The charter of owners and heads of the companies working in the field of data protection and cryptography
In 2016 at one of board meetings of APKIT Committee concerning information security there was an idea of creation of "The charter of owners and heads of the companies working in the field of data protection and cryptography". In December, 2016 this idea was discussed by participants of an annual General meeting of APKIT. In March, 2017 the text of the draft of the Charter was published for discussion on the website of APKIT, and in April there took place its discussion at the IT summit in Sochi.
Final option of the main part of the Charter.
Understanding community of interests and problems of development of the industry of cybersecurity, market participants, signing this Charter, agreed to consider for themselves valid, the obligations stated in the following points:
- B of the professional activity, on an equal basis with the current legislation of the Russian Federation to render assistance to the Russian competent authorities in investigation of computer crimes on their request and in accordance with the legislation of the Russian Federation;
- When developing regulatory legal acts in the field of data protection / cybersecurity to render expert assistance to profile departments, such as Federation Council of Federal Assembly of the Russian Federation, the State Duma of Federal Assembly of the Russian Federation, Government of the Russian Federation, Security council, the federal executive authorities, Military-industrial commission of the Russian Federation, interdepartmental bodies created by the President the Government, FSTEC of Russia, FSB of Russia, Roskomnadzor, the Ministry of Internal Affairs of the Russian Federation, MO of Russia and the Central Bank of Russia;
- to Render assistance to an education system in training of qualified personnel in the field of data protection (information security) and to development of methodical materials, creation of polygons and stands on products, providing free demoversions of products;
- When developing secure systems and complexes, the information security facility and a CIPF to be guided by the principles of creation of products corresponding to necessary safe criterions, to consider due practice existence of certificates and certificates of regulators in the field of data protection;
- in case of the conflict between the companies, including in matters of argument of right possession to refrain from populist statements and comments in media; in case of impossibility of the conflict resolution by negotiations, by agreement to involve in settlement of the relations professional associations (for example, APKIT, AZI, ABISS associations);
- to Adhere to the principles of fair competition; promote creation of the favorable environment for fair market participants: to work honesty with the customer; not use a possibility of the technologies for open demonstration of vulnerabilities of others products;
- to Condemn practice of use of corruption schemes in business;
- 8. Aim at control of compliance of products and services to requirements of the regulating documents (as option — by creation of SRO, without mentioning at the same time the existing systems of licensing and certification);
- to notify Committee of APKIT on information security On all cases of dishonourable behavior of the company, deception or false representation of the customer;
- to Make efforts for expansion of the participant list signed the Charter.
Heads of 12 companies became the first signers of this Charter:
- Business Computers Group LLC;
- JSC Infotecs;
- Federal state unitary enterprise NPP Gamma;
- Kod Bezopasnosti LLC;
- National Computer Corporation (NCC);
- JSC Elvis-Plus;
- Jet Infosystems;
- "Academy of information systems";
- TONK Group LLC;
- Information Security Center (ISC) LLC;
- JSC Elesi;
- AladdinR.D.
Among possible activities of the participants of IT market who signed the mentioned Charter, APKIT calls the following
- Examination legal and program (strategy, concepts) the documents affecting the cybersecurity area;
- Development of mechanisms of the organization of examination of projects in the field of cybersecurity (including at the request of regulators in the field of cybersecurity);
- Participation in settlement of the conflicts and disputes between participants of the market of cybersecurity;
- Organization of the help to participants of the market of cybersecurity in a situation of unfinished and problem projects;
- Development of mechanisms of self-regulation in the market of cybersecurity;
- Participation in development and promotion of the measures stimulating development of the industry of cybersecurity.
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |