentication code.

2. Conditions for using the EIS of the Bank of Russia

2.1. Participants in the electronic exchange of information using the EIS of the Bank of Russia use the formats of electronic messages established by the rules of the EIS of the Bank of Russia, specified in clause 1.6 of these Regulations. The list of data included in the message is established by the EIS rules of the Bank of Russia.

2.2. External users of the EIS of the Bank of Russia to participate in the electronic exchange of information using the EIS of the Bank of Russia are guided by agreements concluded with the Bank of Russia, which provide for the procedure for exchanging electronic messages, establish the rights and obligations of the Bank of Russia and users of the EIS of the Bank of Russia, the responsibility of the parties, and the procedure for resolving conflict situations , the procedure for the parties to act in case of emergency situations arising in the EIS of the Bank of Russia, the procedure for ensuring information security, including the procedure for using the authentication code, as well as other provisions that comply with the legislation and rules of the EIS of the Bank of Russia.

2.3. Internal users of the EIS of the Bank of Russia, when interacting with each other using the EIS of the Bank of Russia, are guided by the regulations and organizational and administrative documents that determine the rules of the EIS of the Bank of Russia.

2.4. The conditions for inclusion in the Bank of Russia EIS users, as well as the form of the act of readiness to start electronic information exchange using the Bank of Russia EIS, are established by the Bank of Russia EIS rules specified in clause 1.6 of these Regulations.

2.5. The decision to include credit institutions (branches of credit institutions) and other clients of the Bank of Russia as users of the EIS, as well as to set the date for the start of electronic information exchange using the EIS of the Bank of Russia, is made by the Bank of Russia, subject to the user’s readiness, confirmed in the manner established by the rules of the EIS of the Bank of Russia .

3. General rules for the exchange of information

3.1. The exchange of information is carried out in the EIS of the Bank of Russia in the form of ES sent by users of the EIS of the Bank of Russia to each other.

3.2. The composition of the details contained in the ES is determined by the regulations of the Bank of Russia.

3.3. The information contained in the ES must be available for its subsequent use, including the possibility of its visual presentation and reproduction on paper.

3.4. Electronic messages, used in the EIS of the Bank of Russia, must necessarily be equipped with CA, with the help of which message recipients can confirm the integrity and authenticity of the ES (authenticate the ES). The types of message authentication codes and the rules for their use for various types of banking information are established by the EIS rules of the Bank of Russia. Specific means of implementing KA messages, checking the integrity and authenticity of the ES are determined by the Bank of Russia.

3.5. Responsibility for the information contained in the ES lies with the sender of the ES, whose CA key (identifier) is registered in the prescribed manner and whose SC is equipped with this ES, unless otherwise provided by the EIS rules of the Bank of Russia and the contract.

3.6. Participants in the electronic information exchange and keys (identifiers) of the KA are registered by the Bank of Russia in accordance with the EIS rules of the Bank of Russia, as defined in Clause 1.6 of these Regulations.

4. The order of acceptance and control of received ES

4.1. All received ES are authenticated using authentication tools in the manner established by the Bank of Russia.

4.2. Based on the results of the ES authentication, the electronic exchange participant who received the ES sends the sender an electronic message confirming the positive or negative result of the received ES authentication, containing a group of details determined by the Bank of Russia.

4.3. If the authentication result is negative, the received ES is not allowed for further processing.

4.4. The ES is considered delivered only after the sender receives confirmation of its delivery in accordance with the procedure established by the Bank of Russia.

5. The order of storage and destruction of ES

5.1. All sent and received ES, as well as SA and data required to verify the authentication code, are stored for the periods established by the Bank of Russia.

5.2. When storing ES, the following requirements must be observed:

All ES are stored in the format in which they were sent or received, which makes it possible to establish that the sent or received data contained in the ES is not distorted. When storing ES, it should be possible to authenticate them during the entire period of storage;

All sent and received ECs are stored with the date and time of their sending and receiving;

The order of storage of ES should provide prompt access to the information contained in them and the possibility of its reproduction on paper.

5.3. The electronic messages and keys (identifiers) of the CA required to authenticate these messages are stored and destroyed in the manner prescribed by the Bank of Russia.

