Šajā tīmekļa vietnē tiek izmantotas sīkdatnes. Turpinot lietot šo vietni, jūs piekrītat sīkdatņu izmantošanai. Uzzināt vairāk.
Teksta versija
LEGAL ACTS OF THE REPUBLIC OF LATVIA
home
 
Text consolidated by Valsts valodas centrs (State Language Centre) with amending regulations of:

31 August 2021 [shall come into force on 3 September 2021];
26 May 2009 [shall come into force on 3 June 2009].

If a whole or part of a paragraph has been amended, the date of the amending regulation appears in square brackets at the end of the paragraph. If a whole paragraph or sub-paragraph has been deleted, the date of the deletion appears in square brackets beside the deleted paragraph or sub-paragraph.

Republic of Latvia

Cabinet
Regulation No. 764
Adopted 11 October 2005

General Technical Requirements of State Information Systems

Issued pursuant to
Section 4, Paragraph two of the Law on State Information Systems

1. The Regulation prescribes the general technical requirements of the State information systems.

2. The general technical requirements of the State information system (hereinafter - the information system) shall be complied with in the management of the information and technical resources of the information system. The management task shall be to ensure:

2.1. the implementation of the information system functions specified in laws and regulations;

2.2. the security and development of the information system;

2.3. the movement of data in an integrated information system.

[31 August 2021]

2.1 In determining the non-functional technical requirements of the information systems, the information system manager shall comply with the minimum non-functional technical requirements specified in the Annex to this Regulation for the information systems and shall co-ordinate the exceptions with the Ministry of Environmental Protection and Regional Development (hereinafter - the Ministry) in accordance with the laws and regulations governing the supervision of development projects for the State information systems.

[31 August 2021]

3. The information system manager is responsible for the compliance with the general technical requirements of the information system.

[31 August 2021]

4. With regard to the information resources of the information system (a set of thematically related, structured information in electronic form at the disposal of the State authority which is included in the information system) and technological resources (a set of information and communication technology hardware or software units or a separate unit at the disposal of the State authority) the information system manager shall comply with the following requirements:

4.1. such software shall be used for the creation of an interface for the information system users which is not attached to specific technical equipment or to a specific operating system;

4.2. the information system shall use software in accordance with the requirements specified in the software licence;

4.3. the information system shall use software with which audit trails are performed when registering information about events in the information system in order to ensure the opportunity of evaluating their impact on the information system security;

4.4. the information system user interface shall ensure the opportunity of sending and receiving data using platform-independent file formats and data transmission protocols;

4.5. the information system documentation is sufficient in order for the authorised person of the information system manager to be able to make changes to the information system or completely restore the operation of the information system.

[31 August 2021]

5. When using the technological resources of information systems, the information system manager shall also comply with the following requirements:

5.1. they shall be used according to the requirements specified by the manufacturer;

5.2. they may be replaced with technical equipment offered by other manufacturers;

5.3. the use thereof shall ensure the security of the information system and the functioning of the information system in an integrated information system.

[31 August 2021]

6. Upon determining the requirements for the information and technological resources of information systems, the information system manager shall comply with the requirements specified in laws and regulations in the field of the circulation and storage of electronic documents.

[31 August 2021]

7. The information system manager shall ensure the implementation of the requirements specified by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

[31 August 2021]

8. If, when using the information system, the circulation of such information is ensured which, in accordance with the law On Official Secret, is recognised as an official secret object, the information system manager shall ensure the implementation of the requirements specified in this Regulation, insofar as it is not in contradiction with the laws and regulations regarding the protection of official secret objects.

[31 August 2021]

9. If, when using the information system, the circulation of such information is ensured which, in accordance with the Freedom of Information Law, is regarded as information for official use only, the information system manager shall ensure the implementation of the requirements specified in this Regulation, insofar as it is not in contradiction with the laws and regulations regarding the protection of information for official use only.

[31 August 2021]

10. The information system manager shall ensure the implementation of the requirements specified in this Regulation according to the State budget funds allocated for this.

[31 August 2021]

11. The Ministry shall supervise the implementation of this Regulation.

[31 August 2021]

12. The minimum non-functional technical requirements of the information systems referred to in the Annex to this Regulation shall apply to the information systems the establishment or significant transformation of which has been commenced after 1 October 2021.

