Cabinet of Ministers Regulations No. 327 in Riga in 2011. April 26 (Mon. No 27 10. §) rules on electronic communications operators the information to be included in the action plan, enforcing this plan and the order in which end users are temporarily closed access to electronic communication network in accordance with the Issued information technology Security Act 9 the second subparagraph of article i. General provisions 1 the questions determines: 1.1. information that electronic communications merchant providing public electronic communications networks, including the action plan of the electronic communications network for continuous operation (hereinafter referred to as the action plan);
1.2. the action plan for the control of execution of the order;
1.3. the order in which end users are temporarily closed access to the electronic communications network.
II. information to be included in the action plan and plan follow-up plan of action 2 contained the following information: 2.1 the General information about the electronic communications operator, its legal address and electronic mail address;
2.2. the person (or Department) that provides electronic communication network security measures, and contact information (telephone number, fax number, e-mail address);
2.3. electronic communications network construction and a general description of the scheme;
2.4. network risk analysis;
2.5. the order of response to security incidents and other types of injury or offences that endanger the functioning of the electronic communications network (technical and organisational measures);
2.6. the electronic communications network, a description of the recovery measures (technical and organisational measures).
3. The provisions of paragraph 2 shall not apply to electronic communications operators who created critical infrastructure security measures regulatory documents in accordance with the Cabinet's February 1, 2011 regulations No 100 "information technology security measures for critical infrastructure planning and implementation modalities".
4. If the electronic communications network is included in the overall critical infrastructure as critical infrastructure of information technology, its owner or legal possessor shall notify the information technology security incident prevention institution (hereinafter security incident prevention body) month after the date of entry into force of these regulations. The notice shall contain the following information: 4.1 General information the electronic communications operator, its legal address and electronic mail address;
4.2. the person responsible for information technology security, critical infrastructure and its contact information (telephone number, fax number, e-mail address).
5. the action plan shall be developed within six months after the entry into force of these regulations.
6. If the information contained in the action plan is changed, the updated action plan.
7. a copy of the action plan within one month after its approval or escalation sends security incident prevention institution. Send a copy of the action plan, the electronic communications operator will indicate if the information it contains is considered to be limited by the availability of information.
8. security incident prevention institution assess the action plan and, where the non-compliance with the provisions of paragraph 2, the above requirements, please contact the operator of the relevant electronic repairs according to instructions within a time limit of not less than a month.
9. security incident prevention institution collects this provision 2.1. and 2.2. action plans referred to in the information and it is used in implementing information technology security tasks defined in the law and rights.
III. Procedure for end users is temporarily closed access to electronic communication network 10. the electronic communications operator to close the end user access to electronic communication network (hereinafter referred to as the request) security incident prevention institution shall send to the electronic communications operator's e-mail address that is specified in the public service Regulatory Commission Merchant in the registration statement, and the e-mail address that is specified in the action plan in accordance with the provisions of section 4.2 or 2.2. Request signature security incident prevention institutions authorised person with a secure electronic signature.
11. security incident prevention institution on the fact of sending by phone shall inform the relevant trader of electronic communications and the national police.
12. a request shall indicate: 12.1. detailed information about the actions that are performed using the end-user access to electronic communications networks, and which undermine the legitimate rights of other users or information system, or the security of electronic communications networks (information about other affected users, information systems or electronic communication networks and description of injury);
12.2. the period of time for which the end-user access to those electronic communications network (the time period may not be longer than the information technology security law).
13. End user's rights from electronic communications merchant or security incident prevention authorities to receive information on the reasons why it has closed access to the electronic communications network and the duration of the trip, according to the information in the request.
14. The electronic communications operator disconnects the end user of the electronic communications network within hours of receipt of the request.
15. End-user unlocked from electronic communication networks so that this action affected the least possible number of other end users.
16. upon request, the end of the period specified in the electronic communications operator renewed end user access to electronic communication network.
IV. final question 17. provisions applicable to the 1 May 2011.
Informative reference to European Union Directive provisions included in the law arising from the European Parliament and of the Council of 25 November 2009. directive 2009/140/EC, amending Directive 2002/21/EC on a common regulatory framework for electronic communications networks and services, Directive 2002/19/EC on access to electronic communications networks and associated facilities connection and Directive 2002/20/EC on the authorisation of electronic communications networks and services.
Prime Minister v. dombrovsky traffic Minister, Minister for education and science r. Brok