528/2005 Sb.
The DECREE
of 14 June. December 2005
about the physical safety and certification of technical resources
Modified: 19/2008 Sb.
Change: 454/2011 Sb.
The National Security Office shall, pursuant to section 33 and section 53 (a). and (c))), (d)),
(f)), and (j)) of law No 412/2005 Coll., on the protection of classified information and on the
security, (hereinafter referred to as "the Act"):
§ 1
The subject of the edit
This Decree lays down the scoring of the individual measures of physical
safety ^ 1), the lowest level of security of the secure area ^ 2) and
in the rules area ^ 3), the basic method of risk assessment, additional requirements
measures of physical security and technical certification requirements
resource.
§ 2
Definition of terms
For the purposes of this Ordinance means
and building or other object) enclosed space, in which the general rule
are secure or in the rules area,
(b) the boundary of the object server) building, the physical barrier (fence) or otherwise
clearly defined boundaries,
(c) secure the area or boundary) rules the area structurally or otherwise
clearly bounded space
d) entering the secure area of the object, or the rules area instead
designed for the entry and exit of persons and place of intended for entry and exit
means of transport,
e) means of transport by land, water, air and underground resources
designed for the transport of persons, objects and materials,
(f) the threat of disclosure or option) the misuse of classified information when
disruption of physical security,
g) risk the probability that a threat is carried out,
h) emergency status, which is imminent, the
disclosure or misuse of classified information,
I) technical means of security element whose use is
prevents, impairs, or security violation records Announces
Protection object, secure area or in the rules area, and destroys the
classified information,
j) úschovným object to a safe or other safe provided for
in Appendix 1 of this Decree,
the military material and technical equipment) ^ 5), in particular, electronic,
fototechnická, chemical, physico-chemical, radiotechnická, optical and
mechanical military equipment and military equipment, which includes
classified information.
§ 3
Object security and secure area
(1) the boundary of the object or the secure area, the classification of the object or
secure area into the appropriate category ^ 6) and secure
the area to the appropriate class provides the person responsible or responsible for
the person.
(2) the security of the object or the secure area is covered by the
a combination of physical security measures in accordance with paragraphs 3 to 10 and section 6 to
9.
(3) the object is supported, depending on the category of the object with respect
on the character of the border of the object and, depending on the risk assessment of these
technical means
and for the category Reserved)-mechanical anti-theft devices,
(b)) for the category of Confidential and secret-mechanical anti-theft devices and
electrical security signalization,
(c)) for the category of top secret-mechanical anti-theft devices,
electrical security signalization and special tv
systems. Special television systems must not impair the protection of classified
the information.
(4) Secure the area is provided by depending on its category,
class, and the evaluation of the risks these technical resources
and for the category Reserved)-mechanical anti-theft devices,
(b)) for the category of confidential-mechanical anti-theft devices and equipment
electrical security signalization,
(c)) for the category of secret and top secret-mechanical anti-theft devices,
systems for the control of inputs, equipment, electrical safety
alarm, special television systems, equipment, electric fire
signaling. Special television systems can replace the emergency
systems. When you use the special television systems may not be impaired
the protection of classified information.
(5) point values minimum degree of security of the secure areas are
set out in annex 1 of this order.
(6) the Objects and secure Confidential and higher category, in which the
ensure a permanent presence of persons employed, to ensure
mechanical zábrannými resources.
(7) to the security of the secure area to use certified or
non-certified technical resources. Non-certified technical
the funds can be used only under the conditions laid down in annex 1 to this
the Decree.
(8) the Secret information is stored in a secure area of the relevant
category or higher, or in the úschovném object, if his point
the value applied in the project physical security for the
secure area.
(9) in the object with the physical destruction of the equipment racks, places information
According to annex No 1 of this order.
(10) in the event that the boundaries of the object is the same as the limit of secure
the area is the scope of application of the measures of physical security requirements specified
on the category of the secure area.
§ 4
The security meeting areas
(1) Border rules area provides the person responsible or responsible for
the person.
(2) the security rules of the area is provided by a combination of measures
physical security pursuant to paragraphs 3 to 8 and sections 6 to 9.
(3) the scope of application of the measures of physical security to security rules
the area shall be determined depending on the degree of classified information, which
are regularly discussed in the rules area, and to assess the risks.
(4) the rules of the field for the regular discussion of classified information
degrees of secrecy secret and top secret to ensure the mechanical
zábrannými resources, systems for the control of inputs, equipment
electrical security signalization, special television systems,
electric fire alarm devices, and passive devices
Active interception of classified information.
(5) the Special television systems in paragraph 4 may be replaced by emergency
systems. Special television systems must not impair the protection of classified
the information.
(6) the point values of the lowest degree of security rules area are
set out in annex 1 of this order.
(7) the provisions of annex 1 of this Decree concerning security
secure area security apply mutatis mutandis the rules area,
If it is not in the annex No. 1 of this Decree provides otherwise.
(8) to secure the meeting areas are used certified or
non-certified technical resources. Non-certified technical
the funds can be used only under the conditions laid down in annex 1 to this
the Decree.
(9) in the event that the boundaries of the object is the same as the limit of the rules area,
is the scope of application of the measures of physical security requirements designed to
security rules the area.
§ 5
Technical security equipment
(1) the technical equipment is secured by measures of physical security
in accordance with section 3, 6 to 10 or pursuant to paragraphs 2 to 4.
(2) the scope of application of režimových measures and technical means to
technical security shall determine the responsible person or her
the designated person, depending on the risk assessment.
(3) the Security of the stored equipment containing classified
information classification
and top secret) ensures the type 5 according to annex No 1 of this order,
(b) ensure at least) type 4 according to annex No 1 to this
the Decree,
(c) confidential ensures at least) type 3 according to annex No 1 to this
the Decree,
d) Dedicated to ensure within the limits set by the responsible person or
the person responsible for her.
(4) the scope of application of the measures of physical security to security
technical equipment shall be determined in the project physical security. The content and
form of the physical security of the project shall apply mutatis mutandis.
§ 6
Regime measures
(1) lifestyle changes measures are
and determination of the people and permissions) means of transport for access to
the object, determination of the persons permission to enter the secure area and
in the rules area, and how to control these permissions,
(b)) control measures when entering the object, secure and meeting
areas and the way to control these measures,
(c)) the conditions and the way to control the movement of persons in the object, secure
area and area, and the method of checking and passing classified
information from the object, secure the area and meeting area,
(d)) mode key handling and means of identification, in particular
the method of marking, allocation and registration, custody,
e) mode handling of technical resources and their use,
(f)) mode of movement of classified information in the object, secure the area and
in the rules area.
(2) point values režimových measures are laid down in annex No. 1.
of this order.
section 7 of the
The mode of movement of people and means of transport
(1) Permission to enter the secure area of the object, or the rules
the area issued by the responsible person or authorised person. Permission to
entry into the secure area or the rules set out the categories of
may be issued to a person who is aware of and is the holder of a notice of compliance
conditions for access to EU classified information to the level of classification of the reserved
or natural person certificate for the corresponding or higher degree
confidentiality. List of people with permission to access the object category
Confidential, secret or top secret, to secure the area and to the rules
the area and the means of transport authorised to enter into the
the category of Confidential, secret or top secret, to secure the area and to the
in the rules area stores for the responsible person or authorised person.
(2) a person may, without permission to enter into the category of confidential
Secret or top secret, secure area or in the rules area
enter only accompanied by the person authorised to enter into the appropriate
object, secure area or in the rules area, provided that the
the input is necessary and will not undermine the protection of classified information.
(3) On the entry into the category of Confidential, secret or top secret, the
the inspection of the entry and for persons without authorization to enter into an object is
led the register data and the compulsory scheme visits with escorts.
On entering the secure area of the reserved category, which is located
in the object category Reserved, shall be carried out to check the entry.
(4) upon the entry of persons without permission to enter into the category of Strictly
the secret is done checking device used to search
dangerous substances or articles.
§ 8
The mode of handling keys and identification devices
(1) the scheme for handling key and specifies the means of identification system
and the method of marking, allocation and presentation, their custody and
registration, deposit of duplicates and the method of their use.
(2) keys and identification devices to the rules area, and further to
the secure area and the úschovnému object, which stores the secret
information classification of Confidential or higher, must be identified
they are stored in a way that allows you to control their use, and their
the supply is subject to registration. The key has a person responsible or
the designated person.
(3) the scheme for handling keys and identification devices to secure
area, and to úschovnému, where the object is stored classified information
classification provides a dedicated, responsible person.
(4) Secure the area and the area at the time of absence shall be
persons are allowed access to this secure area or the rules
the area locked down. Storage object must be in the absence of the persons
having access to classified information ^ 7) stored in it, is locked.
The person with the key and the means of identification of the secured
areas, meeting areas and úschovných objects is stored in the object
If the other place save determines the person responsible or responsible for
the person.
(5) the loss of keys and identification devices, shall be immediately
the person responsible is notified or authorised person shall ensure that the axle.