Chairman

Central Bank

Russian Federation

Order of the Federal Service for Ecological,
technological and nuclear supervision
dated July 24, 2012 No. 416

"On approval of the Regulations on the automated information system
on the regulation of safety in the field of the use of atomic energy"

1. Approve the attached Regulations on the automated information system for safety regulation in the field of atomic energy use.

3. To impose control over the implementation of this order on the Secretary of State - Deputy Head A.V. Ferapontov.

POSITION
ABOUT AUTOMATED INFORMATION SYSTEM
ON REGULATION OF SAFETY IN THE FIELD
USE OF NUCLEAR ENERGY

(approved by order of the Federal Environmental Service,
Technological and Nuclear Supervision of July 24, 2012 No. 416)

I. General provisions

2. AIS NRS is one of the tools for information support for the effective and high-quality performance of state functions by Rostechnadzor:

on licensing activities in the field of the use of atomic energy;

on issuing permits for the right to conduct work in the field of the use of atomic energy to employees of facilities using atomic energy;

on supervision of the system of state accounting and control of nuclear materials;

on supervision of the system of state accounting and control of radioactive substances and radioactive waste;

3. The requirements of the Regulations are mandatory for employees of the central office and territorial bodies of Rostechnadzor in the performance of state functions for the provision of public services for licensing activities in the field of the use of atomic energy, for issuing permits for the right to conduct work in the field of the use of atomic energy to employees of nuclear facilities, for supervision over the system of state accounting and control of nuclear materials, overseeing the system of state accounting and control of radioactive substances and radioactive waste, overseeing the physical protection of radiation sources, radioactive substances, storage facilities, storage facilities for radioactive waste at radiation hazardous facilities and at nuclear facilities.

4. Regulation on AIS NRS was developed on the basis of the following documents:

Regulations on the Federal Service for Ecological, Technological and Nuclear Supervision, approved by Decree of the Government of the Russian Federation dated July 30, 2004 No.;

Regulations on licensing activities in the field of the use of atomic energy, approved by the Decree of the Government of the Russian Federation of July 14, 1997 No.;

Instructions for reporting in the field of supervision of the state of accounting, control and physical protection, approved by order of the Federal Service for Environmental, Technological and Nuclear Supervision dated September 9, 2011 No. 530.

II. Main goals and objectives of the AIS NRS

5. AIS NRS is designed to provide information support for the performance by Rostekhnadzor of the state functions of providing public services for licensing activities in the field of the use of atomic energy, for issuing permits for the right to conduct work in the field of the use of atomic energy to employees of nuclear facilities, for supervision of the system of state accounting and control nuclear materials, on supervision of the system of state accounting and control of radioactive substances and radioactive waste, on supervision of the physical protection of radiation sources, radioactive substances, storage facilities, storage facilities for radioactive waste at radiation hazardous facilities and at nuclear facilities.

6. AIS NRS ensures the input, collection, storage, processing and access to information necessary for employees to perform the relevant functions of providing public services through a single user interface.

7. Within the framework of AIS NRS, the following applied tasks are performed:

registration of organizations (including nuclear facilities) supervised by Rostekhnadzor;

planning inspections and registration of conducted inspections (verifications, hereinafter referred to as inspections) for supervision of accounting and control of nuclear materials, for supervision of accounting for and control of radioactive substances and radioactive waste, for supervision of the physical protection of radiation sources, radioactive substances, facilities storage, storage facilities for radioactive waste at radiation hazardous facilities and at nuclear facilities;

registration of information on detected anomalies based on special reports from supervised organizations;

registration of information about unauthorized actions based on notifications from supervised organizations;

consolidated reporting on supervision of accounting and control of nuclear materials, on supervision of accounting and control of radioactive substances and radioactive waste, on supervision of the physical protection of radiation sources, radioactive substances, storage facilities, radioactive waste storage facilities at radiation hazardous facilities and at nuclear facilities;

licensing of activities in the field of atomic energy use;

issuance of permits for the right to conduct work in the field of the use of atomic energy to employees of facilities using atomic energy.

III. Structure and composition of AIS NRS

8. AIS NRS has a three-level structure. The first level of the system is the central office, the second level is the interregional territorial departments for supervision of nuclear and radiation safety of Rostekhnadzor (hereinafter referred to as the MTD NRS), the third level is the inspection departments of the MTD NRS.