[31 August 2021]

Prime Minister A. Kalvītis

Minister for Special Assignments
in Electronic Government Affairs J. Reirs

 

Annex
Cabinet Regulation No. 764
11 October 2005

Minimum Non-Functional Technical Requirements of Information Systems

[31 August 2021 / See Paragraph 12 of the Regulation]

1. Data opening requirements*
1.1. The information system requirements and draft project shall be created in accordance with the "open by default" principle, providing for a certain part of the system data classified as generally available information to be published in the form of open data in the Latvian Open Data Portal (https://data.gov.lv) (hereinafter - the Open Data Portal) or the State Unified Geospatial Information Portal (https://geolatvija.lv)
1.2. The publishing of open data is fully automated, following the standards, guidelines, and corresponding data publishing scenarios set out in the Open Data Portal
1.3. Data in the Open Data Portal shall be updated (re-published) once new data is available, concurrently assessing the need of users for up-to-date data availability

Note. * Shall not apply to the data relating to the State and public security, personal data, and data in accordance with the Freedom of Information Law.

2. Requirements for Data Storage and Movement
2.1. Information systems shall be designed and developed for the efficient and high-quality provision of State administration services in accordance with the single principle (on the submission and request of data/information) in such a way that the management of their collection and maintenance is the responsibility of the authorities which are primarily responsible for them (in primary data sources), ensuring effective management of controlled data movement in the State administration if any of the legal grounds specified in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) exist and in accordance with the procedures specified in laws and regulations - also outside the State administration. The principles specified in the State Administration Structure Law and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) shall be complied with in the movement of the data of State administration institutions
2.2. The State information systems' integrator (SISI) shall be used for the controlled movement of data among different State administration authorities, and also for the controlled movement of data outside the State administration, applying the most appropriate technical solution proposed by the integrator (including the data distribution network (DDN), the service gateway and the data aggregator (DGR)) to specific data movements. Where the transfer of data takes place only between two State administration institutions, the use of the State information systems' integrator (SISI) is not compulsory
2.3. The technological solutions and operational processes of the information system shall have permanently available data to be disseminated in accordance with the level of availability required by their users and contracted by the service, unless the data availability function has been transferred to the data aggregator (DGR) of the State information systems' integrator. The technological solutions of the information system shall ensure that data are available from the interfaces used previously, at least until functionally appropriate interfaces are transmitted to SISI (including the DGR)
2.4. In order to ensure efficient (i.e. automated) data movement in the State administration, the priority of programmable interfaces (including API first principle) shall be taken into account when programming and developing information systems. Software interfaces and web services providing them shall be published in the integrators of authority, industry or national level (i.e. SISI services gateway) depending on the scope of the intended use of the relevant interface
3. Identification Requirements for Information System Users
3.1. Users shall be provided with the ability to use identification tools appropriate to their level of protection, avoiding the use of single-factor means (passwords) as a means of authentication and taking into account the requirements of the Law on Electronic Identification of Natural Persons and Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (eIDAS Regulation)
3.2. In the information systems for which the level of protection of the information to be processed or the limitations of the technical solutions require a higher level of security for authentication as the directory or end-equipment used for identification, the State administration employees shall use qualified or increased security-level qualified electronic identification means for identification in production environments
3.3. Information systems, service sites, and portals providing for the identification of users of more than one institution shall provide identification possibilities with electronic identification means complying with system security requirements, including national, qualified, and increased security-level qualified identification means. If the use of other types of multi-factor identification means (such as bank eID means) is also permitted for the extension of the digital service users, it shall be technically provided through the single application service of the State Regional Development Agency (hereinafter - the Agency)
3.4. For information systems, service sites, and portals which, in accordance with the requirements of the eIDAS Regulation, must also be accessed through the electronic identification means notified by other EU Member States, it shall be technically provided through the single application service of the Agency
4. Application Software Sharing and Architecture Requirements
4.1. When developing specialised application software solutions, the architectural requirements of effective sharing, re-use, and modular, interoperable, and ICT infrastructure efficient software solutions shall be complied with
4.2. The functionality of the information system shall be created by optimally and efficiently using available sharing services and reusable software solutions and components at European Union level (information on the EC website Joinup https://joinup.ec.europa.eu/ and the Ministry website www.varam.gov.lv) and at Latvian level (information on the Agency's website https://viss.gov.lv/ and the Ministry website www.varam.gov.lv)
4.3. When developing information systems and concluding contracts regarding the development of commissioning software, the conditions of the contract shall provide for the transfer of ownership rights of authors which guarantees the software development customer - the Republic of Latvia - the right to take over, legally and effectively, the performance of the contract after termination of the contract and to continue the activities provided for in the contract or to transfer them to another supplier
4.4. Sharing services (see also Sub-paragraphs 3.3, 3.4, and 4.2 of this Annex), also including State administration data publishing (see Sub-paragraph 1.2 of this Annex) and controlled data movement (see Sub-paragraph 2.4 of this Annex) services, shall be used in the technical solution thereof for ensuring the functionality required for the information system. Use of shared functionality in user interface solutions is also allowed in the form of embedded components
4.5. Open code platforms and solutions shall be used when developing new information systems. Their technological solutions shall meet the requirements of a modern ICT architecture which is modular, interoperable, and efficiently uses ICT infrastructure in accordance with the technology architecture guidelines for specialised application software published by the Ministry. The abovementioned requirements also apply to the conversion of existing information systems or parts thereof by replacing the software code
4.6. The architectural requirements and design of the application software, including the platforms to be used and the requirements of support and licensing, shall be coordinated with the ICT infrastructure sharing service provider whose services will be used
5. Requirements for the Use of ICT Infrastructure Services
5.1. ICT infrastructure sharing services shall be used to operate the information system
5.2. Information systems shall not impose specific requirements on end-user equipment and their preparation for the operation of the system. The user interfaces of the information system are fully functional in both computer and mobile equipment browsers. The requirements for end-user equipment of the information system shall be co-ordinated with the computerised workplace development plan and the service provider. The requirements shall not apply to the information systems whose architecture prevents the replacement of technical equipment and need not apply to specialised information systems for a narrow range of users (for example, accounting information systems used by accountants alone)
5.3. High value added computing infrastructure services shall be used during the whole life cycle of the information system, starting with the development and testing of the information system, and these services shall include automation in the management of software items, including the preparation and application of releases, testing automation, and performance monitoring
5.4. The information system uses, in accordance with its performance and operational continuity requirements, computing capacity scalability, capacity splitting, and reservation capabilities provided by computing infrastructure services and effectively releases the reserved computing capacities when they are not in use
5.5. The planned specifications for computing infrastructure services shall be coordinated with the service provider whose services are intended to be used