§ 9
Security guard
The point values of each type of security for the object are laid down in
Annex No 1 of this order.
§ 10
Measures of physical security and authentication risk assessment
(1) verify that each of the physical security measures applied and
evaluation of the risks of the project correspond to physical safety and legal
the legislation on the protection of classified information, performs responsible
person or authorised person continuously, but at least every 12 months.
(2) condition for verification referred to in paragraph 1 in the case of technical
the resources referred to in section 30, paragraph. 1 of the Act is to perform functional tests
According to annex No 1 of this order.
(3) the risk assessment shall be carried out
and) degrees of classified information and the findings of the quantity
classified information, which is in the object or will be
occur, in particular in terms of the consequences of their disclosure or misuse,
(b) the description and evaluation of threats), which are classified information
exposed,
(c) the description and evaluation of the vulnerability of the) classified information against
These threats,
(d)) by setting risk, such as "small", "medium" or "large",
the basis of the assessment of the threat and the vulnerability of classified information.
(4) in the case of changes to the measures of physical security of the person responsible, or
to her, the designated person shall ensure compliance with the project immediately to the physical
the safety.
(5) the structure of the project, physical security is laid down in annex No. 1.
of this order.
§ 11
Particulars of the application for certification of the technical resource
(1) an application for the certification of technical resource contains
and the identification of the applicant)
1. trade name, or the name, registered office and identification number,
If the applicant is a legal person,
2. the trade name or name and last name, or distinguishing
Appendix, permanent residents and a place of business, if different from the Permanent
of residence, date of birth and identification number, if the applicant is a natural
a person who is an entrepreneur, or
3. name, registered office and identification number, name and surname of the responsible
persons, if the authority of the State,
(b) enumeration and marking) technical resources and a list of submitted
the documentation.
(2) the application referred to in paragraph 1 shall be accompanied by the documentation
and the technical specification and description) of the resource
(b)) Declaration of conformity certificates or technical resource ^ 8),
(c))-the certificate of conformity for a single technical resource is not
required,
(d)) under section 46, the opinion paragraph. 14 of the Act.
§ 12
Period of validity of the certificate of the Office, and for a maximum period of validity of the
the report referred to in section 46 paragraph. 14 of the Act.
section 13
The model of the certificate of technical resource is given in annex 2 to this
the Decree.
§ 14
Technical resources according to § 30 paragraph. 1 of the law may be after the expiration of
the validity period of the certificates used in the manner and under the conditions,
which are listed in annex 1 of this order.
§ 15
Particulars of the application for conclusion of a contract of reinsurance activities
The application for conclusion of a contract of reinsurance activities ^ 9) contains the
and the identification of the applicant), pursuant to section 11 (1). 1 (a). and)
(b)) name and surname of contact the worker applicant and contact
connection,
(c) identification of the competent vocational Department) of the applicant (the subject of the
the activities and location of workplace pověřovaného detailed specification, name
and the last name of the contact and the contact link),
(d)) to specify the actions to be carried out in accordance with the Treaty on the
ensure the activities,
e) extract from the trade register or the register of trades and
a certified copy of a valid decision or certification:
1. The decision on the grant of authorization, in which a range of activities in
conformity assessment includes technical means (technical means)
referred to in section 30, paragraph. 1 of the Act, issued by the Office of technical
Standardization, metrology and State testing ^ 10),
2. the certificate of accreditation, including the annex, in which the subject of accreditation
includes certification of technical (technical means)
referred to in section 30, paragraph. 1 of the Act, issued by the Czech Institute for
accreditation ^ 11), or
3. a certificate of accreditation, including the annex, in which the subject of accreditation
involves testing the technical (technical resource
resources) referred to in section 30, paragraph. 1 of the Act, issued by the Czech
the Institute for accreditation of ^ 11).
section 16 of the
The effectiveness of the
This Decree shall take effect on 1 January 2005. January 1, 2006.
Director:
Mgr. Mares in the r.
Annex 1
1.
THE STORAGE OBJECTS AND THEIR LOCKS
1.1. The STORAGE OBJECTS
---------------------------------------------------------------
1.1.1. the Storage object type 4:
SS1 = 4 points
---------------------------------------------------------------
Storage object type 4 is certified by the national security authority
(hereinafter referred to as "the authority") and meets the requirements of safety class II or higher
According to ČSN EN 1143-1 + A1 Safety requirements, the storage objects
classification and test methods for resistance to burglary-part 1:
Cabinet safes, safes safes door and Chamber.
In accordance with ČSN EN 1143-1 + A1 shall be equipped with a storage object type 4
the lock at least class and according to ČSN EN 1300 + A1 Safety storage
objects-locks with a high security Classification due to their
resistance against unauthorised opening (lock type 2, point 1.2.3.
of the annex).
In the case that it is in the úschovném object of type 4 stored cryptographic
the material must be equipped with this storage object kombinačním
Mechanical lock, at least třípolohovým.
---------------------------------------------------------------
1.1.2. the Storage object type 3:
SS1 = 3 points
---------------------------------------------------------------
Storage object of type 3 is certified by the Office and meets the requirements of
safety class I according to ČSN EN 1143-1 + A1. In accordance with ČSN EN
1143-1 + A1 storage object must be of type 3 fitted with a lock at least class
And according to ČSN EN 1300 + A1 (lock type 2, point 1.2.3. of the annex).
In the case that it is in the úschovném object of type 3 stored cryptographic
the material must be equipped with this storage object kombinačním
Mechanical lock, at least třípolohovým.
---------------------------------------------------------------
1.1.3. the Storage object type 2:
SS1 = 2 points
---------------------------------------------------------------
Storage object type 2 is certified by the Office and meets the requirements of
safety class 0 according to ČSN EN 1143-1 + A1.
In accordance with ČSN EN 1143-1 + A1 shall be equipped with a storage object type 2
the lock at least class and according to ČSN EN 1300 + A1 (lock type 2, point 1.2.3.
of the annex).
---------------------------------------------------------------
1.1.4. the Storage object type 1:
SS1 = 1 point
---------------------------------------------------------------
Úschovným an object of type 1 is a non-separable solid steel Cabinet
the structure, its door seal is affixed to the trilogue perch
the mechanism and and is guarded at. The door latch is self-locking in the closed state.
Storage object type 1 is not certified by the Office. Match properties
These úschovných objects with the above requirements shall consider responsible
person or authorised person. The registration of a conformity assessment is included in the
the project of physical security.
---------------------------------------------------------------
1.1.5. the type of Storage object 1A:
SS1 = 1 point
---------------------------------------------------------------
Storage object type 1A is a certified the Office and meets, including the
the locking system, the requirements of safety class M1 according to ČSN 91 6012
Security storage objects-requirements, classification and methods of
testing of resistance to burglary-Safes with basic security.
---------------------------------------------------------------
1.1.6. the Storage object type 1B:
SS1 = 2 points
---------------------------------------------------------------
Storage object type 1B is a certified the Office and meets, including the
the locking system, the requirements of safety class Z2 according to ČSN 91 6012.
---------------------------------------------------------------
1.1.7. Storage object type 1 c:
SS1 = 3 points
---------------------------------------------------------------
Storage object of type 1 c is a certified the Office and meets, including the
the locking system, the requirements of safety class Z3 according to ČSN 91 6012.
---------------------------------------------------------------
1.1.8. Storage object type 0:
SS1 = not rated (N)
---------------------------------------------------------------
Storage object type 0 is a fixed structure (e.g., Clipboard, desktop
furniture) and is equipped with a lock, which is and is guarded at. Should not show such
signs of damage or wear, that would make it impossible to identify
unauthorized entry attempts. Storage object type 0 is not certified
By the authority.
Match the properties of the úschovných object with the above requirements
the responsible person or the person in charge of the project to her physical safety.
1.2. The LOCKS OBJECT ÚSCHOVNÝCH
---------------------------------------------------------------
1.2.1. The lock type 4:
SS2 = 4 points
---------------------------------------------------------------
Lock type 4 is certified by the Office in the framework of the certification of úschovného
object, and meets the requirements of safety class C according to ČSN EN 1300 + A1.
---------------------------------------------------------------
1.2.2. Type 3 Lock:
SS2 = 3 points
---------------------------------------------------------------
Lock type 3 is certified by the Office in the framework of the certification of úschovného
object, and meets the requirements of safety class B according to ČSN EN 1300 + A1.
---------------------------------------------------------------
1.2.3. The lock type 2:
SS2 = 2 points
---------------------------------------------------------------
Lock type 2 is certified by the Office in the framework of the certification of úschovného
object, and meets the requirements of safety class and according to ČSN EN 1300 + A1.
Note to point 1.:
Score conversion table object úschovného
---------------------------------------------------------------
The type of classification for which Point Point
úschovného was approved the eligibility of value
the object is listed in the words of the SS1 SS2
to 31.12.1999
---------------------------------------------------------------
Type 4 TOP SECRET 4 points 2 points
Type 3 SECRET 3 points 2 points
Type 2 CONFIDENTIAL 2 points 2 points
---------------------------------------------------------------
2.
