Number: 58 /2015/TT-BQP
THE SOCIALIST REPUBLIC OF VIETNAM.
Hanoi, July 8, 2015
IT ' S SMART
Issued Q The intention of coordinating the operation and the emergency response. computer network in Q The people of the people. V. All right N a Go.
The Basic Law Executive Act of 2008;
The Information Technology Act of 2006;
2009 Telecommunications Law.
The Basic Law Base in 2011;
Base of Protocol 64 /2007/ND-CP April 10, 2007 of the Government on the Application of Information technology in the operation of the state agency;
Base of Protocol 72 /2013/NĐ-CP July 15, 2013 of the Government on Management, Provides, uses Internet services and information on the network;
Base of Protocol 35 /2013/ND-CP April 22, 2013 of the Government on the stipulation of functions, duties, powers, and organizational structure of the Ministry of Defense;
At the suggestion of the Chief of the General Staff of the People's Army of Vietnam;
The Minister of Defense decides.
Number one. It is accompanied by the Executive Committee of the Coordination Operations and Computer Network incident in the People's Army of Vietnam.
Second. It has been in effect since 24 August 2015.
Third. General Chief of Staff, Commander of the relevant agencies, units and individuals in the Army is responsible for this operation.
COORDINATING OPERATIONS AND COMPUTER NETWORKING INCIDENTS
THE MEN ' S ARMY.
(The Board is attached to the Digital Information 58 /2015/TT-BQP July 8, 2015 by the Secretary of Defense
This regulation regulates the network of computer networking incidents in the Vietnam People's Army (QDNDVN); coordinating operations and computer networking incidents in the QNDVN; the responsibility of the agencies, units, individuals with regard to coordinating operations. And the computer networking incident in the QNDVN.
This provision applies to agencies, units, individuals with regard to coordinating operations and the recovery of computer networking incidents in QDNDVN and agencies, units, individuals, operators, operators, operators of computer networking in the QDDVN.
In this Regulation, the words below are understood as follows:
1. Computer networking in the People's Army of Vietnam. is the general concept used to refer to the military computer network, the Internet used in the Army.
2. Military computer network. is the computer network designed dedicated to serving management, command, operator, and control of weapons, technical equipment in the QDDVN; not connecting the Internet and other business networks. The military computer network includes the internal computer network of the agencies, units; extensive computer networks in the Ministry of Defense; the network of military data and resources on the computer network.
3. The Internet is used by the Army. is the computer network in the agencies, the unit that is connected to the Internet and the applications, services of the agencies, units on the Internet.
4. Computer networking incident (the so-called incident) is the incident, which is or is likely to occur insecurity of information discovered through monitoring, assessment of the analysis of the agencies, organizations, individuals involved or being warned from experts, agencies, operational units, and other activities, the report said. in the field of information safety.
5. Serious incident. is that the incident is likely to occur on the broad, rapid spread; potentially undermining the computer network system in the QDNDVN; which requires coordination of multiple agencies, units in the Ministry of Defense or of the nation to resolve.
6. Computer network incident (abbreviated as network) is the set of agencies, units, organizations that are obliged to participate in the operation of computer networking incidents.
7. Network members are the agencies, units, organizations that participate in the operation of computer networking incidents.
1. Coordinate the incident-based incident rescue operation, according to the area, within the jurisdiction.
2. The organization of computer networking incidents must be on the correct process of saving the incident based on properties, levels, scope and cause of the incident; quick, accurate, timely, effective, and safe information.
3. Information is exchanged, provided during the delivery process, handling the incident must be secured secretly at the request of the agency, the unit meets the incident unless the incident occurs is associated with many other objects that require warning, reminder.
4. The network of computer networking incidents located within the network of national computer networking incidents led by the Ministry of Information and Media, directed by the agency.
COMPUTER NETWORK INCIDENT
1. Members of the network of computer networking incidents including:
a) Department of Information Technology/General Staff;
b) Military Security Protection/Political Bureau;
c) The Directorate of General Staff;
e) Army Telecom Group;
g) The management of information technology in the agencies, units; and
h) The rescue team rectify the National Defense Department's national focus on infrastructure.
2. The network member has the right and obligations to share information, experience, participate in the operation of the incident aid, participate in training courses, fostering the incident of the incident.
1. Bureau of Information Technology/Ministry of General Staff is the coordinating body of the application activities of the computer network incident operator network (referred to as the coordinating body) functions:
a) Directing, a career guidance on the operation of coordination and the incident of incident; has the right to operate other members of the network of applications involved in preventing, handling and remediation of incidents within the Ministry of Defense;
b) The decision to form the coordination of the operation of the incident and be responsible for the coordination requirements;
c) The exchange of information, the attempt to save the incident with the organization of computer incidents in the country, international, and Internet service providers.
2. The Task Force/Bureau of Information Technology is the department receiving information that requires the incident of the incident and carried out an order to coordinate the operation of the operation in the entire army.
1. The attempt to save the incident is that the individual or the department is allowed on behalf of the network member to contact and exchange information with other network members in the incident of the incident.
2. The network member has the responsibility to organize the head of the incident and announce the head of the investigation into the coordinating body.
3. The attempt to save the incident is responsible for receiving the coordination information, exchange of incident information with the coordinating body and unit of the incident.
4. Individuals who do the first attempt to save the incident must have a professional level, a career skills to perform incident-rescue operations and have to secure communications throughout the continuity.
COORDINATION, COMPUTER NETWORKING INCIDENT
1. Agency, unit when meeting the incident without self-remediation must announce the incident to one or more of the following network members:
a) The coordinating body;
b) The network member is responsible for saving the incident for the agency, that unit (if any);
2. When the detection of a serious incident, the agency, the unit must have the responsibility to inform the coordinating agency.
3. The event announced the incident:
a) Information describing the incident;
b) The measures have been reparable;
c) Other information at the requirements of the Coordination Authority;
d) recommendations and suggestions.
4. The co-ordinated regulatory agency announced the incident.
1. The network member receives a responsible incident message:
a) Processing of incident information and feedback within 12 hours for the agency, unit, individuals sent notice to confirm of the received notice of the incident;
b) Work on the incident in its capacity and responsibility, report the results of the incident handling of the regulatory body according to regulation;
c) The time to report the incident to the coordinating agency if you can't handle it.
2. The Coordination Authority announces the incident notification of responsibility:
a) Make a coordinating request to a network member to participate in the event of the incident when necessary;
b) The mobiles of other resources, invite experts to participate in the event of the incident when necessary.
c) The Chief of Staff of the General Staff to mobilize the forces outside of the Army involved in the application of computer cyber incidents in the Vietnam People's Army as needed.
1. The Coordination Authority is responsible for organizing the co-ordination in accordance with the procedure, the regulation of the operation of the operation of the computer network incident due to the authority of the authority.
2. The network members are responsible for collaborating and participating in the operation of computer networking incidents and the national critical information system at the request of the coordinating body.
3. The agencies, the unit meeting the incident must coordinate with the coordinating body and network member during the execution of the coordination and the incident response.
1. The network member who organizes the application in accordance with the procedure, the regulation of the incident aid issued by the competent authorities.
2. The network member takes over the requirement for coordination; in close coordination with the unit where the incident and the members of the team join the emergency team to perform an improvised operation in accordance with the requirements of the coordination.
3. The network member regularly reports the outcome of the outcome of the investigation into the correct regulatory agency.
4. The attempt to save the incident ends with the recovery of the incident and the system is back to normal.
5. After the recovery of the incident, the network member participating in the application must be responsible:
a) Runder, determining the underlying cause of the incident;
b) The organization examined and remedied the incident;
c) Make sure the system works normally before the entire system is handed over to the agency, the master unit.
At the end of coordinating activity, the incident response, a network member participating in the application for aggregation of the results of the results of the rescue operation; the organization withdrew the operation to deploy the recovery attempt; report the results, the petition. (if any) with the coordinating agency.
THE RESPONSIBILITY OF THE AGENCIES, UNITS, INDIVIDUALS
1. Host the construction, report of the Chief of the General Staff to issue or grant authorship to issue regulatory documents, guidelines for coordinating operations and computer networking incidents.
