Decree No. 447 / 2024 Coll.
Order to ensure cryptographic protection of classified information and on certain elements of the request for the conclusion of an action contract
Valid
Order
Effective from 01.01.2025
Text versions:
01.01.2025
20.12.2024
Contents
ČÁST PRVNÍ
§ 1
§ 2
ČÁST DRUHÁ
§ 3
§ 4
§ 5
§ 6
ČÁST TŘETÍ
§ 7
ČÁST ČTVRTÁ
§ 8
§ 9
ČÁST PÁTÁ
§ 10
§ 11
ČÁST ŠESTÁ
§ 12
§ 13
§ 14
§ 15
§ 16
ČÁST SEDMÁ
§ 17
ČÁST OSMÁ
§ 18
§ 19
§ 20
§ 21
§ 22
§ 23
§ 24
§ 25
§ 26
§ 27
§ 28
§ 29
§ 30
§ 31
§ 32
§ 33
§ 34
§ 35
ČÁST DEVÁTÁ
§ 36
ČÁST DESÁTÁ
§ 37
ČÁST JEDENÁCTÁ
§ 38
§ 39
§ 40
Zobrazeno prvních 200 z celkem 367 ustanovení tohoto předpisu.
Zobrazit celý předpis →
Pro stažení celého znění použijte tlačítko Stáhnout výše.
447
DECLARATION
of 18 December 2024
on ensuring cryptographic protection of classified information and on certain elements of the request for the conclusion of an action contract
The National Bureau of Cyber and Information Security provides pursuant to Sections 44 and 53 (f) of Act No. 412 / 2005 Coll., on the Protection of classified information and on security competence, as amended by Act No. 255 / 2011 Coll., Act No. 420 / 2011 Coll., Act No. 205 / 2017 Coll. and Act No. 267 / 2024 Coll., (hereinafter "the Act '):
INTRODUCTORY PROVISIONS
Subject matter
(1) This decree regulates the ways and means of handling cryptographic material following the European UnionRegulation (1).
(2) This decree further regulates
(a) the particulars of the application for the professional examination;
(b) the organisation, content and method of carrying out the expert examination;
(c) the particulars of the certificate of specific competence;
(d) minimum requirements for ensuring the security management of cryptographic protection;
(e) the method of training for the operational operation of the cryptographic device and the courier of the cryptographic material and the model of the certificate of training for the operational operation of the cryptographic device and the courier of the cryptographic material;
(f) details of the way in which information relating to classified information in the field of cryptographic protection is classified, in particular by type of cryptographic material;
(g) the types and formalities of the cryptographic protection administrative equipment and the requirements for the management of such equipment;
(h) the content of the application for authorisation to export a certified cryptographic device from the Czech Republic and the particulars of the authorisation;
(i) the method of keeping the records referred to in Section 37 (5) of the Act;
(j) the categories of cryptographic workplaces, the types of activities at the cryptographic workplaces and the minimum security requirements;
(k) the conditions of protection of the cryptographic device and material to ensure its function under Article 41 (4) of the Act; and
(l) the particulars of the application for the conclusion of an activity contract under Section 52 of the Act, the purpose of which is to carry out a professional examination and issue a certificate of special competence, or part of the professional examination under Section 39 of the Act.
Definition of terms
For the purposes of this decree:
(a) a cryptographic consignment of cryptographic material equipped for transport, transported or delivered to the consignee at the place of destination until the end of its transport and its opening; and
(b) cryptographic key variable parameter necessary to ensure cryptographic protection using cryptographic methods.
DETAILS FOR DETERMINING THE EXPERT TEST
Forms of application for professional examination
The application for a professional examination shall contain:
(a) the name, surname and date of birth of the worker of the applicant entering the professional examination;
(b) a copy of the valid certificate of the natural person;
(c) the scope of the activities to be carried out for which the certificate of specific competence is to be issued; and
(d) the name, surname and signature of the person responsible in accordance with § 2 (e) of the Act.
Content, organisation and method of conducting the expert examination
(1) The expert examination is carried out in writing on the spot or in a distance or orally. The technical and safety characteristics of the cryptographic device and cryptographic protection legislation shall be verified in the expert test.
(2) The Trial Board shall be of three members and shall be composed of representatives of the National Office for Cyber and Information Security or of the designated authority of the State which verifies the specific competence.
(3) Only a cryptographic protection worker who holds a valid certificate of a natural person for at least the level of secrecy for which the professional examination is conducted, with a period of experience in cryptographic protection of at least 2 years, may be appointed as a member of the test committee. At least one of the members of the test committee shall be entitled to prepare a cryptographic protection worker.
(4) The examination committee shall act by a majority vote. The result of the professional examination shall be assessed by the degree "benefit 'or" benefit'. In the event that the worker applied for the professional examination has not benefited, the chairman of the examination committee shall inform the applicant of the reasons for the evaluation.
(5) A report shall be drawn up on the course of training and on the conduct of the professional examination. The report on the conduct of the expert examination shall be signed by all members of the examination committee. The time limit for its shredding shall begin to run from the expiry of the certificate of special competence or from the date on which the applicant who did not benefit was informed of the reasons for the assessment.
(6) If part of the professional examination is carried out on the basis of an activity contract pursuant to Paragraph 39 (3) (b) of the Act, that body shall issue a written proof of its outcome.
Requirements for certificates of specific competence
The certificate of specific competence shall include:
(a) the registration number of the certificate;
(b) the name, surname and date of birth of the holder of the certificate;
(c) the name and registered office of the authority of the State, the legal person referred to in Article 60b of the Act, the business name and registered office of the entrepreneur or the name, surname and registered office of the undertaking, the identification number of the person and the stamp;
(d) the definition of the scope of specific competence to exercise cryptographic protection;
(e) the date of issue and the period of validity of the certificate; and
(f) the name, surname and signature of the authorised representative of the certification body.
Forms of a request by a State authority, a legal person pursuant to Section 60b of the Act or an entrepreneur to conclude a contract to secure an activity
(1) The application for the conclusion of a contract with the National Office for Cyber and Information Security for the purpose of carrying out a professional examination and issuing a certificate of special competence, or part of a professional examination under Section 39 of the Act, contains:
(a) the number of the business certificate, indicating the appropriate classification level, if the applicant is an entrepreneur;
(b) the name and surname of the contact person of the applicant and the contact link which means at least his telephone number and e-mail address; and
(c) the specifications of the activities to be carried out under the contract of performance.
(2) The application referred to in paragraph 1 shall include:
(a) the definition of the required scope of the professional examination;
(b) proof of organisational, personnel, technical and material security for carrying out the professional examination or part of the professional examination; and
(c) the name, surname and signature of the responsible person or his authorised person or safety director of the applicant.
MINIMUM REQUIREMENTS FOR SECURITY MANAGEMENT OF KRYPTOGRAPHIC PROTECTION
(1) The minimum requirements of the security management of cryptographic protection for the purposes of this Decree shall be deemed to be the implementation of measures in the field of personnel, administrative and physical security and security of information or communication systems in the provision of cryptographic protection.
(2) Where the exercise of cryptographic protection is carried out with the authority of the State, the legal person or business operator in accordance with Article 60b, the security management of cryptographic protection referred to in paragraph 1 shall be determined by the responsible person or by the authorised person or the security director.
(3) The security management of cryptographic protection shall:
(a) an administrator of cryptographic material responsible for the safe storage of cryptographic material at the cryptographic site and for the recording of cryptographic material, administrative aids, records of cryptographic protection personnel, operational operators of cryptographic devices and couriers of cryptographic material;
(b) a cryptographic protection security administrator responsible for ensuring the safe implementation and control of cryptographic protection and for this purpose processing the relevant cryptographic protection security documentation; and
(c) a senior staff member who is a senior officer of the cryptographic protection officer and who is the result of his / her work assignment.
(4) For AIFMs referred to in paragraph 3 (a) and (b), substitutability must be ensured in a given role.