SECURE THE AREA AND THEIR LOCKING SYSTEMS
Mechanical zábrannými resources in this chapter means in particular
locks, doors, grates, foil, glass and other safety components and
building elements with the exception of úschovných objects (point 1.).
By mechanical means to ensure zábrannými manholes,
that allows the passage of a template on the following dimensions:
-----------------------------------------------
Průlezný Hole Size
-----------------------------------------------
a rectangle of 400 mm x 250 mm
400 mm x 300 mm oval
circle Diameter 350 mm
-----------------------------------------------
If the průlezný hole secured by mechanical means with zábranným
one or more openings (e.g. Grill), these holes allow passage
the templates in the shape of an ellipse with dimensions of 250 mm x 150 mm and a thickness of 20 mm.
2.1. SECURE AREA
Determine the type of the secure area is given by the least durable element in its
the boundaries.
---------------------------------------------------------------
2.1.1. Secure area type 4:
SS3 = 4 points
---------------------------------------------------------------
The walls, floors and ceilings, construction must have the following:
and) masonry (brick or limestone-cement blocks, aerated concrete blocks)
greater than 300 mm in thickness, or
(b)) of reinforced concrete thickness greater than 150 mm.
The scores of the other mechanical barrier devices must
meet the value of SS3 = 4. Mechanical anti-theft devices cannot
to report such signs of damage or wear, that would make it impossible to
identify unauthorized entry attempts.
Windows, doors and other fastenings must satisfy the requirements of safety class
RC 4 or class RC 5 according to ČSN EN 1627 Windows, doors, shutters-Resistance
against the violent intrusion-requirements and classifications.
---------------------------------------------------------------
2.1.2. Secure area type 3:
SS3 = 3 points
---------------------------------------------------------------
The walls, floors and ceilings, construction must have the following:
and) masonry (brick or limestone-cement blocks, aerated concrete blocks)
thickness greater than 150 mm, or
(b)) of reinforced concrete thickness of greater than 100 mm.
The scores of the other mechanical barrier devices must
meet the minimum value of the SS3 = 3. Mechanical anti-theft devices
may not present such signs of damage or wear, that would
make it impossible to identify unauthorized attempts to access.
Windows, doors and closures shall meet the requirements of safety class RC 3
According to the standard EN 1627.
---------------------------------------------------------------
2.1.3. type of secure area 2:
SS3 = 2 points
---------------------------------------------------------------
The walls, floors and ceilings, construction must have the following:
and) masonry (brick or limestone-cement blocks, aerated concrete blocks)
a thickness of 100 to 150 mm, or
(b)) of reinforced concrete thickness up to 100 mm.
The floors and ceilings can be of a different material thicknesses greater than 150
mm (e.g. wooden sandwich beam structure).
The scores of the other mechanical barrier devices must
meet the minimum value of the SS3 = 2.
Windows, doors and closures shall meet the requirements of safety class RC 2
According to the standard EN 1627.
Manholes may not be secured by certified mechanical
zábrannými means, if the lower edge of the průlezného opening meets
the following requirements:
and is located at least) 5.5 m above the ground,
(b)) could not be simply for him to penetrate from the roof or for help
lightning conductors, eaves, window sills, other construction elements, landscaping
inequalities, trees or other structures.
Mechanical anti-theft devices must not exhibit damage such characters
or wear and tear, which would make it impossible to identify unauthorized attempts to
input.
---------------------------------------------------------------
2.1.4. Secure area type 1:
SS3 = 1 point
---------------------------------------------------------------
The walls, floors and ceilings are light building construction materials such as
for example:
-plasterboard,
-light masonry structures,
-wood, particle board,
-plastic hardened materials,
-profiled or corrugated sheet,
-glass.
Manholes shall be secured by mechanical zábrannými
resources that provide the same degree of resistance as the remaining
part of the boundaries of the secure area, type 1, or are protected by
Certified devices electrical security signalization (ESS),
the installation of a minimum value corresponds to the SS92 = 3.
Manholes may not be secured by these mechanical zábrannými
resources, if the bottom edge of the hole průlezného meets the following
requirements:
and is located at least) 5.5 m above the ground,
(b)) could not be simply for him to penetrate from the roof or for help
lightning conductors, eaves, window sills, other construction elements, landscaping
inequalities, trees or other structures.
Mechanical anti-theft devices must be of solid construction and must not
to report such signs of damage or wear, that would make it impossible to
to identify unauthorized attempts to access and compliance with the following requirements
assessing the person responsible or designated person.
The registration of a conformity assessment is becoming part of the physical security of the project.
---------------------------------------------------------------
2.1.5. Secure area type 0:
SS3 = not rated (N)
---------------------------------------------------------------
Průlezných security holes must be able to control the movement of persons and
vehicles.
Mechanical anti-theft devices must not exhibit damage such characters
or wear and tear, which would make it impossible to identify unauthorized attempts to
input.
Compliance with the above requirements confirms the person responsible or
responsible for the physical security of the person in the project.
2.2. The LOCKING SYSTEMS are intended to LOCK the SECURE AREA
---------------------------------------------------------------
2.2.1. Locking system type 4:
Ss4 = 4 points
---------------------------------------------------------------
The locking system of the type 4 is certified by the Office.
Locking system and its components must comply with the requirements of the security
RC class 5 according to ČSN EN 1627.
---------------------------------------------------------------
2.2.2. Locking system type 3:
Ss4 = 3 points
---------------------------------------------------------------
The locking system of the type 3 is certified by the Office.
Locking system and its components must comply with the requirements of the security
RC 4 class according to CSN EN 1627.
---------------------------------------------------------------
2.2.3. the type of locking system 2:
Ss4 = 2 points
---------------------------------------------------------------
The locking system of the type 2 is certified by the Office.
Locking system and its components must comply with the requirements of the security
RC class 3 according to EN 1627.
---------------------------------------------------------------
2.2.4. Locking system type 1:
Ss4 = 1 point
---------------------------------------------------------------
The locking system of the type 1 is certified by the Office.
Locking system and its components must comply with the requirements of the security
RC class 2 according to EN 1627.
---------------------------------------------------------------
2.2.5. The locking system of the type 0:
Ss4 = not rated (N)
---------------------------------------------------------------
Locking system of the type 0 is not certified by the Office.
Note to point 2:
If a secure area to form the Chamber may not be safe entry into the
a solid vault in that part of the boundaries of the secure area, which is
at the border of the object. Point rating S2 in this case is equal to
0.
3.
THE BORDER OBJECT
When you specify the type of object it is critical that part of the border of the object that
has the lowest resistance. In the event that the boundaries of the object is in its full length
the same as the limit of a secure area, the only secure
the area and the scores of the object (S3 = 0); visits to the object mode
in this case, the rank (SS7 = N).
A special case of the boundaries of the object's perimeter (fence, etc.) on the
across the border and access points is carried out surveillance of the type 5. In
this case can be the value of the S3 to replace product scores SS10
(physical barrier type 2 and above) and SS11. Points from the SS10 and SS11 items,
that were used in the value of the S3 is no longer counted in the calculation of
the value of S6, but is reported in table scatter evaluation for information.
A special case is the boundary of the object as defined by the boundary of the perimeter (fence
etc.). In this case, as the boundaries of the object shall be assessed in addition coat
building and reallocated to the values of the S3.
---------------------------------------------------------------
3.1. the object of type 4:
S3 = 4 points
---------------------------------------------------------------
The walls, floors and ceilings shall be increased or fixed construction
construction (eg. reinforced concrete structure). An object of type 4 has
the minimum number of doors, Windows and other openings, which must průlezných
be secured by mechanical means and zábrannými are the same
the degree of resistance against the intruders as the other parts of the border object
Type 4.
---------------------------------------------------------------
3.2. An object of type 3:
S3 = 3 points
---------------------------------------------------------------
The walls, floors and ceilings must have a fixed building of brick construction
or block, or used building technology using
prefabricated and assembled panels, etc. Manholes shall be
secured by mechanical means zábrannými, which provide the same
the degree of resistance against the intruders as the other parts of the border object
Type 3.
Manholes may not be secured by these mechanical zábrannými
resources, if the bottom edge of the hole průlezného meets the following
requirements:
and is located at least) 5.5 m above the ground,
(b)) could not be simply for him to penetrate from the roof or for help
lightning conductors, eaves, window sills, other construction elements, landscaping
inequalities, trees or other structures.
---------------------------------------------------------------
3.3. An object of type 2:
S3 = 2 points
---------------------------------------------------------------
The object is to light the building structure. Manholes shall be
secured by mechanical means or technical zábrannými
at least with the installation of INTRUSION DETECTION resources SS92 = 1. This condition shall not apply,
If the bottom edge of the hole průlezného meets the following requirements:
and is located at least) 5.5 m above the ground,
(b)) could not be simply for him to penetrate from the roof or for help
lightning conductors, eaves, window sills, other construction elements, landscaping
inequalities, trees or other structures.