9. AIS NRS hardware consists of:

a complex of special software tools, a hardware complex and an information database of the AIS NRS of the central office of Rostechnadzor;

complexes of special software tools, hardware complexes and information databases of the AIS NRS in the MTD NRS and the corresponding departments of inspections.

10. To ensure the protection of information in the AIS NRS, mechanisms have been implemented to differentiate the access rights of end users and protect against unauthorized access.

Each user of AIS NRS applied tasks can work only under his own name and password. The access of a particular user to information is determined by the functions performed by him within the system and is supported both at the database level and at the application menu level. The system supports the registration of information about the user and the date of his actions (changes, etc.) in the AIS NRS.

IV. Use and maintenance of AIS NRS

11. The Department for Safety Regulation of Nuclear Fuel Cycle Facilities, Nuclear Power Plants of Ships and Radiation Hazardous Facilities, Supervision of Accounting and Control of Nuclear Materials and Radioactive Substances and Physical Protection is responsible for:

for coordination of regulatory and methodological support and methodological guidance on the use and development of AIS NRS;

for methodological guidance and use of the AIS NRS in terms of performing state functions of supervising the system of state accounting and control of nuclear materials, supervising the system of state accounting and control of radioactive substances and radioactive waste, supervising the physical protection of radiation sources, radioactive substances, storage facilities , storage facilities for radioactive waste at radiation hazardous facilities and at nuclear facilities;

for methodological guidance and use of the AIS NRS in terms of issuing permits for the right to conduct work in the field of the use of atomic energy to employees of nuclear facilities in accordance with the competence of the Department.

12. The Department for Organizational Controlling and Licensing and Licensing Activities is responsible for the methodological guidance and use of the AIS NRS in terms of performing the state function of licensing activities in the field of atomic energy use.

13. Department for Safety Regulation of Nuclear Power Plants and Nuclear Research Installations for methodological guidance and use of AIS NRS in terms of issuing permits for the right to conduct work in the field of the use of atomic energy to employees of nuclear facilities in accordance with the competence of the Department.

14. In Rostekhnadzor, by order of the head, the structural unit authorized in the field of informatization is responsible for:

for the organization and control over the performance of work on the technical support of the operation of special software, hardware and the AIS NRS information database in the central office of Rostekhnadzor;

for the methodological guidance of technical support for the operation of AIS NRS hardware and software systems at MTU NRS;

for the administration and organization of providing access to information resources of the AIS NRS in the central office of Rostechnadzor.

15. MTD NRS are responsible for:

for the organization and control over the performance of works on technical support for the operation of special software, hardware complex and AIS NRS information database in the relevant ITD NRS and inspection departments;

for the appointment of persons responsible for maintaining applied tasks of the AIS NRS and performing their respective functions.

16. Department for Organizational and Controlling and Licensing Activities, Department for Safety Regulation of Nuclear Power Plants and Research Nuclear Installations, Department for Safety Regulation of Nuclear Fuel Cycle Facilities, Nuclear Power Plants of Ships and Radiation Hazardous Facilities, Supervision of Accounting and Control of Nuclear Materials and radioactive substances and physical protection are responsible within the central office of Rostechnadzor for the appointment of those responsible for maintaining applied tasks of the AIS NRS in the relevant structural unit and for the performance of their respective functions.

V. Entering information

17. To ensure the functioning of AIS NRS, timely input of the following reference information is required:

17.1. Directory "Licensing - Types of activities licensed by Rostekhnadzor";

17.2. Directory "Licensing - Categories of objects and objects of application";

17.3. Directory "Licensing - Permitted Activities";

17.4. Directory "Licensing - License status - Change reasons";

17.5. Directory "Licensing - License status - Reasons for change";

17.6. Directory "Organizations - Federal Districts";

17.7. Directory "Organizations - Subjects of the Federation";

17.8. Directory "Organizations - Directions of activity";

17.12. Directory "Inspection activity - Type of activity";

17.13. Directory "Inspection activity - category of violation";

17.14. Directory "Inspection activities - Direction of supervision";

17.15. Information on the registration of the organization in the system of state accounting and control of nuclear materials and / or in the system of state accounting and control of radioactive substances and radioactive waste "Organizations - System UK";

