Šajā tīmekļa vietnē tiek izmantotas sīkdatnes. Turpinot lietot šo vietni, jūs piekrītat sīkdatņu izmantošanai. Uzzināt vairāk.
Teksta versija
LEGAL ACTS OF THE REPUBLIC OF LATVIA
home
 
The translation of this document is outdated.
Translation validity: 06.05.2011.–07.02.2019.
Amendments not included: 05.02.2019.

Republic of Latvia

Cabinet
Regulation No. 327

Adopted 26 April 2011

Regulations Regarding the Information to be Included in the Action Plan of a Merchant of Electronic Communications, the Control of the Implementation of Such Plan and the Procedures, by which End Users shall be Temporarily Disconnected from the Electronic Communications Network

Issued pursuant to
Section 9, Paragraph two
of the Law On the Security of Information Technologies

I. General Provision

1. This Regulation prescribes:

1.1. the information to be included by merchants of electronic communications, which provide a public electronic communications network, in the action plan for the provision of continuous operation of the electronic communications network (hereinafter - action plan);

1.2. the procedures for control of the implementation of the action plan;

1.3. the procedures, by which end users shall be temporarily disconnected from the electronic communications network.

II. Information to be Included in the Action Plan and Control of the Implementation of the Plan

2. An action plan shall include the following information:

2.1. general information regarding the merchant of electronic communications, the legal address and electronic mail address thereof;

2.2. the person (or unit) ensuring the implementation of security measures of an electronic communications network and contact information thereof (telephone number, fax number, electronic mail address);

2.3. a general description and scheme of the structure of an electronic communications network;

2.4. a risk analysis of an electronic communications network;

2.5. the procedures for response to security incidents and damages and offences of other types, which endanger the operation of an electronic communications network (technical and organisational measures);

2.6. a description of measures for restoration of operation of an electronic communications network (technical and organisational measures).

3. Paragraph 2 of this Regulation shall not apply to merchants of electronic communications, which develop documents regulating security measures for the critical infrastructure of information technologies in accordance with Cabinet Regulation No. 100 of 1 February 2011, Procedures for the Planning and Implementation of Security Measures for the Critical Infrastructure of Information Technologies.

4. If an electronic communications network has been included in the aggregate of the critical infrastructure as the critical infrastructure of information technologies, the owner or legal possessor thereof shall, within a month after coming into force of this Regulation, notify the Information Technologies Security Incidents Response Institution (hereinafter - Security Incidents Response Institution) thereof. The notification shall include the following information:

4.1. general information regarding the merchant of electronic communications, the legal address and electronic mail address thereof;

4.2. the person responsible for the security of the critical infrastructure of information technologies and contact information thereof (telephone number, fax number, electronic mail address).

5. The action plan shall be drawn up within six months after coming into force of this Regulation.

6. If the information included in the action plan is changed, the action plan shall be updated.

7. A copy of the action plan shall be sent to the Security Incidents Response Institution within a month after approval or updating thereof. When sending a copy of the action plan, the merchant of electronic communications shall indicate whether the information included therein is deemed restricted access information.

8. The Security Incidents Response Institution shall evaluate the action plan and, if it establishes a non-conformity with the requirements referred to in Paragraph 2 of this Regulation, request the relevant merchant of electronic communications to make corrections according to instructions within the time period specified thereby, which is not less than one month.

9. The Security Incidents Response Institution shall compile all the information included in action plans referred to in Sub-paragraphs 2.1 and 2.2 of this Regulation and use it in implementation of the tasks and rights specified in the Law On the Security of Information Technologies.

III. Procedures, by which End Users shall be Temporarily Disconnected from an Electronic Communications Network

10. The Security Incidents Response Institution shall send a request for an merchant of electronic communications to disconnect an end user from an electronic communications network to the electronic mail address of the merchant of electronic communications, which has been indicated in the registration notification of the merchant submitted to the Public Utilities Commission, and to the electronic mail address, which has been indicated in the action plan in accordance with Sub-paragraph 2.2 or 4.2 of this Regulation. The request shall be signed by an authorised person of the Security Incidents Response Institution with a secure electronic signature.

11. The Security Incidents Response Institution shall inform the relevant merchant of electronic communications and the State Police by telephone regarding the fact that a request has been sent.

12. The following shall be indicated in the request:

12.1. detailed information regarding activities, which are performed using the connection of the end user to the electronic communications network and which pose significant threats to the lawful rights of other users or to the information system, or to the security of electronic communications networks (information regarding other affected users, information systems or electronic communications network and description of the damage caused);

12.2. the time period, for which the end user should be disconnected from the electronic communications network (the time period shall not exceed the time period specified in the Law On the Security of Information Technologies).

13. The end user has the right to receive information from the merchant of electronic communications or the Security Incidents Response Institution regarding the reason why it is disconnected from the electronic communications network and the duration of disconnection according to the information indicated in the request.

14. The merchant of electronic communications shall disconnect the end user from the electronic communications network not later than within an hour after receipt of the request.

15. The end user shall be disconnected from the electronic communications network is such a way that this action would affect as few end users as possible.

16. After the end of the time period indicated in the request the merchant of electronic communications shall restore the access of the end user to the electronic communications network.

IV. Closing Provision

17. This Regulation shall apply as of 1 May 2011.

Informative Reference to the European Union Directive

This Regulation contains legal norms arising from Directive 2009/140/EC of the European Parliament and of the Council of 25 November 2009 amending Directives 2002/21/EC on a common regulatory framework for electronic communications networks and services, 2002/19/EC on access to, and interconnection of, electronic communications networks and associated facilities, and 2002/20/EC on the authorisation of electronic communications networks and services.

Prime Minister V. Dombrovskis

Acting for the Minister for Transport,
Minister for Education and Science R. Broks

 


Translation © 2013 Valsts valodas centrs (State Language Centre)

 
Document information
Title: Noteikumi par elektronisko sakaru komersantu rīcības plānā ietveramo informāciju, šā plāna izpildes .. Status:
In force
in force
Issuer: Cabinet of Ministers Type: regulation Document number: 327Adoption: 26.04.2011.Entry into force: 06.05.2011.Applicability: 01.05.2011.Publication: Latvijas Vēstnesis, 69, 05.05.2011.
Language:
LVEN
Related documents
  • Amendments
  • Issued pursuant to
  • Annotation / draft legal act
229559
{"selected":{"value":"08.02.2019","content":"<font class='s-1'>08.02.2019.-...<\/font> <font class='s-3'>Sp\u0113k\u0101 eso\u0161\u0101<\/font>"},"data":[{"value":"08.02.2019","iso_value":"2019\/02\/08","content":"<font class='s-1'>08.02.2019.-...<\/font> <font class='s-3'>Sp\u0113k\u0101 eso\u0161\u0101<\/font>"},{"value":"06.05.2011","iso_value":"2011\/05\/06","content":"<font class='s-1'>06.05.2011.-07.02.2019.<\/font> <font class='s-2'>Pamata<\/font>"}]}
08.02.2019
87
0
  • Twitter
  • Facebook
  • Draugiem.lv
 
0
Latvijas Vestnesis, the official publisher
ensures legislative acts systematization
function on this site.
All Likumi.lv content is intended for information purposes.
About Likumi.lv
News archive
Useful links
For feedback
Contacts
Mobile version
Terms of service
Privacy policy
Cookies
Latvijas Vēstnesis "Everyone has the right to know about his or her rights."
Article 90 of the Constitution of the Republic of Latvia
© Official publisher "Latvijas Vēstnesis"
ISO 9001:2015 (quality management system)
ISO 27001:2013 (information security)