Computer Information System Security Management Approach In Shandong Province (Amended 2004)

Original Language Title: 山东省计算机信息系统安全管理办法(2004年修正本)

Subscribe to a Global-Regulation Premium Membership Today!

Key Benefits:

Subscribe Now for only USD$20 per month, or Get a Day Pass for only USD$4.99.
(April 20, 1998, Shandong provincial people's Government, the 88th issue on October 31, 2004, Shandong provincial people's Government, the 175th on adaptation of administrative measures for the prevention and treatment of STDs in Shandong province 10 revision of the decision of the provincial government regulations) Chapter I General provisions article to strengthen the management of computer information system security, in accordance with the People's Republic of China and other relevant provisions of the regulations on protection of computer information system security, combined with the province, these measures are formulated.
    Article within the administrative area of the province of computer information system security management procedures apply.
    Third public security organs in charge of computer information system security management.
    National security and confidentiality, and other relevant departments, in accordance with the terms of reference established by the State of computer information system security management-related work.
    Fourth article of any units and individuals, computer information system must not be used against national interests and activities of collective interests and legitimate interests of citizens, shall not endanger the security of computer information systems.
    Fifth chapter safety management of computer information system construction and application, shall abide by the laws, administrative regulations and other relevant regulations of the State.
    Article sixth of computer information systems and use of the legal representative or responsible person with overall responsibility for the unit of computer information system security management, security organizations or (and) level guard organizations. Seventh article computer information system using units should established following security management system: (a) security management responsibility system, clear each post and each staff of security management duties; (ii) security protection system, guarantees information security, guarantees computer information system equipment, and facilities (containing network) and run environment security, guarantees computer function normal play; (three) security operation system, provides computer information system of operation permission and security operation; (four) security checks system,
    Always check the computer information system security, identify problems and (v) other safety management system.
    Eighth use of the computer information system access, processing, transmission of information classified as State secrets, you must take appropriate security measures to ensure State security.
    Nineth of State Affairs, advanced science and technology areas as well as an important sector of the economy's vital computer information system, should focus on strengthening safety management and security. Tenth unit and the international networking of computer information systems for personal use, must be via an access network, and according to the provisions of the registration procedures.
    All units and individuals are not allowed their own directly or use other channels for international networking.
    11th international networking of computer information systems, should be required to the public security authorities for the record, under safety supervision and inspection of the police authorities.
    12th International networking of computer information systems, shall abide by the laws and relevant rules and regulations, establish and improve the safety management system, strengthening the work of information security management.
    Is strictly prohibited to use the Internet to endanger national security, leaking State secrets and the barriers to social security and other illegal and criminal activities; any organization or individual shall interfere with, destroy or limit the normal application of the network shall not disturb the order of the management of international networking of computer information systems.
    13th entering the market of computer information system security product, shall be issued by the Ministry of public security made the computer information system security product license, and labeled "sales permission" tag.
    14th computer the control or prevention of unwanted data, technical training, supervision by the people's Governments above the county-level public security organs.
    15th clamp down on illegal production, publication, reproduction, transmission and sale of harmful computer bad data and contains your computer media and data.
    Cases that occurred in the 16th on the computer information system, about using the unit shall report to the local people's Governments above the county-level public security organ within 24 hours.
    Third chapter security supervision 17th article police organ on computer information system security management work perform following duties: (a) Organization for security checks, urged rectification security hidden; (ii) investigation against computer information system security of illegal crime case; (three) validation security grade, determine key computer information system; (four) is responsible for computer information system international networking of security supervision; (five) management computer information system security dedicated products of development, and sales and computer harmful data of control research;
    (Vi) other duties stipulated by laws, rules and regulations.
    18th on computer information system of public security organs to conduct security checks, the units concerned should actively cooperate with and provide information and data.
    19th impact public security organ finds computer information system security vulnerabilities, should be given to the relevant units of the computer information system safety rectification notice.
    Article 20th cases occurred in computer information systems, in addition to the provisions outside the investigation, the public security organ shall promptly conduct safety inspections, supervising security risks exist.
    21st police unit dedicated to sales of computer information system security product, verify inspection and sampling inspection and other surveillance measures can be taken. Fourth chapter legal responsibility 22nd article violation this approach provides, has following behavior one of of, sentenced warning or downtime reorganization: (a) violation computer information system security grade protection system and this approach about security management of provides, against computer information system security of; (ii) violation computer information system international networking record system of; (three) not according to provides time report computer information system in the occurred of case of; (four) received police organ requirements improved security status of notification Hou,
    Refuses to improve within a specified period, and (e) other acts that endanger security of computer information systems.
    23rd article violation this approach provides, deliberately entered computer harmful data or without license sold computer information system security dedicated products of, sentenced warning or on personal at 1000 Yuan following fine, on units at 5000 Yuan following fine; plot serious of, on personal at 1000 Yuan above 5000 Yuan following fine, on units at 5000 Yuan above 15,000 yuan following fine; has illegal proceeds of, except be confiscated outside, can sentenced illegal proceeds 1 to 3 times times of fine.
    24th in violation of the provisions of article tenth shall be ordered to stop international networks and give a warning, and may be fined a maximum of 15,000 Yuan; has illegally obtained, confiscation of illicit proceeds.
    25th article violates these rules, use computer information access, processing, transmission of information causing loss of State secrets leak, in accordance with the People's Republic of China and other relevant provisions of the law on guarding State secrets.
    26th article violates these rules, activities contravening public security management, and be punished in accordance with the Regulations constitutes a crime, criminal responsibility shall be investigated according to law. 27th in accordance with these measures administrative penalties for violations of computer information system security management, decided by the public security organs above the county level.
    But stop the reorganization and ordered to stop networking, decided by the municipal-level public security organ of the district.
    28th given fines, forfeiture penalties for public security organs should be issued by the provincial financial department issuing receipts, and confiscated money surrendered by all financial.
    29th where specific administrative acts of the public security organs may apply for administrative reconsideration or bring an administrative lawsuit in accordance with law.
    Article 30th computer information system security and administration of public security organs and their staff should act in strict accordance with the law, breach of sanctions, constitute a crime shall be investigated for criminal liability.
                      Fifth chapter supplementary articles article 31st these measures as of June 1, 1998.

Related Laws