Translation © 2022 Valsts valodas centrs (State Language Centre)

 
Document information
Title: Valsts informācijas sistēmu vispārējās tehniskās prasības Status:
No longer in force
no longer in force
Issuer: Cabinet of Ministers Type: regulation Document number: 764Adoption: 11.10.2005.Entry into force: 15.10.2005.End of validity: 01.01.2023.Publication: Latvijas Vēstnesis, 164, 14.10.2005.
Language:
LVEN
Related documents
  • Has ceased to be valid with
  • Amendments
  • Issued pursuant to
118986
{"selected":{"value":"03.09.2021","content":"<font class='s-1'>03.09.2021.-31.12.2022.<\/font> <font class='s-2'>V\u0113sturisk\u0101<\/font>"},"data":[{"value":"03.09.2021","iso_value":"2021\/09\/03","content":"<font class='s-1'>03.09.2021.-31.12.2022.<\/font> <font class='s-2'>V\u0113sturisk\u0101<\/font>"},{"value":"03.06.2009","iso_value":"2009\/06\/03","content":"<font class='s-1'>03.06.2009.-02.09.2021.<\/font> <font class='s-2'>V\u0113sturisk\u0101<\/font>"},{"value":"15.10.2005","iso_value":"2005\/10\/15","content":"<font class='s-1'>15.10.2005.-02.06.2009.<\/font> <font class='s-2'>Pamata<\/font>"}]}
03.09.2021
87
0
  • Twitter
  • Facebook
  • Draugiem.lv
 
0
Latvijas Vestnesis, the official publisher
ensures legislative acts systematization
function on this site.
All Likumi.lv content is intended for information purposes.
About Likumi.lv
News archive
Useful links
For feedback
Contacts
Mobile version
Terms of service
Privacy policy
Cookies
Latvijas Vēstnesis "Everyone has the right to know about his or her rights."
Article 90 of the Constitution of the Republic of Latvia
© Official publisher "Latvijas Vēstnesis"
ISO 9001:2015 (quality management system)
ISO 27001:2013 (information security)