---------------------------------------------------------------
3.4. An object of type 1:
S3 = 1 point
---------------------------------------------------------------
The object is a lightweight prefabricated structure that protects a person,
material and equipment from the weather.
---------------------------------------------------------------
3.5. Object type 0:
S3 = not rated (N)
---------------------------------------------------------------
The object has a visibly defined the border, within which there is the possibility of
control of individual persons and vehicles. The border object provides the responsible
the person or the person in charge of the project to her physical safety.
4.
THE SYSTEM CHECKS THE ENTRY INTO THE SECURE AREA OR OBJECT AND MODE
VISITS
4.1. the system CHECKS the ENTRY into the SECURE AREA or OBJECT
The system checks the entry is evaluated for the condition of its implementation on the
all entrances to the building or secure areas.
---------------------------------------------------------------
4.1.1. the system checks the entry type 4:
SS6 = 4 points
---------------------------------------------------------------
The system checks the entry type 4 must be certified by the Office and meets the
the requirements of ČSN EN 50133-1 alarm systems-control systems
inputs for use in security applications-part 1: System
the requirements for class B and class access identification 3
and PIN identification and control),
(b)), biometrics and PIN, or
(c) identification and biometrics) element.
The system checks the entry type 4 must be accompanied by an access barrier
preventing the repeated access and ensuring one transaction mode-
one pass ".
Access control is implemented on all entrances to the building or
secure area.
Reporting from the system checks the entry type 4 must be taken on a permanent
Habitat of the surveillance.
---------------------------------------------------------------
4.1.2. the system checks the input type 3:
SS6 = 3 points
---------------------------------------------------------------
The system checks the input type 3 must be certified by the Office and meets the
the requirements of ČSN EN 50133-1. Alarm systems-control systems
inputs for use in security applications-part 1: System
the requirements for class B and class access identification 3
and PIN identification and control),
(b)), biometrics and PIN, or
(c) identification and biometrics) element.
Access control is implemented on all entrances to the building or
secure area.
Reporting from the system checks the input type 3 must be taken on a permanent
Habitat of the surveillance.
---------------------------------------------------------------
4.1.3. the system checks the entry type 2:
SS6 = 2 points
---------------------------------------------------------------
The system checks the entry type 2 must be certified by the Office and meets the
the requirements of ČSN EN 50133-1 alarm systems-control systems
inputs for use in security applications-part 1: System
the requirements for class B and class identification Access 2
the identification element),
b) PIN, or
c) biometrics.
Access control is implemented on all entrances to the building or
secure area.
Reporting from the system checks the entry type 2 must be taken on a permanent
Habitat of the surveillance.
The system checks the entry of type 2, you can replace the control input, which
continuously conducts surveillance of members of the armed forces or
the armed forces, and at all entrances to the building or secure
area.
---------------------------------------------------------------
4.1.4. the system checks the entry type 1:
SS6 = 1 point
---------------------------------------------------------------
The system checks the entry type 1 consists of a lockable mechanical barrier to
the entry.
Access control is implemented on all entrances to the building or on the
all entrances into the secure area.
Note: to section 4.1.
The system checks the entry of type 1 can only be used on entry into the secure
the category of confidential or Reserved.
When you check the entry into the secure area of an object or category
Top secret facilities are used for searching dangerous
substances or articles.
The system checks the entry, in accordance with section 5.2.8 EN 50133-1 Alarm
systems-control systems with inputs for use in the safety
applications-part 1: System requirements for class B, the access must
to report an unauthorized attempt to access or open space itself or
the expiry of the authorized period after lawful access to open space. Reporting
must take place within 10 seconds.
4.2. RANDOM inbound and outbound TOURS
---------------------------------------------------------------
4.2.1. Random inspection
SS12 = 1 point
---------------------------------------------------------------
Random Tours provides the authority of the State, legal or business
natural person and are carried out randomly at the entrance, the entrance, exit and
the exit of the object. Random inspections are intended as a deterrent
element against the protection of classified information.
4.3. MODE of VISITS in the object
---------------------------------------------------------------
4.3.1. Visits with accompaniment:
SS7 = 3 points
---------------------------------------------------------------
Visits must be accompanied throughout their stay in the object.
Must be a registered data on the visits, which includes personal
identifying information visits, accompanying persons and time data about
When the visit was done.
---------------------------------------------------------------
4.3.2. unaccompanied Visit:
SS7 = 1 point
---------------------------------------------------------------
The visits, which have allowed unaccompanied must be visibly
marked. In this case, must be clearly identified and all custom
staff.
Must be a registered data on the visits, which includes personal
identifying information visits and time data about when to visit
enforced.
---------------------------------------------------------------
4.3.3. The visits without control:
SS7 = not rated (N)
---------------------------------------------------------------
Visits to enter without inspection and escort.
5.
SURVEILLANCE EQUIPMENT AND ELECTRIC SECURITY SIGNALIZATION (ESS)
5.1. SECURITY
---------------------------------------------------------------
5.1.1. Surveillance of the type 5:
SS8 = 5 points
---------------------------------------------------------------
Surveillance of the type 5 ensure only members of the armed forces or
the armed forces and is carried out by way of irregular beats.
Surveillance carried out on patrol after a randomly selected routes at random
intervals of not more than 2 hours.
In the course of surveillance, including patrol, must be at the
the permanent surveillance of the constantly presence of at least one person designated for performance
the security guard.
---------------------------------------------------------------
5.1.2. Surveillance of the type 4:
SS8 = 4 points
---------------------------------------------------------------
Surveillance of the type 4 ensure only members of the armed forces or
the armed forces and is carried out by way of irregular beats.
Security patrols carried out at an interval of not more than 6 hours.
At night and on weekends, the frequency of beats increases.
In the course of surveillance, including patrol, must be at the
the permanent surveillance of the constantly presence of at least one person designated for performance
the security guard.
---------------------------------------------------------------
5.1.3. Surveillance of the type 3:
SS8 = 3 points
---------------------------------------------------------------
Surveillance of the type 3 provide the staff of the authority of the State, legal persons
or entrepreneurial natural persons whose object goes, members
the armed forces or of the armed forces, or employees of the security
protective services.
Beats of intervals are dependent on the internal operation and the extent
the assumed risk.
In the course of surveillance, including patrol, must be at the
the permanent surveillance of the constantly presence of at least one person designated for performance
the security guard.
---------------------------------------------------------------
5.1.4. Surveillance of the type 2:
SS8 = 2 points
---------------------------------------------------------------
Surveillance of the type 2 provide the staff of the authority of the State, legal persons
or entrepreneurial natural persons whose object goes, members
the armed forces or of the armed forces, or employees of the security
protective services.
For surveillance of type 2 are not required on patrol.
---------------------------------------------------------------
5.1.5. Surveillance of the type 1:
SS8 = 1 point
---------------------------------------------------------------
Security type 1 corresponds to the guarding object connection to the supervisory and
alarm receiving centre, allowing for rapid intervention.
Note to point 5.1.:
The rules for the performance of the surveillance is necessary in the case of the object, in which the
the area is secure, Confidential, secret or category of the top secret
or the rules of the area set out in a written form.
Surveillance of secure zones in which to store the classified
the European Union classification of information Confidential and higher, secures the
security type 2 and higher, the beats of frequency must be determined
at intervals of not more than 2 hours. First beat the security guard with the
executes immediately after the end of the work time.
The permanent surveillance of the station is located from the secure area category
Top secret and Secret as far as 500 m, or if the distance unit
the permanent surveillance of more than 500 m must be carried out in a surveillance action 5
minutes from the receipt of the alarm or emergency signal from an object
secure area or in the rules area.
Surveillance of the type 1 can be used only for objects of the category of confidential or
Reserved.
Surveillance must be equipped with means enabling the connection when the beat
the unit for the permanent surveillance of the performance. Response time of the surveillance on the alarm
or distress signal must be verified by the responsible person or the
an authorised person.
5.2. ELECTRICAL SECURITY SIGNALIZATION
---------------------------------------------------------------
5.2.1. Electrical security signalization type 4:
SS91 = 4 points
---------------------------------------------------------------
Electrical security signalization type 4 must be
certified the Office and meets the requirements according to EN 50131 1 ed. 2
Alarm systems-Alarm security and emergency systems-for
security level 4-high risk. Panic system fulfils the following
the requirements of the ČSN EN 50134-1 alarm systems-Systems calling
help.
---------------------------------------------------------------
5.2.2. Electric security signalization type 3:
SS91 = 3 points
---------------------------------------------------------------
Device type 3 electrical security alarm systems must be
certified the Office and meets the requirements according to EN 50131 1 ed. 2 for
security level 3-medium to high risk. Panic system meets the
on the requirements of the ČSN EN 50134-1.
---------------------------------------------------------------
5.2.3. the electrical security signalization type 2:
SS91 = 2 points
---------------------------------------------------------------
Electrical security signalization type 2 must be
certified the Office and meets the requirements according to EN 50131 1 ed. 2 for
security level 2-low to medium risk. Panic system meets the
on the requirements of the ČSN EN 50134-1.
---------------------------------------------------------------
5.2.4. The equipment of electric security signalization type 1:
SS91 = 1 point
---------------------------------------------------------------
Electrical security signalization of type 1 are not
certified by the Office.
Note to section 5.2.:
Subject of certification of electrical security signalization
they are:
and the control panel electrical security alarm systems),
b) detectors, electrical security signalization
c) perimeter detection systems,
(d) the emergency systems).
Table assign categories to the types of technical means of INTRUSION DETECTION
---------------------------------------------------------------
The type of classification for which was approved by the Point
technical competence is listed words or the value of the
the displayed shortcut resource
EZS to 31.12. 1999 from 1.1. 2000
---------------------------------------------------------------
4-type "PT" 4 points
Type 3 "top secret", "T" 3 points
2 type "confidential" "D" 2 points
---------------------------------------------------------------
---------------------------------------------------------------
5.2.5. The installation of electric security signalization
Type 4:
SS92 = 4 points
---------------------------------------------------------------
4 installation type is implemented in a secure area within the range:
and spatial protection)
(b)) the jacket protection
c) distress system
(d)) the shock detectors or special television scanning system
24 manholes secure area.
---------------------------------------------------------------
5.2.6. The installation of electric security signalization
Type 3
SS92 = 3 points
---------------------------------------------------------------
Installation type 3 is implemented in a secure area within the range:
and spatial protection)
(b)) the jacket protection
c) distress system or special television scanning system continuously
manholes of the secure area.
---------------------------------------------------------------
5.2.7. The installation of electric security signalization
Type 2
SS92 = 2 points
---------------------------------------------------------------
Installation type 2 is implemented in a secure area within the range:
and spatial protection)
(b)) the jacket protection.
Manholes in the secure area of the border in the event of installation
electrical security signalization type 2 may not be
protected by a sheath of protection elements, if their bottom edge meets the
the following terms and conditions:
and is located at least) 5.5 m above the ground,
(b)) could not be simply for him to penetrate from the roof or for help
lightning conductors, eaves, window sills, other construction elements, landscaping
inequalities, trees or other structures.
---------------------------------------------------------------
5.2.8. The installation of electric security signalization
Type 1
SS92 = 1 point
---------------------------------------------------------------
Type 1 installation is realized in the scope of spatial protection
secure area.
Note to 5.2.5 to 5.2.8.:
Installation of electric security alarm systems shall comply with the
requirements according to the standards ČSN EN (CLC/TS) 50131 in Alarm
Security and emergency systems.
The output of the device reporting the electrical security alarm systems and
special television system must be escorted to the designated
for the permanent surveillance of the performance.
Control device of electric security alarm systems in a secure
the area must be independent of the control device, electric
security alarm systems in other secure areas or
other areas.
Installation of electric security alarm systems must be
verified by functional test by TNI 334591-3. The range of functional tests
is determined at least every 12 months in table A1 (grade 1). Functional
the test must be recorded in a book or on the operational Protocol
the test, which will be deposited with responsible persons or authorised persons.
5.2.9. The calculation of the SS9 by scoring SS91 and SS92
SS9 = (SS91 + SS 92)/2 x SS92/CLO
The value of mathematically rounded to SS9 is a whole number.
The maximum value of the SS9 may be 4.
OBL is a point value designated secure area categories:
-------------------------------------
Category point value
secure OBL
area
-----------------------------------
Top secret 4 points
Secret 3 points
Confidential 2 points
Reserved 1 point
------------------------------------
If it is in a secure area, ensure the permanent presence of at least 1
person is not necessary to install the device security
the alarm; in this case, the value of the SS9 = 4.
The resulting point rating level of device security
the alarm is given by the point rating used technical
the lowest resource type.
5.3. SPECIAL TELEVISION SYSTEMS
Special television systems used to capture, transmit and display
the movement of people and means of transport. Special television systems are not
certified by the Office.
Installation of special television systems must comply with the requirements of the standards
the series EN 50132-Alarm transmission systems and equipment-CCTV
tracking systems for use in security applications.
6.
PERIMETER PROTECTION
The border perimeter is formed around the perimeter of a physical barrier.
6.1. the PHYSICAL BARRIER
Physical barriers are required around the perimeter of the border object there,
where it allows her character. The design of access points (input
Bran) must be on the same security level as the physical structure
barriers (fences). All access points must be secured
the same standard of control of entry.
---------------------------------------------------------------
6.1.1. The physical barrier type 4:
Ss10 = 4 points
---------------------------------------------------------------
The physical barrier type 4 allows the observation of the adjacent terrain. If that is the
possible, it must be left around the protected object's 25-metre free
space. The minimum height of the vertical section of the barrier is 2.15 meter. Must
be designed and constructed so as to provide the greatest obstacle
against penetration of the breakthrough. The upper part of the barrier must ensure the protection of the
overcoming a two-sided against climbing-sloping Struts protruding out and
inward at an angle of 45 ° with a minimum length of 40 cm, which is across the
the length of the attached barbed wire. The physical barrier type 4 must be accompanied by
perimetrickým of the detection system.
---------------------------------------------------------------
6.1.2. The physical barrier type 3:
Ss10 = 3 points
---------------------------------------------------------------
The physical barrier type 3 allows the observation of the adjacent terrain. If that is the
possible, it must be left around the protected object's 25-metre free
space. The minimum height of the vertical section of the barrier is 2.15 meter. Must
be designed and constructed so as to provide the greatest obstacle
against penetration of the breakthrough. The upper part of the barrier must ensure the protection of the
overcome-climbing against unilateral diagonal Struts jutting out under the
an angle of 45 ° with a minimum length of 40 cm, which is after the whole length of the attached
barbed wire.
---------------------------------------------------------------
6.1.3. Physical barrier type 2:
Ss10 = 2 points
---------------------------------------------------------------
The physical barrier type 2 must provide a barrier against attempting to
overcome by climbing and against penetration of the breakthrough. The minimum height of the vertical
parts of the barrier is 2.15 meter.
---------------------------------------------------------------
6.1.4. The physical barrier type 1:
Ss10 = 1 point
---------------------------------------------------------------
The physical barrier type 1 corresponds to the fence without special security
of the requirements. The purpose of this fence is to indicate the borders and to ensure
the minimum level of deterrence or resistance. The physical barrier type 1 can
be made up of any type of material.
---------------------------------------------------------------
6.2. checking the entry in all the perimeter access points
SS11 = 1 point
---------------------------------------------------------------
6.3. Perimeter detection system (PDS)
---------------------------------------------------------------
6.3.1. Perimeter detection system (PDS)-certified:
SS13 = 2 points
---------------------------------------------------------------
Perimeter detection system is certified by the authority, and subject to the
It requirements set out in point 5.2. Annex.
---------------------------------------------------------------
6.3.2. Perimeter detection system (PDS)-necertifikovaný:
SS13 = 1 point
---------------------------------------------------------------
Perimeter detection system certified by the authority and is not subject to the
It requirements set out in point 5.2. Annex.
---------------------------------------------------------------
6.4. safety lighting of the perimeter:
Ss14 = 2 points
---------------------------------------------------------------
Requirements for the installation of security lighting, for example, result from the
the requirements of a special television system on the perimeter.
---------------------------------------------------------------
6.5. Special television system on the perimeter:
SS15 = 2 points
---------------------------------------------------------------
Special television system is certified by the Office.
The installation of a special television system must meet the requirements of the standards
the series EN 50132-Alarm transmission systems and equipment-CCTV
tracking systems for use in security applications.
7.
DEVICE ELECTRIC FIRE ALARM
Fire detectors must be connected to the control panel electrical fire
the alarm, or to switch the electrical security signalization. In
both cases must be the signal of the alarm led on the unit specified
for the permanent surveillance of the performance.
Device electric fire alarm system must comply with the requirements of the standards
the series EN 54-fire alarm.
Electric fire alarm devices are not certified by the Office.
8. the DEVICE USED to search for DANGEROUS SUBSTANCES or ARTICLES
A device used to search for dangerous substances or articles are
used on entry to an object or to a secure area of the category
Top secret, or in the rules area, which regularly discuss
classified information top secret classification.
A device used to search for dangerous substances or articles are not
certified by the Office. The report shall be used in the range:
1. Walk-through metal detector, with manual
detector of metal objects.
2. X-ray machine for checking luggage, documented the positive
Decision of the State Office for nuclear safety of the type approval
sources of ionizing radiation in accordance with Act No. 18/1997 Coll. on peaceful
the use of nuclear energy and ionising radiation and amending and supplementing
certain acts, as amended.
9.
DEVICE PHYSICAL DESTRUCTION OF INFORMATION OR DATA CARRIERS
------------------------------------------------------------------
9.1. the physical destruction of the means of delivery of information or data type 4:
without a point rating
------------------------------------------------------------------
Device physical destruction of the means of delivery of information or data of type 4 are intended
for the destruction of classified information classification of top secret or
lower. Device physical destruction of the means of delivery of information or data is
certified by the Office.
-----------------------------------------------------------------------
Information or data carrier the size of the waste particles
-----------------------------------------------------------------------
paper, polyester film with width = 0.8 mm particle <
the information in the original size,
metal, plastic, identification
cards, magnetic tapes, hard
disks, floppy disks, compact disks and
a similar carrier; length = 13.0 mm particle <
-----------------------------------------------------------------------
film of polyester with the imposition of the particle surface area = < 0.2 mm2
information in a reduced size as
microfilm, smart cards, memory
chips and similar media;
-----------------------------------------------------------------------
Device physical destruction of the means of delivery of information or data of type 4 are intended
also for the destruction of classified information to a foreign power classification Strictly
secret or lower.
---------------------------------------------------------------
9.2. the physical destruction of the means of delivery of information or data type 3:
without a point rating
---------------------------------------------------------------
Device physical destruction of information or data carriers of type 3 are intended
for the destruction of classified information classification of Secret or lower.
Device physical destruction of information or data carriers is certified
By the authority.
-------------------------------------------------------------------
Information or data carrier the size of the waste particles
-------------------------------------------------------------------
paper, polyester film with width = 2.0 mm particle <
saving information
in original size, metal,
plastic identification particle length = < 15.0 mm
card, floppy disk, compact
discs and similar media;
------------------------------------------------------------------
film of polyester with the imposition of the particle surface area = < 0.5 mm2
information in miniature
size as the microfilm,
smart cards and similar carriers
-------------------------------------------------------------------
Device physical destruction of information or data carriers of type 3 are intended
also for the destruction of classified information to a foreign power classification Strictly
secret or below only if the width of the waste particles up
1.5 mm.
---------------------------------------------------------------
9.3. the physical destruction of the means of delivery of information or data type 2:
without the scoring
---------------------------------------------------------------
Device physical destruction of information or data carriers of type 2 are intended
for the destruction of classified information confidential or a lower grade.
Device physical destruction of information or data carriers is certified
By the authority.
Information or data carrier the size of the waste particles
-----------------------------------------------------------------------------
paper, film cross-cut particles width = < 4.0 mm
of polyester with the imposition of a length = 80.0 mm particle <
the information in the original
size, metal, floppy disks,
compact discs and
a similar carrier; direct cut the width of the bar = < 2,0 mm
length of the bar = < 297,0 mm
the area of the particles = < 320,0 mm2
-----------------------------------------------------------------------------
plastic, etc. the width of the particles = < 4.0 mm
identification cards
length = 80.0 mm particle <
-----------------------------------------------------------------------------
the film particle surface area = < 1.0 mm2 of polyester with saving information in a reduced size as microfilm, smart cards, and similar carriers-----------------------------------------------------------------------------Note: applies only to the mass of the device with the power of > = 500 kg/h
Device physical destruction of information or data carriers of type 2 are intended
also for the destruction of classified information to a foreign power classification Confidential
and lower only if the width of the waste particles up to 3 mm and
maximum length of 25 mm. Surface treatment of the particulates must not exceed 60 mm2
with the exception of the means of delivery of information or data, where is a fixed area of the particles = <
1.0 mm.
---------------------------------------------------------------
5.8. the physical destruction of the means of delivery of information or data type 1:
without the scoring
---------------------------------------------------------------
Device physical destruction of the means of delivery of information or data of type 1 are intended
for the destruction of classified information classification Reserved. Device
the physical destruction of the means of delivery of information or data is certified by the Office.
--------------------------------------------------------------------------
The carrier of the information or the size of the waste particles
data
--------------------------------------------------------------------------
paper, film straight cut width = 6.0 mm bar <
of polyester with the
saving information bar length unlimited
in the original
size, metal,
floppy disk, compact surface particles = < 320.0 mm2
drives and similar
carriers;
--------------------------------------------------------------------------
Note:
* Applies only to the mass device with an output of 500 kg/h.
9.5. the physical destruction of information or data media type 0: no
the score
Device physical destruction of the means of delivery of information or data type 0 are intended
for the destruction of classified information classification of top secret or
lower. The destruction is used burning or melting down, taking the temperature,
that will be exposed, and the period of its operation, must lead to their
total destruction. The responsible person or the designated person, who carries out the
decommissioning of classified information shall ensure that the use of the method of burning
or melt, completely destroying the carriers and the impossibility of recovery
the classified information.
10.
THE DEVICE AGAINST PASSIVE AND ACTIVE EAVESDROPPING OF CLASSIFIED INFORMATION
In the rules area for the regular discussion of classified information degrees
the confidentiality of secret and top secret is protected by technical means
against passive and active eavesdropping classified information. This
the Office does not certify equipment.
Requirements to ensure the rules of the area against passive and active
interception:
against passive eavesdropping) must be provided in the rules area
sufficiently soundproofed walls, doors, floor and ceiling,
(b)) Windows, vents or air conditioning vents must be protected
technical means, certified by the authority. In the rules area must be
protected against the lip of the sites located outside the meeting area,
(c)) in the rules area must not be placed any furniture or
any device, if you have not undergone scrutiny, whether in the rules area
There is no illegal use of the technical means intended for
getting information (hereinafter referred to as "tour"). Furniture and equipment
the rules must be registered (including type, where appropriate, the serial and
the inventory number), including the history of the movement,
(d)) position the appliance in the area of telephone rules is not desirable. If
their installation is absolutely necessary, must be equipped with a circuit breaker
or disconnect them manually before the hearing,
(e)) in the rules area cannot be brought into mobile phones, any
recording equipment, broadcasting equipment, any testing, measuring and
diagnostic equipment, and other electronic devices (this does not apply in
If it is a device used in the defence performed
tours with the knowledge of the responsible person or authorised person),
(f)) for the reference area shall be processed by the rules for the registration and movement
people and equipment.
According to § 26 paragraph. 1 the law is obliged to request the Office of the person responsible for the
the implementation of the defence. The defense will be verified during inspection
deploy technical means against passive and active eavesdropping
the classified information.
Defence tour meeting areas are carried out within the time limits referred to in section 10
paragraph. 1 of this Decree, and further it is necessary to carry out the Defense always tour
after unauthorized entry or suspicion on him and after the departure of workers
carrying out maintenance or adjustments in the rules area.
Request for execution of the defence of the tour includes:
and the business name, the name), where appropriate, the name and surname if the applicant is
the entrepreneur or the name of the authority of the State, including identification numbers, if
It was allocated, the
(b) the address where the rules area),
(c)) of the assessment floor area and the height of the ceilings,
(d) the period of time envisaged the implementation of defence) tours,
(e) implementation of the defensive tour) the reason (e.g. due to tween furniture
or suspected unauthorized access),
(f)) name and surname of contact the worker and the contact link,
(g) the signature of the responsible person).
The requirements for the implementation of Defense inspections:
and the natural person conducting the defence) of the tour must be in possession of
valid certificate of physical persons for classification of Secret or higher,
(b)) on the progress of the defence of the tour should be a report containing:
1. the data about the authority of the State, that carries out the defensive tour
2. name of the company if the applicant is an entrepreneur or the name of the authority of the State
including identification numbers, if assigned, which uses
referred to in the rules area,
3. the address of the location in the rules area,
4. the date and time the defence examination,
5. a description of the rules area (controlled area), including the
photodocumentation,
6. the acts performed,
7. used the inspection, measuring and test equipment,
8. the results of the measurements,
9. the result of the (guest) defence of the tour.
Report on the progress of Defense inspections must be attached to the project
physical security.
11.
CONDITIONS FOR THE USE OF CERTIFIED TECHNICAL RESOURCES AFTER THE EXPIRY OF THE
THE PERIOD OF VALIDITY OF THE CERTIFICATE
Technical means for the protection of classified information must be newly
taken at the time of validity of the certificate.
After the expiry of the period of validity of the certificate may be a technical resource
for the protection of classified information used or deployed under the condition that
It is fully functional. This must be verified by the functional test. Time
the intervals are set out in section 10 of this Ordinance.
The mechanical barrier devices and the equipment for the physical destruction of the means of delivery
information and data, the functional test shall demonstrate writing signed by the responsible
person or authorised person. For other technical resources
functional test showing a test protocol (e.g., revision, a record in the
opening the book). The result of the tests shall be deposited with the person responsible
or authorised person.
12.
THE POINT VALUES OF THE LOWEST DEGREE OF SECURITY, PHYSICAL SECURITY
12.1. the table POINT VALUES MINIMUM EXTENT SECURITY SECURE
AREA
---------------------------------------------------------
The SECURE AREA of the level of risk
CATEGORY
Top Secret----------------------------
small medium large
---------------------------------------------------------
Mandatory: (S1) + (S2) + (S3) 10 11 13
Mandatory: (S4) + (S5) 6 7 7
Optional: (S6) 4 5 5
---------------------------------------------------------
The overall result of 20 23 25
---------------------------------------------------------
---------------------------------------------------------
The SECURE AREA of the level of risk
CATEGORY
Secret
---------------------------------------------------------
small medium large
---------------------------------------------------------
Mandatory: (S1) + (S2) + (S3) 8 9 10
Mandatory: (S4) + (S5) * 4 5 5
Optional: (S6) 4 5 5
---------------------------------------------------------
The overall result of 16 19 20
---------------------------------------------------------
The SECURE AREA of the level of risk
CATEGORY
Confidential
small medium large
---------------------------------------------------------
Mandatory: (S1) + (S2) + (S3) 6 8 9
Mandatory: (S4) + (S5) 2 3 3
Optional: (S6) 3 3 4
---------------------------------------------------------
The overall result of 11 14 16
---------------------------------------------------------
---------------------------------------------------------
SECURE AREA CATEGORY
Reserved
for storing classified information in
the components of an information system or
kryptografickém or resource that requires
Special arrangements for waste management
---------------------------------------------------------
Mandatory: (S1) + (S2) + (S3) 2
Optional: (S4) + (S5) (S6) + 1
---------------------------------------------------------
The overall result 3
---------------------------------------------------------
Note:
-Value (S5) must reach at least 5 points.
*-Value (S5) must reach at least 4 points.
Only one of the values (S1) (S2) or (S3) can be equal to 0.
Fixed object, secure area can make use of the business
related to the protection of classified information, only one authority of the State,
a legal entity or a natural person-entrepreneur.
Table point values for secure area Reserved category,
not used for storage of EU classified information in the components of the information
system or in the kryptografickém resource or not requiring special
the mode of loading, it is not necessary to handle. In this case, only one of the
values (S1) (S2) or (S3) may not be realized.
In a secure area Dedicated to storing
classified information in the components of the information system, is the point
the value of the lowest degree of security established as the minimum. Spot
the guest can be increased on the basis of the certification report information
system located in the secure area.
7.6. the table POINT VALUES of the LOWEST DEGREE of SECURITY RULES AREA
--------------------------------------------------------------------------
In the RULES AREA of the level of risk
for regular consultation
classified information degree classification
Top Secret
--------------------------------------------------------------------------
small střednívelká
--------------------------------------------------------------------------
Mandatory: (S2) + (S3) 6 6 7
Mandatory: (S4) + (S5) 6 7 7
Optional: (S6) 4 5 5
--------------------------------------------------------------------------
The overall result of 16 18 19
--------------------------------------------------------------------------
In the RULES AREA of the level of risk
for regular consultation
classified information degree classification
Secret
--------------------------------------------------------------------------
small střednívelká
--------------------------------------------------------------------------
Mandatory: (S2) + (S3) 5 5 6
Mandatory: (S4) + (S5) * 4 5 5
Optional: (S6) 4 5 5
--------------------------------------------------------------------------
The overall result of 13 15 16
--------------------------------------------------------------------------
Note:
-Value (S5) must reach at least 5 points.
*-Value (S5) must reach at least 4 points.
Value (S2) must be equal to 0.
Provided for in the rules area may benefit from the related activities
the protection of classified information, only one authority of the State, legal or
entrepreneurial natural person.
13.
PHYSICAL SECURITY OF INFORMATION SYSTEMS (IS)
If you are in a secure area or such part of the found object
the information system, which may include classified information, views
on this part of the information system as the security equivalent of
úschovného object (SS1). The identification together with the authorisation of the user
form the security equivalent of the lock object úschovného (SS2). The value of the
SS1 and SS2 you can use the table to the point values of the lowest degree of
security secure and rules area (point 12). In
justified cases, when the minimum required sum cannot be achieved
the values S1, S2 and S3 must be the component information system
secured certified electrical safety devices
the alarm, which corresponds to the setup type 4 in accordance with section 5.2.5.
Information systems that are used only for displaying, processing or
the transfer of classified information to the level of classification of the secret can be placed
inside the object outside the secured area or inside the object without
secure or in the rules area.
14.
THE STRUCTURE OF THE PROJECT, THE PHYSICAL SECURITY OF THE OBJECT CATEGORY TO BE CONFIDENTIAL AND
HIGHER
Content of the project physical safety is determined depending
on the category of the object or area in the range of staveném in section 32 of the Act in
paragraph. 1, 3, or 4.
14.1. RISK ASSESSMENT
Risk assessment includes:
and) specifications of assets-estimated the quantity of classified information
According to degrees of confidentiality,
(b) the determination of the various threats and) vulnerability and their evaluation,
(c) the determination of the overall risk level) as "small", "medium" or "large".
14.2. the DETERMINATION of CATEGORIES of OBJECT, SECURE AREAS and meeting
AREAS INCLUDING THEIR BOUNDARIES AND DETERMINATION OF CLASSES OF THE SECURE AREA
1. General introduction (address), a description of the premises/building (a description of the boundaries, the number of
buildings/number of storeys, inputs, or security), around (especially
objects, which could affect the safety of the foreign bodies in)
campus/building (number, where applicable, the name and focus of activities), the schema.
2. determination of the object and its type.
3. Determination of the boundaries of the object (in the area of location/building, the strength of the walls,
the inputs, the height of the window, the permanent surveillance of the unit).
4. A description of the object's security.
5. The border may want to object drawing parts of the technical documentation
physical security (section 14.3.2 where it.).
6. determination of the secure area, which is at an object,
their type, category and class. It is necessary to distinguish whether this is a
úložny classified information, workplace information system area
with a permanent presence here, working people, meeting room or
the combination of these types.
7. Determination of the borders secure and meeting areas (location in the
object, the strength of the walls, floors and ceilings, the inputs, the height of the lower edge of the
průlezných the holes above the surrounding terrain) and their depiction in the drawing
parts of the Technical documentation of the physical security (section 14.3.2 where it.).
8. For each of the secure area and process table scatter
assessment of physical security measures.
8.9. HOW to USE the MEASURES of PHYSICAL SECURITY
14.3.1. the table POINT EVALUATION MEASURES of PHYSICAL security in the
SECURE AND RULES AREA
The table header contains the following information:
and secure) the name (the rules) area
(b)) category and class of security
(c)) kind of rules depending on the area of classified information
are regularly discussed,
(d)) the purpose for which it has a secure area to serve.
--------------------------------------------- -------------------------- ----------------------
SECURITY MEASURES TYPBODOVÉ
VALUATION of the
--------------------------------------------- -------------------------- ----------------------
The storage objects * T 4-4 points the SS1 =
T 3-3 points
T 2-2 points
--------------------------------------------- -------------------------- ----------------------
Locks object úschovných * T 4-4 points SS2 =
T 3-3 points
T 2-2 points
--------------------------------------------- -------------------------- ----------------------
Storage object, including locking system * T 1-1 point S1 =
T-1A-1 point
T-1B-2 points
T-1 c-3 points
--------------------------------------------- -------------------------- ----------------------
Overall evaluation of the úschovného object and its S1 = S1 x = SS1 SS2
Castle
--------------------------------------------- -------------------------- ----------------------
Secure the T 4-4 points of SS3 =
T 3-3 points
T 2-2 points
* T 1-1 point
--------------------------------------------- -------------------------- ----------------------
Secure locking system the T 4-4 points SS4 =
T 3-3 points
T 2-2 points
* T 1-1 point
--------------------------------------------- -------------------------- ----------------------
The total valuation of the secure area and S2 = SS3 SS4 S2 = x
its locking system
--------------------------------------------- -------------------------- ----------------------
The object of T 4-4 points = S3
T 3-3 points
T 2-2 points
* T 1-1 point
--------------------------------------------- -------------------------- ----------------------
The system checks the entry of T 4-4 points
T 3-3 points = SS6
T 2-2 points
* T 1-1 point
--------------------------------------------- -------------------------- ----------------------
Visits in the object mode
and Visits to the accompaniment of) ad and)-3 point SS7 =
(b)) Visits unaccompanied * ad b)-1 point
(c)) Visits without checking the ad c)-not yet rated
--------------------------------------------- -------------------------- ----------------------
Overall evaluation of the control input S4 = SS6 SS7 + S4 =
--------------------------------------------- -------------------------- ----------------------
Surveillance * T 5-5bodů = SS8
T 4-4 points
T 3-3 points
T 2-2 points
* T 1-1 point
--------------------------------------------- -------------------------- ----------------------
Electrical security signalization * T 4-4 points
T 3-3 points
T 2-2 points = SS91
* T 1-1 point
--------------------------------------------- -------------------------- ----------------------
Installation of electric security * T 4-4 points = SS92
signaling * T 3-3 points
T 2-2 points
* T 1-1 point
--------------------------------------------- -------------------------- ----------------------
An intermediate result (SS 9) = SS9
--------------------------------------------- -------------------------- ----------------------
Overall evaluation of the surveillance of the S5 = + S5 = SS8 SS9
and the SEC.