DETAILS FOR THE INSURANCE OF CRYPTOGRAPHIC OPERATIONS
Installation and operation of cryptographic equipment
(1) Where the installation or service of a cryptographic device requires the presence of the worker of the manufacturer of the cryptographic device or his authorised representative, such activities shall only be carried out in conjunction with the worker performing the special operation of the cryptographic device.
(2) For the purpose of carrying out records of the use of a cryptographic device, the operating log of the cryptographic device shall be used, which shall be kept in paper form. If authenticity and integrity are ensured, the operating log of the cryptographic device may be kept electronically.
(3) The provisions of Paragraph 17 (3) shall apply mutatis mutandis for the issue and modification of the cryptographic device's operating diary prior to its entry into use.
(4) The operating log of the cryptographic device shall be marked in an appropriate place with a security level and a registration number. The additional description of the cryptographic device "KRYPTO 'shall be made in accordance with the cryptographic device certification report.
Manufacture and use of materials to ensure the functioning of cryptographic equipment
(1) The production of key material and password material must be carried out by an authorised personnel performing special operations at a cryptographic site for the production of key material and password material. In order to do this, a cryptographic protection worker shall hold a valid certificate of specific competence indicating the authorisation to manufacture key material and password material.
(2) The material to ensure the functioning of the cryptographic device and the requirements for its use shall be determined by the certification report of the cryptographic device.
(3) Where a material operating log is required to ensure the operation of a cryptographic device, paragraphs 2 to 4 of Section 8 shall apply mutatis mutandis.
METHOD OF EXAMINATION OF THE WORKER OF THE OPERATING COMPETITION OF THE CYPRUS GRAPHIC ENVIRONMENT AND THE CHURY OF THE CYPRUS GOODS
Operation of cryptographic device
(1) For the cryptographic device for which the operating operator is required, the security administrator of the cryptographic protection or the person appointed by the Security Director shall provide training for the operator of the operating equipment. Upon completion of the training, the training body shall issue the trained person with a certificate of training for the operator of the cryptographic device. Further training shall be carried out with substantial changes in the operation of the cryptographic device.
(2) The model certificate of training the operator of the cryptographic device is set out in Annex 1 to this Decree. If the authenticity and integrity of the document is ensured, the training certificate may also be maintained in electronic form.
(3) For a cryptographic device which, according to a cryptographic certification report, is simultaneously an end device of a communication or information system and for which the performance of its user functions is part of the end-device operator of a communication or information system user, an operating operator may not be required. Where the requirements for the operation of such a cryptographic device are incorporated into the documentation of the communication or information system governing its operation, the user shall be trained to operate the cryptographic device within that communication or information system.
Cryptographic material courier
(1) The security administrator of cryptographic protection provides training for the courier of cryptographic material. After the training has been completed, the training body shall issue a certificate to the trained person for the training of the cryptographic material courier and instructions for the cryptographic material courier. Further training shall be carried out with substantial changes in ensuring the safe transport of cryptographic material.
(2) The model certificate for the training of the cryptographic material courier is set out in Annex 2 to this Decree. If the authenticity and integrity of the document is ensured, the training certificate may also be maintained in electronic form.
DETAILS OF ELIGIBILITY FOR DESIGNATION OF IMPLEMENTED INFORMATION FROM THE AREA OF CRYPTOGRAPHIC PROTECTION AND METHOD OF EVIDENCE
Labelling of cryptographic device and material to ensure the functioning of cryptographic device
(1) A cryptographic device and material to ensure its function distributed to the Czech Republic from the North Atlantic Treaty Organisation or the European Union or from its Member States, marked with the text "CCI" or the designation "Controlled Cryptographic Item" shall be regarded as a controlled cryptographic item and a cryptographic device distributed to the Czech Republic from the Member States of the North Atlantic Treaty Organisation or the European Union marked with the text "CI" or "Controlled Item" shall be considered a controlled item.
(2) The labelling of a cryptographic device, including "CCI" or "Controlled Cryptographic Item" or "CI" or "Controlled Item" is regulated by its certification report.
(3) The designation of classified key material and metadata associated with the key material shall include, in particular, the classification level, the identification data for registration purposes, the validity and identification of the key material. The designation of the key material shall include the word "KRYPTO 'at the same time.
(4) The label of the classified password material and the metadata associated with the password material shall include the classification level and the registration data specified by the manufacturer of the password material.
(5) A material to ensure the functioning of a cryptographic device which does not include the material referred to in paragraphs 3 and 4 shall contain identification data for the purposes of recording.
(6) The key-derived password material and the key material which is operated in an approved testing or training mode shall be marked with a classification level or a "N" mark according to the cryptographic certification report and the additional "N" mark.
The requirements of the cryptographic document in paper form
(1) The cryptographic document in paper form shall bear the name of the authority of the State, the legal person referred to in Article 60b of the Act, the business firm or the name of the entrepreneur or the name, surname and registered address of the entrepreneur at which the classified document was created, the reference number, the designation "KRYPTO ', the date of formation, the number of copies, the number of classified and non-classified annexes in paper form and, where applicable, the number and type of classified and non-classified annexes in non-paper form. Other necessary information may also be indicated on the classified document.
(2) The number of copies, the number of sheets, the number of classified and non-classified annexes and the number of their sheets shall be indicated on the front page of the first sheet in accordance with the model in Annex 3 to this Regulation. The designation "KRYPTO 'shall be marked at the top and bottom of each side of the cryptographic document after the classification and in the" K' number given for the year of assignment of the number of the negotiating cryptographic document and a separate slash. The number of annexes in paper form and the number of their sheets shall be expressed by a fraction, the numerator of which shall be the number of annexes and the denominator of the total number of sheets of annexes. The sheets or pages of the cryptographic document in paper form shall be numbered continuously. The sheets or pages of the classified annexes shall be numbered separately. The sheets of the cryptographic document and the sheets of each classified annex in paper form shall be stapled or otherwise fixed.
(3) The Annex is identified by its own serial number and the number of the working cryptographic document. The classification level of each classified annex shall be the same as that of the cryptographic document. The classified annex shall bear the name of the authority of the State or legal person referred to in Article 60b of the Act, the name of the firm or the name of the entrepreneur or the name, surname and registered address of the entrepreneur to whom the classified annex was established, the degree of secrecy and the date of origin. The classified annex shall have its own number and number of sheets. The handling of a cryptographic document containing annexes to different levels of secrecy shall be subject to the highest level of secrecy. The disconnected attachment shall be handled according to its classification level.
(4) The Annex, which is marked with a registration number, is registered on the registration card, in the register book or in other administrative aids as provided for in Article 17 (2). The Annex shall be registered and sent under the records of the originator of the cryptographic document in paper form. This shall be indicated in the accompanying letter.
Reference and registration number of the cryptographic document
(1) The reference cryptographic document number consists of:
(a) abbreviation of the classification level for the classification level
1. Top secret abbreviation "PT,"
2. Secret abbreviation "T."
3. Confidential abbreviation "D,"
4. Excluded abbreviation "V,"
(b) the order number of the Protocol; in the case of use of a collection sheet, the coupling and the serial number of the collection sheet shall be marked after the order number of the Protocol,
(c) the slash and the year in which the serial number was assigned;
(d) slash and abbreviation "K"; and
(e) other particulars or features established by the State authority, by a legal person under Section 60b of the Act or by an entrepreneur, separated by a liaison.
(2) The registration number of the cryptographic document consists of:
(a) the registration number;
(b) the liaison and registration card number, which is the number of the line from the registration card register;
(c) the slash and the serial number of the card from the register of registration cards; and
(d) any other information or characteristics established by a State authority, a legal person under Paragraph 60b of the Act or an entrepreneur, separated by a liaison; the particulars or characters must be marked in such a way that there is no confusion between the reference number and the registration number.
Requires cryptographic document in non-paper form
The cryptographic document in non-paper form or on its descriptive label or in any other appropriate way shall bear the name of the authority of the State, the legal person under Article 60b of the Act, the business name or name of the entrepreneur or the name, surname and registered office of the entrepreneur, the date of creation, the reference number of the cryptographic document, or, where applicable, the annex to the number of the acting cryptographic document in paper form, or the registration number under which the cryptographic document is registered in non-paper form in the administrative documents referred to in Article 17 (1) (a), the classification level and the designation "KRYPTO '.