17.16. Information about the organization's registration in the physical protection system "Organizations - System FZ";

17.17. Directory "Permits - Categories of positions of employees";

17.18. Information in the section "Rostekhnadzor - Structure of Rostekhnadzor";

17.19. Information in the section "Rostekhnadzor - Transfer of RTN employees".

18. The department for ensuring organizational and control and licensing and permitting activities is responsible for entering information and keeping reference books No. 17.1 - 17.5 up to date;

the safety of nuclear power plants and nuclear research installations are responsible for entering information and keeping Directory No. 17.17 up to date;

MTD NRS are responsible for entering information and keeping up-to-date reference books 17.15 - 17.16 for the respective supervised organizations;

Structural subdivisions of the central office and MTU NRS of Rostechnadzor, which are responsible for organizing and monitoring the performance of work on technical support for the operation of special software, hardware and the AIS NRS information database, are responsible for entering information and maintaining up to date reference books No. 17.6, 17.7, 17.18 and 17.19.

19. Changes to reference books 17.1 - 17.19 are carried out by the relevant responsible persons within three days from the date of receipt of information about the need to make changes.

in the central office - in the Department for ensuring organizational-control and licensing-permitting activities;

in MTD NRS - in subdivisions that register and record information about supervised organizations.

at MTD NRS - in subdivisions collecting and summarizing reports on supervisory activities in the field of accounting and control of nuclear materials.

23. To ensure the AIS NRS application task of licensing activities in the field of atomic energy use, persons responsible for the timely input of information should be appointed:

at MTU NRS - in subdivisions involved in the consideration and issuance of licenses in the field of atomic energy use.

at MTU NRS - in the divisions involved in the consideration and issuance of permits for the right to conduct work in the field of the use of atomic energy to employees of nuclear facilities.

Entering information about the progress of consideration of the application, the examination, inspection, etc. carried out within two days from the date of receipt of the information.

VI. Data exchange

29. Data exchange in AIS NRS is organized between all three levels. Within the framework of the AIS NRS, it is possible to organize work with the information database in two ways:

work with the central information database AIS NRS of the central office of Rostechnadzor through a local network or dedicated communication channels;

work with the local information database of the AIS NRS of the MTU NRS or the inspection department.

30. Inspection departments of the ITD NRS, working with the local AIS NRS database, must upload data from the local database server of the inspection department and send the data in Microsoft Excel format to the corresponding MTD NRS. MTD NRS uploads data from the local databases of inspection departments to the local server of the AIS NRS database of the MTD NRS or to the central information database of the AIS NRS of the central office of Rostechnadzor.

34. Frequency of data exchange between local databases of inspection departments and MTD NRS is established by orders for the corresponding MTD NRS, but at least once a quarter.

36. MTD NRS should appoint a responsible unit, as well as persons personally responsible for data exchange in AIS NRS.

In accordance with the Federal Law "On Migration Registration of Foreign Citizens and Stateless Persons in the Russian Federation", the Government of the Russian Federation decides:

1. Approve the attached Regulations on the state information system of migration registration.

2. Determine that:

a) the state information system of migration registration is an interdepartmental automated system and is based on:

central data bank for registration of foreign citizens temporarily staying and temporarily or permanently residing in the Russian Federation, including participants State program to assist in the voluntary resettlement to the Russian Federation of compatriots living abroad;

automated records of address and reference divisions of the Federal Migration Service;

other information systems containing information about foreign citizens and stateless persons, whose operators, in accordance with the legislation of the Russian Federation, are state authorities and local governments;

b) The Federal Migration Service is a state customer and coordinator of work on the formation and maintenance of the state information system for migration registration;

c) the measures provided for by the Regulation approved by this resolution are carried out by the interested federal executive bodies within the established number and at the expense of the funds provided for their maintenance by the federal law on the federal budget for the corresponding year;

d) until the completion of the equipment of checkpoints across the state border of the Russian Federation by means of information transmission and communication lines, information about the crossing by foreign citizens and stateless persons of the state border of the Russian Federation is transferred to the state information system of migration registration in the manner determined by regulatory legal acts adopted jointly by interested federal executive authorities.