--------------------------------------------- -------------------------- ----------------------
The physical barrier of T 4-4 points = SS10
T 3-3 points
T 2-2 points
* T 1-1 points
--------------------------------------------- -------------------------- ----------------------
Check the entry in the access points
perimeter = SS11
and the check is implemented) ad)-1 point
(b)) control is not implemented ad b)-0 points
--------------------------------------------- -------------------------- ----------------------
Random inbound and outbound tours
and inspection) are performed by the SS12 =
(b) inspection) are not carried out ad)-1 point
* ad b)-0 points
--------------------------------------------- -------------------------- ----------------------
Perimeter detection system (PDS) SS13 =
-Certified Office 2 points
-necertifikovaný Office 1 point
--------------------------------------------- -------------------------- ----------------------
Perimeter security lighting = SS14
2 points
--------------------------------------------- -------------------------- ----------------------
Special television system on the perimeter, 2 points
SS15 =
--------------------------------------------- -------------------------- ----------------------
Overall evaluation of protection perimeter S6 = (SS10 SS11 x) + SS12 +
SS13 SS14 SS15 S6 + + =
--------------------------------------------- -------------------------- ----------------------
The value of the variable S1 to S6 obtained by filling in the table
evaluation of measures of physical security in a secure area, it is necessary to
compare with point values minimum extent table security
secure and rules the area referred to in section 12. Annex
On the basis of this comparison it is necessary to determine whether the measures taken
physical security for a given level of risk, and the category secure
the area is sufficient.
On the basis of this comparison it is necessary to determine whether the measures taken
physical security for a given level of risk, and also on the degree of
classified information is regularly discussed in the rules area
sufficient.
Verify that each of the physical security measures applied and
evaluation of the risks of the project correspond to physical safety and legal
the legislation on the protection of classified information, performs responsible
person or authorised person.
Functional tests for electrical security systems shall be carried out according to the
TNI 3345 91-3. The range of functional tests and the time interval is set in the
table A1 (grade 1). Functional tests for other conditions
technical equipment provides the responsible person or authorised person.
Write about performing functional tests of the technical resources listed in
§ 30 paragraph. 1 of the Act shall be deposited with the person responsible or responsible for
of the person.
14.3.2 where it the TECHNICAL DOCUMENTATION the PHYSICAL SECURITY
This documentation is broken down into the following parts:
and) that contains the drawing documentation, in particular the designation of boundaries
object, each of the secure borders and meeting areas, and
the deployment of technical means intended for the protection of classified
the information in the object, and secure and meeting areas
(b) the Technical Documentation, resource) which provides, in particular,
1. enumeration of (name, number, and in the case of multiple types of one kind of technical
even the location of the resource)
2. a copy of the certificate and of the annex from the time of installation,
3. entries for the assessment of conformity of the time (specify the installation and specification
How to use).
8.9. OPERATING PROCEDURES
The operational order includes:
1. the rules for the movement of persons (including visitors) and transport
resources in the campus/building
2. the rules for the movement of persons (including visitors) and transport
in the resource object and secure areas
3. the rules for the movement of classified information in the object,
4. the rules for the treatment of operational technical documentation
resources containing guidelines for the use of technical means,
date of installation and fixing of the regular checks of technical functionality
resources (e.g. operational books, operating instructions EZS, special
tv system, EQ, EPS and equipment against passive and active
the interception, etc.),
5. rules for handling keys and identification devices from
the inputs to the object, and the secure area and with the keys from úschovných
objects. These rules shall address, in particular, the system and method of labelling,
allocation and presentation of these keys and identification devices,
their safekeeping and registration, how to lose, save for duplicates and
the rules for their use. In the event that the responsible person or the
the designated officer decided to store the key or identification resources
outside the object must keep a record of that fact and shall ensure
control of compliance with the rules of manipulation with the key or identification
resources outside the object. Similar rules should be laid down for
treatment with combinations of characters, used as a password zjednávající
access to secure areas or objects, úschovných objects,
6. Description of the measures for the protection of režimových meeting areas
7. the rules for establishing the number of members in the performance of security surveillance, how to
the performance of surveillance, in particular how to check persons and means of transport
When the input and output, method of implementation and the type of response the security guard stops
the alarm output report technical means; in the event that the
surveillance is exercised on the basis of the contractual relationship, it is necessary to attach
a copy of the contract.
14.5. the PLAN of the ZEBEZPEČENÍ OBJECT, SECURE AREAS and RULES AREA
IN CRISIS SITUATIONS
Description of the measures to minimize the threats and vulnerabilities that are described in the
Chapter evaluation of risks.
Guidelines for the protection of classified information in the event of an emergency
the situation.
15.
THE STRUCTURE OF THE PROJECT, THE PHYSICAL SECURITY OF THE OBJECT CATEGORY RESERVED
Content of the project physical security is fixed in the range
referred to in section 32, paragraph. 2 and 4 of the Act.
9.4. the determination of the OBJECT, SECURE AREAS, INCLUDING THEIR BOUNDARIES and classes
SECURE AREAS
1. Determination of the boundaries of the object (in the area of location/building, inputs, height
Windows, permanent surveillance of the unit).
2. Border may want to object to the drafting of Technical documentation
physical security (paragraph 15.2.1. of the annex).
3. determination of the secure area, which is at an object and
of their class. It is necessary to distinguish whether this is a úložny of classified
the information workplace information system, areas with permanent
the presence here of persons employed or a combination of these types.
4. determination of the boundaries of the secure area (the location of the object, the strength of the
the walls, floors and ceilings, the inputs, the height of the lower edge of the průlezných holes
above the surrounding terrain) and their depiction in the drafting of the technical
documentation of physical security (paragraph 15.2.1. of the annex).
9.4. HOW to USE the MEASURES of PHYSICAL SECURITY
How to use the measures of physical security describes:
and the way surveillance, performance)
(b) the measures taken by the regime), physical security (in particular the mode of movement
people, the movement of classified information and the rules for the handling of
keys).
15.2.1 the TECHNICAL DOCUMENTATION of the PHYSICAL SECURITY
This documentation is broken down into the following parts:
and) that contains the drawing documentation, in particular the designation of boundaries
object, each of the secure areas borders and layout
technical means intended for the protection of classified information in
the object and the secure areas.
(b) the Technical Documentation, resource) which provides, in particular,
1. enumeration of (name, number, and in the case of multiple types of one kind of technical
even the location of the resource)
2. a copy of the certificate and of the annex from the time of installation,
3. entries for the assessment of conformity of the time (specify the installation and specification
How to use)
.
In the secure area, where it stores the secret information classification
Dedicated in components of the information system or kryptografickém
the resource or that requires a special loading mode, further
processes referred to in section 14.3.1. table scatter evaluation measures
the physical security of the secure area.
Annex 2
THE NATIONAL SECURITY OFFICE
Post offices. bin. 49
Prague 150 06 56
------------------------------------------------------------------
National Security Authority issued pursuant to section 46 of the Act
No 412/2005 Coll., on the protection of classified information
and the security of the eligibility
CERTIFICATE
technical resource
Registration number:.. ...
...............................................
(Name and description of the technical resource)
Manufacturer:
Head Office/residence/place of business/address: IDENTIFICATION NUMBER/social security number
Holder:
Head Office/residence/place of business/address: IDENTIFICATION NUMBER/social security number
This certificate confirms validation of technical competence
resource type:
.....
The scores of the technical resource according to annex No 1
Decree No. 528/2005 Coll. on physical security
and certification of technical means:
.....
The certificate is valid until:
Date of issue of the certificate:
The imprint of the official stamp
Signature of authorized representative
Annex:
(Annex is an integral part of the certificate and can be reproduced
only).
1) section 27 of Act No. 412/2005 Coll., on the protection of classified information and on the
Security eligibility.
section 24, paragraph 2). 3 of law No 412/2005 Sb.
section 24, paragraph 3). 4 of law No 412/2005 Sb.
4) § 2 (b). (e)) of law No 412/2005 Sb.
5) § 2 (2). 7 of Act No. 219/1999 Coll., on the armed forces of the Czech
Republic, as amended.
6) § 25 paragraph. 1 of law No 412/2005 Coll. as amended by Act No. 255/2011 Sb.
7) section 6 (1). 1 and section 11 (1). 1 of law No 412/2005 Sb.
8) Law No. 22/1997 Coll., on technical requirements for products and amending
and additions to certain laws, as amended.
Act No. 102/2001 Coll., on general product safety and amending certain
laws (law on general product safety), as amended
regulations.
9) § 46 paragraph. 15 and section 52 of the Act No. 412/2005 Sb.
10) section 13 of Act No. 505/1990 Coll., on metrology, as amended
regulations.
11) section 14 of Act No. 22/1997 Coll.
Communication from the Ministry of industry and trade no. 272/1998 Coll.