Means of keeping records
The records of cryptographic material, cryptographic protection workers, operational operators of cryptographic products and couriers of cryptographic material shall be kept in the administrative aids of cryptographic protection.
SPECIES AND SUPPLIES OF ADMINISTRATIVE SUPPLIES FOR CRYPTOGRAPHIC PROTECTION AND REQUIREMENTS FOR THEIR LEADER
Administrative aid for cryptographic protection
(1) For the purposes of the registration, transmission, acceptance and recording of movement of cryptographic material, administrative aids, cryptographic protection personnel, operational operators of cryptographic equipment and couriers of cryptographic material, the administrative equipment of cryptographic protection shall be used:
(a) a registration card for the registration of cryptographic devices, materials to ensure the functioning of the cryptographic device, cryptographic protection personnel, operators of the cryptographic device, couriers of cryptographic material and operational documentation;
(b) the register of registration cards for registration cards;
(c) a register for the registration of cryptographic material, administrative aids, operational documentation and auxiliary records;
(d) a protocol for the registration of a cryptographic document; The Protocol shall contain entries in accordance with the model set out in Annex 1 to the Ordinance governing administrative security and classified information registers,
(e) an auxiliary protocol for recording the movement of a cryptographic document within a State authority, a legal person under Section 60b of the Act or an entrepreneur; the auxiliary protocol contains items in accordance with the model set out in Annex 2 to the Ordinance governing administrative security and the classified information registers;
(f) a handbook for recording a cryptographic document when receiving and transmitting a document by the person who produces it or who has been transmitted it; The handling book shall include items in accordance with the model set out in Annex 3 to the Ordinance governing administrative security and classified information registers,
(g) a delivery book for recording the transmission of a cryptographic document outside the authority of the State, a legal person under Section 60b of the Act or an entrepreneur; the delivery ledger contains items in accordance with the model set out in Annex 4 to the Ordinance governing administrative security and classified information registers,
(h) a lending book for the recording of loans of a stored cryptographic document; the loan book contains items in accordance with the model set out in Annex 5 to the Order governing administrative security and the classified information registers;
(i) a checklist of the cryptographic document from the confidentiality level Confidential including, for keeping an overview of the persons who have become familiar with the contents of the cryptographic document; the control sheet contains the items in accordance with the model set out in Annex 6 to the Decree governing administrative security and the classified information registers; and
(j) a collection sheet for the extension of the record in the Protocol in the case of registration of more than one number of cryptographic documents; the collection sheet shall contain items in accordance with the model set out in Annex 7 to the Ordinance governing administrative security and the classified information registers.
(2) Models of administrative aids referred to in points (a) to (c) of paragraph 1 shall be published by the National Cyber and Information Security Authority on its website. In justified cases, an additional administrative aid may be used instead of the aid referred to in points (a) to (c) of paragraph 1, but shall contain all the items of the aid which it replaces.
(3) The administrative documents shall indicate the name of the authority of the State or legal person referred to in Article 60b of the Act, the business name or the name of the entrepreneur or the name and surname of the undertaking or the stamp containing these particulars, the registration number, the date of registration and the signature of the responsible person or the security director. The person in charge of the administrative assistance may not be the same as the person in charge of the signature.
(4) The administrative aids referred to in points (b) to (h) of paragraph 1 must be adjusted before being taken into use by continuously numbering and stitching their leaves. On the inside of the boards, the ends of the stitching shall be glued, the stamp bearing the name of the authority of the State, the legal person referred to in Article 60b of the Act, the business firm or the name of the entrepreneur, or the name and surname of the trading natural person, exceeding the edge of the adhesive, shall be stamped and the signature of the person responsible or his authorised person or the security director or his authorised person, and the date of secondment to use. The person in charge of the administrative assistance may not be the same as the person in charge of the signature.