3. The Ministry of Internal Affairs of the Russian Federation to develop:

a) together with the Federal Migration Service and interested federal executive authorities:

the procedure for processing, transferring and destroying information (information) about foreign citizens and stateless persons contained in the state information system of migration registration (hereinafter referred to as information);

a model agreement that determines the procedure for information exchange of information;

b) together with the Federal Migration Service, the Ministry of Information Technologies and Communications of the Russian Federation, the Federal Security Service of the Russian Federation and the Federal Service for Technical and Export Control:

a regulatory legal act regulating the procedure for registering users and (or) information providers and connecting them to the state information system of migration registration;

regulatory legal acts and methodological documents regulating the use of technical and cryptographic means protection of information, attestation of informatization objects and regulating the work of the certification center of the state information system of migration registration.

4. The Federal Migration Service shall ensure:

together with the Ministry of Information Technologies and Communications of the Russian Federation, the integration of elements of the state information system of migration registration with the resources of a certification center that maintains a unified state register signature key certificates;

together with interested federal executive authorities, in accordance with their areas of responsibility, the creation of an automated information system that ensures the transfer of information to in electronic format for inclusion in the state information system of migration registration within the time limits established by parts 4 and 5 of Article 8 federal law"On Migration Registration of Foreign Citizens and Stateless Persons in the Russian Federation".

Prime Minister
Russian Federation
M. Fradkov

Regulations on the state information system of migration registration

I. General provisions

1. This Regulation, developed in accordance with the Federal Law "On Migration Registration of Foreign Citizens and Stateless Persons in the Russian Federation", determines the procedure for the formation and operation of the state information system for migration registration (hereinafter referred to as the information system), amendments to information (information ) about foreign citizens and stateless persons contained in the information system (hereinafter referred to as information), the procedure and period for their storage, the procedure for access to information, the procedure for their provision, use and protection, as well as the procedure for interaction of migration registration bodies with other federal executive bodies authorities, executive authorities of the constituent entities of the Russian Federation and local governments in order to effective use and data protection.

2. The goals of the information system formation are:

a) ensuring the national security of the Russian Federation and public security in the field of migration;

b) ensuring the rights and legitimate interests of citizens of the Russian Federation, as well as foreign citizens and stateless persons who are in the Russian Federation (hereinafter referred to as foreign citizens);

c) the formation of complete, reliable and up-to-date information on the movements of foreign citizens, necessary for assessing the migration situation on the territory of the Russian Federation, developing and implementing measures aimed at regulating migration processes on the territory of the Russian Federation.

3. The principles on the basis of which the information system is formed and operates are:

a) the use of information systems created in the prescribed manner to automate the accounting activities of interested state authorities and local governments;

b) the use of modern information technologies to ensure automated processing of information and its transmission via digital communication lines;

c) single entry and multiple use of information;

d) personal responsibility of officials of information exchange participants for the completeness and reliability of information, their timely transfer and change, as well as storage and destruction in the prescribed manner;

e) protection of information by using means of cryptographic and technical protection, including means of protection against unauthorized access;

f) the use of electronic digital signature means, when using which an electronic document containing information has legal significance and which makes it impossible to deny the fact of sending and (or) receiving information.

4. The Federal Migration Service, together with the interested federal executive authorities, creates a coordinating body in order to ensure coordinated actions to form an information system.

The chairman of this coordinating body is the director of the Federal Migration Service.

II. Information exchange participants

5. The operator of the information system is the Federal Migration Service.

6. Providers of information to the information system are the Ministry of Internal Affairs of the Russian Federation, the Ministry of Foreign Affairs of the Russian Federation, the Federal Security Service of the Russian Federation and the Federal Tax Service.

Other bodies of state power and bodies of local self-government may be the providers of information, if the said bodies are entrusted, in accordance with the procedure established by the legislation of the Russian Federation, with duties (authorities) for fixing (recording) information about foreign citizens and (or) submitting it to the migration registration bodies.

The information provider enters into an information exchange agreement with the information system operator in accordance with these Regulations.

7. Users of the information system are interested federal government bodies, their structural subdivisions, territorial bodies of federal executive bodies, government bodies of constituent entities of the Russian Federation, other government bodies and local self-government bodies, as well as organizations established in accordance with the legislation of the Russian Federation for the implementation of the tasks assigned to these state bodies and local self-government bodies.