2. Take on, handle the incident information; host the organization that coordinates the operation of the computer networking incident.
3. Build and implement the monitoring of the monitoring, detection of the incident; organization of coordinating operations and computer networking incidents; construction of management databases, which focuses on coordinating operations and incidents of incident.
4. Overall, announced to the members of the network of information, warning, resolution of weak points, security gaps; the risk of loss of safety on the computer network.
5. Training organization, career guidance, coordinating activities and computer networking incidents.
6. The operation management of the Rescue Service serves as the National Defense Department's national key infrastructure; mobiles the forces in the network ready to participate in the defense of national critical information systems.
7. Coordinate with the agencies, the management unit, the operation of national key information systems; the agency, the unit, the organization of the rescue operation outside the Army to build a coordinated mechanism, the incident of the rescue of the incident.
8. Coordinate with the Department of Finance/Ministry of Defense and the agencies, the research-related unit, the insurance source layout for coordinating operations and computer networking incidents.
9. Representative to the Ministry of Defense organizes the force involved in the operation of an incident in addition to the Army at the request; participation in international cooperation on the coordination and rescue of the incident.
1. Coordinate with the Information Technology/BTTM Information Administration and the relevant agencies in the operation of the computer networking incident, the national critical information system.
2. Investigate, verify that the organization, the individual who loses information security or uses the operation of a computer network incident to steal data, reveals information.
1. Build the methods and organize the problem of computer network security security systems.
2. Coordinate with the Information Technology Agency/BTTM in the operation of computer networking incidents, the national key information system that is related to the system, computer network security device.
1. Building the methods and organizations to save the digital network infrastructure.
2. Coordinate with network membership in the provision of information, technical support of the recovery of incidents involving the data transmission network.
3. Coordinate with the Information Technology Agency/BTTM in the operation of the computer networking incident, the national critical information system.
4. Secure the contact information for coordinating operations and computer networking incidents when required.
1. The organization performs the incident of the incident for Internet products, services, and infrastructure provided by the Army Telecommunications Corporation for agencies, units.
2. Participate in the operation of computer networking incidents and the national critical information system under the Coordination of the Coordination Authority.
3. Provide information, technical support for the incident in connection with the Internet infrastructure, service of the Army Telecommunication Corporation.
4. Implemonation of the Vietnam Internet incident in accordance with the provisions of the Ministry of Information and Communications.
1. Information technology management agency:
a) The conduct of the implementation of the operation of the incident in the scope of its responsibility;
b) The time of mobiling the amount of information technology at the site and deploying the solutions that fix the incident;
c) The message with the coordinating body to be instructed, supports the aid of the force in charge;
d) Provide full information and close coordination with the coordinating body, network member participating in the attempt to rectify the incident;
e) Define the cause, the organization to withdraw experience and deploy assurance solutions to not repeat the incident;
2. The agency, the management unit, exploit, use the computer network:
a) Apply the measure, the technical solution aimed at monitoring the system, which has the method of corrects the incident and the deployment of information safety assurance solutions;
b) Provides and actively coordinate with the network members of the incident application network in the detection, prevention and disposal of the incident.
1. Individual participation in the event of the incident is responsible:
a) Compliance procedure, the measure that has been unified;
b) At the time of the report to the person with authority on the unusual signs during the recoverable process;
c) Do not use the attempt to save the incident to steal the data, causing the system's data exposure.
2. Personal management, operation, operator network exploitation:
a) There must be time to report to the information technology regulator about the unusual signs, the incident happened;
b) The active provider of information and integration in the operation of the incident.
The Bureau of Information Technology/Ministry of General Staff, in coordination with the relevant authorities agency, examines the implementation of the agency, unit and individual in the Army; in time to detect and coordinate with the relevant authorities that deal with the relevant authorities. case of violation of this Regulation.
1. Command of the agencies, units within the range of functions, duties, their powers in charge of the radical, guidance, execution, inspection, supervision, and the administration of this Regulation.
2. During the implementation of this Regulation, if the development is entangled, inadequate; the agency, the report unit on the General Staff (via the Information Technology Bureau) to synthesize, report the Secretary of Defense amended, supplemat./.