(5) The classified administrative aid for cryptographic protection shall be classified in an appropriate place, marked "KRYPTO 'and the registration number.
(6) The non-classified administrative aid for cryptographic protection must bear the designation "KRYPTOGRAPHIC PROTECTION" and the registration number in an appropriate place. Only a cryptographic protection worker can become familiar with the content of this administrative aid; an operating operator of a cryptographic device, a courier of cryptographic material or a natural person under Section 41 (3) of the Act can only become familiar with its content if it is strictly needed for the performance of its activities.
(7) The administrative aids referred to in paragraph 1 (a) to (e) may be kept in electronic form. An electronic file service system which complies with the requirements of the Archiving and File Service Act and is part of an information system enabling the handling of classified information requiring a special loading regime and marked with the text "KRYPTO 'may be used for the conduct of the Protocol.
BLIGHTING REQUIREMENTS FOR THE METHOD AND ENVIRONMENTAL MANAGEMENT WITH CYPRYTOGRAPHIC MATERIALS
Registration of cryptographic device and material to ensure the functioning of cryptographic device
The cryptographic device and the material to ensure the functioning of the cryptographic device shall be recorded in the records or in the records.
Registration of cryptographic document and document containing classified information from the field of cryptographic protection
(1) A paper-based cryptographic document delivered or emerging shall be recorded in the Protocol of Procedure in accordance with the guidelines set out in Annex 1 to the Ordinance governing administrative security and the register of classified information, unless otherwise provided for in that Decree. For further manipulation of the cryptographic document, it can be reregistered in the administrative equipment of cryptographic protection for its registration.
(2) The delivered or emerging cryptographic document in non-paper form, bearing the registration number, shall be registered on the registration card, in the register book or in other administrative tools intended for its registration, as the case may be.
(3) The cryptographic document delivered is also a cryptographic document taken by the recipient outside the premises of a State authority, a legal person under Section 60b of the Act or an entrepreneur at an official hearing or when carrying out an inspection. For the transmission of this cryptographic document, the conditions laid down for the transmission of cryptographic material pursuant to Paragraph 30 shall be met and, after its transfer, it shall be transmitted without delay for registration to the authorised official.
(4) An emerging document containing classified information from cryptographic protection in non-paper form shall be recorded in the Protocol of Procedure in accordance with the instructions set out in Annex 1 to the Ordinance governing administrative security and classified information registers. For further manipulation of this document, it can be reregistered as an administrative aid for cryptographic protection intended for its registration. The transmission of such a document shall take place subject to the conditions laid down in Paragraph 25 (5).
(1) A paper-based cryptographic document shall bear:
(a) the name of the consignee;
(b) the date of registration;
(c) the number of the beneficiary's reference cryptographic document;
(d) the number of sheets; and
(e) the number of annexes or the number of volumes of annexes and the number of their sheets; for non-paper annexes, their number and species.
These particulars may be stamped.
(2) For the purpose of recording the movement of a cryptographic document in an organisational component of a State body, a legal person under Section 60b of the Act or an entrepreneur who does not conduct a protocol, a State authority, a legal person under Section 60b of the Act or an entrepreneur may establish an auxiliary protocol. The cryptographic document shall be entered in the Assistant Protocol under the assigned serial number of the Protocol.
(3) Whoever creates or takes over the cryptographic document records it in the assigned manipulation book. The record shall be made without delay after the receipt of the cryptographic document or the allocation of the reference number for the emerging cryptographic document. A cryptographic document which has been taken over outside the premises of a State authority, a legal person pursuant to Section 60b of the Act or an entrepreneur at an official hearing or when carrying out an inspection shall also be recorded in the Handbook.
(4) At the end of the calendar year, the Protocol shall be concluded by underlining the whole of the last registration, thereby terminating the allocation of the numbers acting in that year. A record of the number of negotiating numbers used, signed by the authorised staff member and the senior staff member pursuant to Paragraph 7 (3) (c), shall be entered under the underlining.
(5) A cryptographic document whose classification level has been changed or the classification level deleted and the designation "KRYPTO" is still recorded in the administrative aids for cryptographic protection provided for in Article 19 (1) or (2).
