Decree No. 19 / 2008 Coll.
Decree amending Decree No 528 / 2005 Coll., on physical safety and certification of technical means
Valid
Order
Effective from 15.02.2008
Text versions:
15.02.2008
05.02.2008
19
DECLARATION
of 25 January 2008
amending Decree No 528 / 2005 Coll., on physical safety and certification of technical means
According to Articles 33 and 53 (a), (c), (d), (f) and (j) of Act No 412 / 2005 Coll., on the protection of classified information and on the security capability of:
Decree No 528 / 2005 Coll., on physical safety and certification of technical means, is amended as follows:
1. In Article 2, at the end of point (l), the dot is replaced by a comma and the following point (m) is added:
"(m) the attacker is a natural person who operates in order to overcome technical means and other obstacles to the protection of classified information.";
2. In Article 3, the following paragraph 7 is inserted after paragraph 6:
"(7) In order to ensure the protection of security areas of the Category Reserved, certified or uncertified technical means shall be used. ';
Paragraphs 7 to 11 shall be renumbered paragraphs 8 to 12.
3. In Article 3 (8), the words "Confidential and higher categories' shall be inserted after the words" Secured areas'.
4. Paragraph 3 (9) reads as follows:
"(9) The classified information shall be stored in a secure area, or in a storage facility where its point value is applied in a physical security project for the relevant secure area. ';
5.
Security of technical equipment
(1) A technical device containing classified information of a confidential level shall be stored in a secure area. The boundaries of this secured area and its classification in the relevant category and class shall be determined by the operator of the building. Object boundary is defined by the object operator.
(2) The security of the secured area and the boundaries of the premises referred to in paragraph 1 is ensured by a combination of physical security measures pursuant to paragraphs 3 to 10 or Article 3 (2).
(3) The scope and manner of use of technical means and other obstacles to the protection of classified information in technical equipment are defined by the operator of the premises in such a way as to ensure that security guards are informed of the breach by the attacker and to slow it down on the way to classified information in the technical equipment.
(4) Certified and non-certified technical means may be used to ensure the protection of the secured area and the building referred to in paragraph 1. As a rule, the most durable technical means shall be placed closest to the technical equipment.
(5) For the surveillance of a technical facility containing classified information of a confidential level, a type 4 security or higher shall be established in accordance with Annex 1 to this Regulation. For the surveillance of a technical device containing classified classified information of a classified classification level, type 4 security shall be established with regular rounds at intervals of no more than 4 hours or with a security level higher than that specified in Annex 1 to this Regulation. For the surveillance of a technical device containing classified information of a classified classification grade, a type 5 security as set out in Annex 1 to this Regulation shall be established.
(6) The object operator shall set time limits for the surveillance that must be complied with when intervening against the attacker on the basis of the number and type of individual technical means and other obstacles that the attacker must overcome when travelling to classified information in the technical equipment.
(7) The breach of security against the attacker shall be carried out by at least two natural persons at any point in the object or security area where the protection of classified information has been compromised in a technical facility or the announcement of an alarm or emergency signal without weakening the protection of classified information at another location.
(8) The security guard shall intervene against the attacker within the time limit set by the operator of the object in accordance with paragraph 9 in order to prevent the attacker from obtaining classified information in the technical equipment. The time limits laid down must be regularly reviewed and adjusted on the basis of new facts.
(9) The time limits are specified by the object operator in the physical security project. In this case, the table for the assessment of physical security measures in the secured area set out in Part 14.3.1 of Annex No 1 to this Decree is not processed.
(10) The physical security project of the secured area in which technical installations are stored shall be approved by the responsible person or by the Security Director.
(11) In cases where the technical equipment is secured in accordance with Paragraph 3 (2), point values of the technical equipment are set out in Annex 1 to this Decree. ';
6. In Article 8 (2), the words "secured areas, areas of procedure and storage facilities" shall be replaced by the words "areas of procedure, as well as a secure area and storage facility where classified information is stored at a level of classified classification reserved which requires a special treatment regime, and classified information at confidential or higher level,";
7. In Paragraph 8, the following paragraph 3 is inserted after paragraph 2:
"(3) The key handling and identification data regime for the secure area and the storage facility where classified classified information is stored shall be determined by the object operator. ';
Paragraphs 3 and 4 shall be renumbered paragraphs 4 and 5.
