RIA inspects the implementation of security measures:
- on the information systems of state and local government agencies,
- on the information systems of providers of essential and vital services,
- on the information systems of providers of telecommunications services,
- on the information systems of providers of digital services,
- on the information systems of providers of trust services,
- on the information systems of other organisations listed in legislation.
In order to improve supervision, we work with the other areas of RIA’s cyber security branch and with other organisations.
If necessary, we advise the owners of information systems regarding the established requirements during supervision.
In supervision, we rely on the following legislation:
Pursuant to the Public Information Act », we ensure that the administration of databases is in accordance with the law, other legal acts, and technical requirements. In accordance with section 439 of the Act, the use of support systems for the maintenance of the state information system is mandatory upon the maintenance of all state and local government databases.
Pursuant to the Emergency Act », the duty of RIA is to ensure the security of information systems used for the provision of vital services and the permanent implementation of security measures used for related information assets.
Pursuant to the Cybersecurity Act », we carry out supervision over the compliance with the requirements important for the functioning of the society and established for the maintenance of the network and information systems of the state and the local governments. We also carry out supervision over the providers of digital services.
Pursuant to the Electronic Communications Act », we carry out supervision over the compliance with the requirements established for communication service providers for ensuring the security and integrity of data communication networks and services.
Pursuant to the Electronic Identification and Trust Services for Electronic Transactions Act », we carry out supervision over the compliance with the requirements established for trust service providers.
- Requirements for risk analysis and security measures (503.58 KB, PDF)In force from 13 July 2018
- The system of security measures for information systems (253.35 KB, PDF)In force from 1 January 2008