Printing of a cryptographic document in paper form
(1) The cryptographic document shall be drawn up in the number of copies shown in the division. Those who produce a paper shall immediately destroy defective copies, copies which are not shown in the box and drafts of non-approved copies.
(2) A partition and a record for storage shall be drawn up on the copy of the cryptographic document that is intended for storage. The model of the distribution and storage record is set out in Annex 4 to this decree.
Recording of notes containing classified cryptographic protection information
Notes containing classified cryptographic protection information shall only be recorded in a notebook or book which has been modified in accordance with Article 17 (5) or in a certified information system before being taken into use. Such a notebook or book shall be transmitted and stored mutatis mutandis as a cryptographic document of the same level of secrecy.
Copy, copy, translation and extract
(1) A copy, copy, translation or extract of a cryptographic document of a classified grade of Top Secret or Secret may be made only on the written consent of the originator of the cryptographic document. The written consent shall include the reference or registration number of the cryptographic document, the number of copies, the reason for the copy, the name, the surname and the signature of the person who granted the consent and the date on which the consent was granted. Written consent shall be deposited with the original of the cryptographic document pending its elimination.
(2) A copy, copy, translation or extract from a cryptographic document classified in the Confidential or Reserved State may be made out only with the written consent of the manager referred to in Article 7 (3) (c), as indicated in that document. In the case of an extract from a cryptographic document in non-paper form, written consent shall be drawn up on a separate sheet.
(3) The cryptographic document from which the copy, copy, translation or extract is made shall bear the date of the copy, the number of copies, the reason for the copy, the name and surname of the person who gave the consent, the name, surname and signature of the person who made them.
(4) A copy or a copy of the cryptographic document shall appear on the upper part of the front of the first sheet marked "OPIS 'or" COPY' and shall indicate the serial number of the copy drawn up or a copy of the cryptographic document. If the number of copies or copies does not agree with the number of original sheets, the actual number of copies or copies shall also be indicated on the copy or copy.
(5) An extract from a cryptographic document containing classified cryptographic protection information shall be made only in the notebook or book or certified information system referred to in Section 22.
Transmission of cryptographic material
Contents
ČÁST PRVNÍ
§ 1
§ 2
ČÁST DRUHÁ
§ 3
§ 4
§ 5
§ 6
ČÁST TŘETÍ
§ 7
ČÁST ČTVRTÁ
§ 8
§ 9
ČÁST PÁTÁ
§ 10
§ 11
ČÁST ŠESTÁ
§ 12
§ 13
§ 14
§ 15
§ 16
ČÁST SEDMÁ
§ 17
ČÁST OSMÁ
§ 18
§ 19
§ 20
§ 21
§ 22
§ 23
§ 24
§ 25
§ 26
§ 27
§ 28
§ 29
§ 30
§ 31
§ 32
§ 33
§ 34
§ 35
ČÁST DEVÁTÁ
§ 36
ČÁST DESÁTÁ
§ 37
ČÁST JEDENÁCTÁ
§ 38
§ 39
§ 40
Sign in for notes, favorites and notifications
Regulation Information
| Citation | Decree No. 447 / 2024 Coll., on ensuring cryptographic protection of classified information and on certain elements of the application for the conclusion of a contract of employment |
|---|---|
| Regulation Type | Order |
| Author | - |
| Collection | Code of Laws |
| Date of Promulgation | 20.12.2024 |
|---|---|
| Effective from | 01.01.2025 |
| Effective until | - |
| Status | Valid |
Public Contracts 2
VZMR - Servis zařízení SINA II
Česká republika - Ministerstvo obrany
L2K spol. s r.o.
96 389 CZK
13.10.2025
Opravy a servisní práce na kryptografických prostředcích
Česká republika - Ministerstvo obrany
ATS-TELCOM PRAHA a.s.
2 000 000 CZK
11.04.2025
Source:
Hlídač státu
(CC BY 3.0 CZ)
The regulation text is for informational purposes only.
Comments 0