8. In Annex No 1, the following point 1.1.10 is inserted after point 1.1.9:
| „1.1.10. Úschovný objekt typ 0: | |
| S1 = 0 bodů |
The Type-0 storage object is a solid construction (e.g. box, office furniture) and is equipped with a lock that is locked. They shall not show signs of damage or wear which would make it impossible to identify attempts at unauthorised entry. The Type-0 storage object is not certified by the Office.
Compliance of the properties of these storage objects with the above requirements is confirmed by the operator of the object in the physical safety project. "
9. In Annex No 1, the following point 2.1.5 is inserted after point 2.1.4:
| „2.1.5. Zabezpečená oblast typ 0: | |
| SS3 = 0 bodů |
Walls, penetrable holes, floors and ceilings are light construction structures made of materials such as:
- drywall,
- light brick construction,
- wood, particle board,
- plastic hardened materials,
- profiled or corrugated sheet,
- glass.
The leakage holes need not be secured by mechanical means which provide the same degree of resistance as the remaining parts of the safety area type 0, but must allow for control of movement of persons and vehicles.
Mechanical devices shall not show signs of damage or wear which would make it impossible to identify attempts at unauthorised entry.
Compliance with the above requirements is confirmed by the operator of the building in the physical safety project. '
10. In Annex No 1, the following point 2.2.5 is inserted after point 2.2.4.:
| „2.2.5. Uzamykací systém typ 0: | |
| SS4 = 0 bodů |
Type-0 locking system not certified by the Office. '
11. In Annex No 1, the following point 3.5 is inserted after point 3.4:
| „3.5. Objekt typ 0: | |
| S3 = 0 bodů |
The object has a visibly defined border within which there is a possibility of checking individual persons and vehicles. '
12. In Annex 1, in the note to point 5.1, the sentence "Where a technical device containing classified information is stored in a secure area under Section 5 of the Decree, the security intervention shall be carried out within the time limit set by the operator of the premises (Section 5 (9)), irrespective of the location of the permanent surveillance post. '
13. In Annex 1, point 11, including the title, shall read:
'11. CONDITIONS FOR THE USE OF TECHNICAL EQUIPMENT AFTER THE PERIOD OF THEIR CERTIFICATES
Upon expiry of the certificate, the technical means of protecting classified information shall not be acquired and redeployed.
This technical means may continue to be deployed only if it is demonstrated that it has been acquired and deployed during the period of validity of the certificate with the same authority of the State, legal person or business natural person for whom further deployment is carried out. its further deployment is further conditional on the performance of a functional test of the technical device at the date of deployment; a record of the result of the functional test shall be stored with the operator of the object.
Upon expiry of the certificate, the technical means may be used provided they are fully functional. This shall be verified by a functional test. In the case of mechanical means and equipment for the physical destruction of information, the functional test shall be supported by a registration signed by the operator of the object or by a person authorised by it. For other technical devices, the functional test shall be demonstrated by the test protocol or by the record in the operating book. The time intervals are set out in Section 10 of the Decree. '
14. In Annex 1, point 12.1, the fourth table reads:
| „ZABEZPEČENÁ OBLAST KATEGORIE Vyhrazené sloužící k ukládání utajované informace, která vyžaduje zvláštní režim nakládání (např. KRYPTO) | |
| Povinné: (S1) + (S2) + (S3) | 2 |
| Nepovinné : (S4) + (S5) + (S6) | 1 |
| Celkový výsledek | 3“. |
15. In Annex 1, point 12.1, the following table is inserted after the fourth table:
| „ZABEZPEČENÁ OBLAST KATEGORIE Vyhrazené |
| S1 = Úschovný objekt typu 0 |
| S2 = Zabezpečená oblast typu 0 a Uzamykací systém typu 0 |
| S3 = Objekt typu 0“. |
16. In Annex No 1, in the footnote to point 12.1, after the text "Designated object, a secure area may only be used for activities related to the protection of classified information by one authority of the State, legal or business natural person. ', a new text" For a secure area of category Reserved - only one of the specified conditions (S1), (S2) or (S3) need not be implemented on a separate line. Where the boundaries of the secured area and the object are identical, the measures laid down for the secure area shall be implemented; in this case, it shall no longer be permitted not to implement measures on the storage facility.';
17. In Annex No 1, in the note to paragraph 12.1, the sentence "Only one of the values (S1), (S2) or (S3) may be equal to 0. 'is replaced by the following:" For a security area of the category Reserved to store classified information requiring a special loading regime and for a secure area of the category Confidential and higher - only one of the values (S1), (S2) or (S3) may be equal to 0.'
18. in Annex 1, the heading of point 13.2.3 reads: "13.2.3. Data carrier shredding '.
19. in Annex 1, paragraph 13.2.3, the words "Requirements for the destruction of disks and compact disks:
- the requirements for equipment intended solely for the physical destruction of disks and compact disks, for all classification grades: 'shall be replaced by:
"Requirements for equipment intended solely for the physical destruction of disks and compact disks, for all classification levels:
| 13.2.4. Skartace nosičů dat typ PC: | |
| bez bodového hodnocení“. |
20. in Annex 1, paragraph 13.2.3, the words "- requirements for the destruction of magnetic tapes, memory chips and hard drives:" shall be replaced by the words:
"Requirements for the destruction of magnetic tapes, memory chips and hard drives:
| 13.2.5. Skartace nosičů dat typ PC1: | |
| bez bodového hodnocení“. |
21. In Annex No 1, in the heading of Part 14, after the word "SAFETY ', the words" IN CASES WHERE IN A GUIDELINE IS INCLUDED IN A SECRETARY CATEGORY OF CONFIDENTIAL AND HIGHER' shall be inserted after the word "SECURITY '.
22. In Annex 1, Part 14, the note to point 14 is deleted.
23. In Annex 1, Part 15 is added after Part 14, including the title:
PHYSICAL SAFETY PROJECT STRUCTURE IN CASES WHERE PROTECTED CATEGORIES OF CATEGORIES ARE FULFILLED
15.1. DETERMINATION OF OBJECTS, SECURITY AREAS INCLUDING THEIR BORDERS AND CLASS OF SECURITY AREAS
† Establishment of building boundaries (location on site / building, entrances, window height, permanent security post).
To draw the object border into the drawing section of the physical safety technical documentation (Annex 15.2).
· Determination of secure areas located in the building and their class. It is necessary to distinguish between classified information storage, information system workplaces, permanent presence of workers or combinations of these types.
† Determination of the boundaries of the secured areas (location in the building, wall strength, inputs, height of the lower edge of penetrable openings above the surrounding terrain) and draw in the drawing section of the Technical Documentation of Physical Safety (clause 15.2. of the Annex).
15.2. TECHNICAL DOCUMENTATION OF PHYSICAL SECURITY
This documentation shall be broken down into the following parts:
‡ Drawing documentation which includes, in particular, the marking of the building boundary, the boundaries of the individual security areas and the deployment of technical means to protect classified information in the building and the security areas.
Does the technical means include, in particular, an enumeration (name, number and, in the case of multiple types of one type of technical device and location) and basic data:
(a) Certified technical means - copies of the certificate and annex from the installation time (if not annexed, type and evaluation of the technical means).
(b) Uncertified technical means - registration of conformity assessment from the installation time (specify the specification and the method of use).
† Verification of the functionality of technical means under the conditions laid down by the operator of the building.
Note to paragraph 15:
In the case of a secure area where classified classified information is stored at a level reserved which requires a special loading regime, the table for the assessment of the physical security measures of the secured area shall be further processed in accordance with point 14.3.1. ';
Efficacy
This Decree takes effect on 15 February 2008.
Director:
Ing.
Sign in for notes, favorites and notifications
Regulation Information
| Citation | Decree No. 19 / 2008 Coll., amending Decree No. 528 / 2005 Coll., on physical safety and certification of technical means |
|---|---|
| Regulation Type | Order |
| Author | - |
| Collection | Code of Laws |
| Date of Promulgation | 05.02.2008 |
|---|---|
| Effective from | 15.02.2008 |
| Effective until | - |
| Status | Valid |
The regulation text is for informational purposes only.
Comments 0