Users of the information system may also be other organizations that are granted the right of access to information by federal law.

The user of the information system concludes with the operator of the information system an agreement on the information exchange of information in accordance with this Regulation.

8. The owner of the information is the Federal Migration Service.

The owner of the information submitted for inclusion in the information system is also the provider of the information.

9. Information providers, users and the operator of the information system are participants in the information exchange.

10. Providers of information process them using technical and software tools that allow for automated entry of information into the information system.

III. Ensuring the functioning of the information system

11. Ensuring the functioning of the information system is carried out by using standardized technical and software tools that have passed the appropriate verification and certification, common formats, credential classifiers, dictionaries, reference books and standard protocols in the manner determined by regulatory legal acts adopted jointly by the interested federal executive bodies.

12. The Federal Migration Service, together with the interested federal executive authorities, for the purpose of the functioning of the information system:

a) ensures, in accordance with the established scope of jurisdiction and the requirements of this Regulation, the transfer of information about foreign citizens for inclusion in the information system;

b) ensures uninterrupted operation using modern information technologies technical means information system;

c) carries out automated collection, storage, processing, generalization of information, as well as their presentation in the prescribed manner to users of the information system;

d) coordinates the activities of federal executive authorities, executive authorities of the subjects of the Russian Federation and local governments in the field of formation of databases containing information about foreign citizens;

e) supports data protection mode;

f) controls the formation of databases of the information system;

g) controls the information exchange of information between the participants in the information exchange.

13. Providers of information, in accordance with the established scope of authority and the requirements of this Regulation, provide automated collection, storage, processing, generalization, transfer of information to be included in the information system.

14. Users of the information system, in accordance with the established scope of authority and the requirements of this Regulation, ensure the receipt of information.

15. The Ministry of Internal Affairs of the Russian Federation, in accordance with the established scope of jurisdiction, uses the information and telecommunication networks of the internal affairs bodies of the Russian Federation in order to ensure the functioning of the information system.

16. The Federal Security Service of the Russian Federation, in accordance with the established scope of authority, determines the procedure for exercising control over the organization of ensuring the cryptographic and engineering security of the information system.

17. The Federal Service for Technical and Export Control, in accordance with the established scope of authority, ensures control over the use and operation of means of technical protection of information, as well as the certification of informatization objects that are part of the information system.

IV. Order of access to information

and their provision, as well as the interaction of migration registration authorities with other federal executive authorities, executive authorities of the constituent entities of the Russian Federation and local governments

18. Access of information exchange participants to information is carried out subject to the requirements of this Regulation, as well as restrictions on the use of information established by the legislation of the Russian Federation and subject to the use of software and hardware tools that allow identifying the person accessing the information.

19. Registration of users and providers of information and their connection to the information system is carried out in the manner established by the Ministry of Internal Affairs of the Russian Federation jointly with the Federal Migration Service and interested federal executive authorities.

20. Provision of information to the user of the information system is carried out in the amount corresponding to his authority in the established area of competence.

21. Provision of information to local governments and organizations that are not users of the information system is carried out to the extent and in cases determined by the Ministry of Internal Affairs of the Russian Federation jointly with the Federal Migration Service and interested federal executive authorities.

22. Providing a foreign citizen with access to information about him is carried out in accordance with the legislation of the Russian Federation. The amount of information provided to a foreign citizen is determined by the Ministry of Internal Affairs of the Russian Federation jointly with the Federal Migration Service and interested federal executive authorities.

23. The Federal Migration Service (its territorial bodies) and interested federal executive bodies (their territorial bodies), executive bodies of the constituent entities of the Russian Federation and local self-government bodies determine the units responsible for organizing the information exchange of information, as well as other information about foreign citizens, contained in their information systems and to be included in the information system.

24. The information exchange of information is carried out after the conclusion of the relevant agreement and the signing of the protocol on the information exchange of information between the participants in the information exchange.

25. The agreement on the information exchange of information between the operator of the information system and the provider of information must provide for the following provisions:

a) information exchange mode;

b) the procedure for information exchange of information, including between the territorial bodies and (or) structural subdivisions of the parties;

c) the rights and obligations of the parties;

d) conditions for the use of an electronic digital signature in the implementation of information exchange of information;

e) the procedure for permitting and (or) restricting access to information transmitted by the supplier;

f) the grounds and conditions for terminating the agreement.

26. The agreement on the information exchange of information between the operator and the user of the information system must provide for the provisions specified in subparagraphs "a" - "d" and "e" of paragraph 25 of these Regulations.

27. Technical and organizational requirements for information exchange of information, as well as the list and scope of information transmitted and received by participants in information exchange, are established by the protocol on information exchange of information in accordance with the procedure for registering users and providers of information and connecting them to the information system.

V. Ensuring the security of information

28. Ensuring the protection of data is carried out in accordance with the Council of Europe Convention for the Protection of individuals in the automated processing of personal data dated January 28, 1981, federal laws "On information, information technology and on the Protection of Information" and "On Personal Data", other federal laws and other regulatory legal acts.

29. The certification of the information system is organized by the Federal Migration Service.

Providers of information and users of the information system that are operators of other information systems containing information about foreign citizens organize the certification of the relevant information systems.

Certification of information systems is carried out according to information security requirements in accordance with the regulatory legal acts of the Federal Security Service of the Russian Federation and the Federal Service for Technical and Export Control.

30. In order to ensure the protection of information, the Federal Migration Service determines the structural unit responsible for organizing and carrying out measures to protect information.

31. Participants in the information exchange, when transmitting information using telecommunication networks, use certified means of cryptographic protection of information and means of electronic digital signature.

32. Handling and storage electronic documents contained in the information system, as well as their exchange is carried out using an electronic digital signature.

33. The levels and classes of the means of cryptographic information protection and other means of information protection are determined according to the model of information security threats and the actions of the intruder in the information system, approved by the Federal Migration Service in agreement with the Federal Security Service of the Russian Federation and the Federal Service for Technical and Export Control.

VI. The composition of information, the procedure and period of their storage, the procedure for making changes to information

34. The information system is formed on the basis of information recorded during the implementation of migration registration in accordance with Article 9 of the Federal Law "On Migration Registration of Foreign Citizens and Stateless Persons in the Russian Federation".

35. The information system includes information about foreign citizens, containing:

a) in central bank data on the registration of foreign citizens temporarily staying and temporarily or permanently residing in the Russian Federation, including participants in the State Program to Assist Voluntary Resettlement to the Russian Federation of Compatriots Living Abroad;

b) in automated records of address and reference divisions of the Federal Migration Service;

c) in other information systems containing information about foreign citizens, the operators of which, in accordance with the legislation of the Russian Federation, are state authorities and local governments.

36. The volume of information recorded in the course of migration registration in accordance with Article 9 of the Federal Law "On Migration Registration of Foreign Citizens and Stateless Persons in the Russian Federation", as well as the form of their inclusion in the information system, are determined by the Federal Migration Service in agreement with the federal authorities concerned executive power.

37. Storage of information after removal of a foreign citizen from the migration register is carried out for 5 years.

The grounds for and procedure for extending the specified period are determined by the Federal Migration Service in agreement with the federal executive authorities concerned, based on the purposes of using the information.

38. The procedure and period for storing information about foreign citizens in other information systems are determined by the operators of these information systems in accordance with the legislation of the Russian Federation.

39. If information is found to be unreliable, the operator of the information system ensures their change, if necessary, informs the providers of information and (or) users of the information system about this.

40. The provider of information, in case of establishing the unreliability of the information transmitted by him for inclusion in the information system, ensures that the relevant information is changed, if necessary, informs the operator and (or) users of the information system about this.

41. The user of the information system, in case of establishing the unreliability of information, informs the operator of the information system about this.

VII. Responsibility of participants in information exchange

42. Participants in the information exchange (their officials), in accordance with the legislation of the Russian Federation, are liable for damage caused through their fault as a result of:

a) incorrect or improper compilation of an electronic document;

b) disclosure and (or) transfer to third parties of information, passwords for access to information (including compromise of cryptographic keys and electronic digital signature keys);

c) loss, unauthorized destruction, alteration, correction of information, loss of data carriers;

d) committing other actions (inaction) that caused damage.

06.07.2020

Internet

The most interesting: