On the ratification of the Agreement on Cooperation of the Member States of the Commonwealth of Independent States in the field of information Security

Home / RLA / On the ratification of the Agreement on Cooperation of the Member States of the Commonwealth of Independent States in the field of information Security

The Law of the Republic of Kazakhstan dated May 3, 2018 No. 150-VI SAM.

To ratify the Agreement on Cooperation of the member States of the Commonwealth of Independent States in the field of information security, signed in St. Petersburg on November 20, 2013.

President of the Republic of Kazakhstan

N. NAZARBAYEV

AGREEMENT on Cooperation of the Member States of the Commonwealth of Independent States in the field of information security

Officially certified text

AGREEMENT on Cooperation of the Member States of the Commonwealth of Independent States in the field of information security

The Governments of the Member States of the Commonwealth of Independent States, hereinafter referred to as the Parties,

in order to cooperate in the implementation of the provisions of the Concept of Cooperation of the member States of the Commonwealth of Independent States in the field of information security, approved by the Decision of the Council of Heads of State of the CIS on October 10, 2008,

Recognizing the importance of joint and effective use of the latest information and communication technologies to strengthen counteraction to threats to the information security of the CIS member States,

Considering that further development of cooperation and interaction between the Parties in the field of information security is necessary and meets their interests,

striving to limit threats to the information security of the CIS member states, to ensure the interests of States in the field of information security,

Taking into account the importance of information security for the realization of fundamental human and civil rights and freedoms,

Desiring to create a legal and organizational framework for cooperation between the CIS member States in the field of information security,

Recognizing the need to prevent the possibility of using information and communication technologies for purposes that are incompatible with the objectives of ensuring stability and security of the CIS member States and can have a negative impact on the integrity of the infrastructure of States, harming their security in both the civil and military spheres,

Believing that in order to effectively combat offenses in the information society, broader, faster and well-established cooperation of the authorized bodies of the CIS member States is required,

have agreed on the following:

Article 1

The purpose of this Agreement is to carry out joint coordinated activities aimed at ensuring information security in the member States of this Agreement.

Article 2

For the purposes of this Agreement, these terms have the following meanings:

Information impact is an action to change the form of provision and/or content of information.;

access to information - the ability to obtain information and use it;

Information protection is an activity aimed at protecting the rights of subjects to information, preventing unauthorized access to it and/or leakage of protected information, unauthorized and/or unintended impacts on it.;

protected information is information that is subject to protection in accordance with the laws of the CIS member states and/or the requirements established by the owner of this information.;

Information security is the state of protection of individuals, society and the state and their interests from threats, destructive and other negative impacts in the information space.;

information infrastructure is a set of technical means and systems for the formation, creation, transformation, transmission, use and storage of information;

information crime is the use of information resources and/or the impact on them in the information space for illegal purposes.;

An information system is an organizationally ordered set of tools that implement certain technological actions through information processes designed to solve specific functional tasks.;

information weapons - information technologies, means and methods used for the purpose of information warfare;

Information space is a sphere of activity related to the formation, creation, transformation, transmission, use, and storage of information, which affects, among other things, individual and public consciousness, information infrastructure, and information itself.;

information and communication technologies are information processes and methods of working with information carried out using computer technology and telecommunications;

Information processes are the processes of forming, searching, collecting, processing, storing, distributing and using information.;

information resources - information infrastructure, as well as information itself and its flows;

Information technology is a set of methods, production processes, and software and hardware combined into a technological complex that ensures the collection, creation, storage, accumulation, processing, retrieval, output, copying, transmission, dissemination, and protection of information.;

information terrorism is the use of information resources and/or the impact on them in the information space for terrorist purposes;

information - information about persons, objects, facts, events, phenomena and processes, regardless of the form of their representation;

Restricted access information is information that is restricted by the legislation of the CIS member states or their international treaties.;

The interstate information system is a system involved in interstate information exchanges that belongs to the CIS bodies, subjects of the CIS member states on the rights of joint ownership, joint ownership or joint (common) use.;

unauthorized access to information is access to protected information in violation of the rights or rules established by its owner, owner and/or legislation of the CIS member states.;

Information security is a system of legal, organizational, technical, and organizational-economic measures to identify threats to information security, prevent their implementation, and prevent and eliminate the consequences of such threats.;

certification for compliance with information protection requirements is a form of confirmation of compliance of assessment objects with information protection requirements established in the regulatory legal acts of the States Parties to this Agreement.;

information security means - a technical, software, software-technical means, substance and/or material intended or used to protect information;

cross-border transfer of information is the transfer of information by an operator across the state borders of the CIS member states to an authority, an individual or a legal entity of the state.;

Threats to information security are factors that pose a danger to individuals, society, the state and their interests in the information space.

For the purposes of this Agreement, threats to information security include the development and use of information weapons, information terrorism, and information crime.;

authorized bodies are the bodies of the Parties with the appropriate competence and authority to coordinate activities in the field of information security.

Article 3

The parties will organize interaction and cooperation in the following main areas:

convergence of regulatory legal acts and regulatory and methodological documents of the States Parties to this Agreement regulating relations in the field of information security;

development of regulatory legal acts for conducting joint coordinated events in the information space aimed at ensuring information security in the member States of this Agreement;

development and communication to users of regulatory documents regulating information security issues;

regulatory legal support for the development of the production of software and hardware and information security tools;

development of interstate standards in the field of information security compatible with international standards;

creation of secure information systems for various applications;

organization of cross-border information transfer;

improving the technology for protecting information systems and resources from potential and real threats;

analysis and assessment of threats to information security of information systems;

improving activities in the field of identification and neutralization of devices and programs that pose a threat to the functioning of information systems;

implementation of coordinated measures aimed at preventing unauthorized access to information posted in information systems and its leakage through technical channels;

ensuring the protection of information with limited access to information technologies in the interaction of information systems of various security classes;

modernization of segments of interstate information systems and their software belonging to the States Parties to this Agreement;

establishment of an agreed procedure for certification and mutual recognition of the results of certification of information security tools;

development of advanced information technologies in the field of information security;

expertise of scientific research and development works, scientific and technical products in the field of information security;

professional retraining and advanced training of personnel in the field of information security;

synthesis, dissemination and implementation of best practices;

organization and holding of scientific conferences, symposiums and meetings.

Article 4

The Parties undertake consolidated efforts to counter threats of the use of information and communication tools and technologies for the purpose of committing illegal and other destructive actions both in peacetime and in the threatened period against the CIS member States.

The parties are developing and implementing interstate programs that provide comprehensive solutions to information security issues, as well as individual projects to implement specific areas of cooperation of mutual interest.

The Parties, in accordance with the legislation of the States Parties to this Agreement, shall strive to simplify the procedure for exchanging data on work carried out in the field of information security.

The Parties create conditions for the active participation of government agencies and organizations, regardless of their forms of ownership, in information security activities.

The parties hold joint events on ensuring information security based on the principles of equality and mutual benefit.

The Parties shall consult on the basis of this Agreement in order to coordinate and enhance the effectiveness of cooperation.

Article 5

The Parties shall implement measures providing for the implementation of this Agreement in stages.

At the first stage, the Parties shall ensure the collection, analysis and exchange of information necessary for the implementation of the areas of cooperation specified in Article 3 of this Agreement, develop and communicate to the authorized bodies of the other Parties regulatory legal acts regulating information security issues.

The Parties shall take agreed measures to simplify the procedure for exchanging information on work carried out in the field of information security.

At the subsequent stages, the Parties will organize the implementation of the areas of cooperation specified in Article 3 of this Agreement within the agreed time frame.

Article 6

The Parties undertake not to disclose and provide adequate protection for restricted access information that has become known to them during the implementation of this Agreement.

Within the framework of this Agreement, information classified as a state secret (state secrets) by the legislation of the States Parties to this Agreement is not transferred.

Article 7

The Parties shall independently bear the costs incurred in the course of their implementation of the provisions of this Agreement, unless a different procedure is agreed in each specific case.

Article 8

The authorized bodies are responsible for the implementation of this Agreement, the list of which is determined by each Party and transmitted to the depositary upon delivery of a notification on the implementation of internal procedures necessary for the entry into force of this Agreement or the document of accession.

Each Party shall notify the depositary in writing within 30 days of changes to the list of authorized bodies.

Article 9

The authorized bodies exchange information among themselves on the main areas of interaction and cooperation listed in Article 3 of this Agreement.

The authorized bodies exchange experience between the Parties on issues of information security and other information technologies, as well as information security tools.

Article 10

This Agreement does not affect the rights and obligations of each of the Parties arising for it from other international treaties to which its State is a party.

Article 11

By mutual agreement of the Parties, amendments and additions may be made to this Agreement, which are an integral part of it, which are formalized by the relevant protocol.

Article 12

Disputes between the Parties arising from the application and interpretation of this Agreement shall be resolved through consultations and negotiations between the Parties concerned.

Article 13

This Agreement shall enter into force 30 days after the date of receipt by the depositary of the third notification that the Signatories have completed the internal procedures necessary for its entry into force.

For the Parties that have completed the internal procedures later, this Agreement shall enter into force 30 days after the date of receipt by the depositary of the relevant documents.

Article 14

After its entry into force, this Agreement is open for accession by any CIS member State by submitting an instrument of accession to the depositary.

For the acceding State, this Agreement shall enter into force 30 days after the date of receipt by the depositary of the instrument of accession.

Article 15

This Agreement is concluded for an indefinite period. Each of the Parties has the right to withdraw from this Agreement by sending a written notification to the depositary of its intention no later than 6 months before the withdrawal and settling the obligations that have arisen during the validity of this Agreement.

Done in St. Petersburg on November 20, 2013, in one original copy in Russian. The original copy is kept in the Executive Committee of the Commonwealth of Independent States, which will send a certified copy to each signatory State of this Agreement.

For the Government of the Republic of Azerbaijan

For the Government of the Russian Federation

For the Government of the Republic of Armenia

For the Government of the Republic of Tajikistan

For the Government of the Republic of Belarus

For the Government of Turkmenistan

For the Government of the Republic of Kazakhstan

For the Government of the Republic of Uzbekistan

For the Government Of the Kyrgyz Republic

For the Government of Ukraine

For the Government of the Republic of Moldova

Statement by Ukraine on item 9 of the agenda of the meeting of the CIS Council of Heads of Government

"On the Agreement on Cooperation of the Member States of the Commonwealth of Independent States in the field of information security"

November 20, 2013, St. Petersburg

"Ukraine reserves its position on this document until the completion of internal procedures.”

The Prime Minister Of Ukraine

Mykola AZAROV

I hereby certify that the attached text is an authentic copy of the Agreement on Cooperation between the member States of the Commonwealth of Independent States in the field of Information Security, adopted at the meeting of the Council of Heads of Government of the Commonwealth of Independent States, which took place on November 20, 2013 in St. Petersburg. The original copy of the above-mentioned Agreement is kept in the Executive Committee of the Commonwealth of Independent States.

First Deputy Chairman Executive Committee- Executive Secretary of the CIS

V.Garkun

The Law On the Security Council Of the Republic of Kazakhstan

This Law defines the legal status, competence and organization of the activities of the Security Council of the Republic of Kazakhstan.

President

Republic of Kazakhstan

Constitution Law Code Standard Decree Order Decision Resolution Lawyer Almaty Lawyer Legal service Legal advice Civil Criminal Administrative cases Disputes Defense Arbitration Law Company Kazakhstan Law Firm Court Cases