Previous 2 / 9 Next

Official Gazette, 79/2007 - - security accreditation of information systems is the procedure within which the degree of competence is determined for bodies and legal persons referred to in Article 1, paragraph 2 of this Act for managing information system security, and is performed by determining implemented information security measures and standards . information system is communicational, computer or other type of electronic system within which information are processed, stored or transmitted in such a way that they are available and applicable for authorised users. II INFORMATION SECURITY MEASURES AND STANDARDS Article 3 Information security measures and standards shall be used to determine minimum criteria for the protection of classified and unclassified data in bodies and legal persons referred to in Article 1, paragraphs 2 and 3 of this Act. Article 4 (1) Information security measures and standards shall be determined for both classified and unclassified data. (2) Information security measures and standards shall be determined in accordance with the degree of secrecy, number, type and threat to classified and unclassified data at a particular location. (3) For CONFIDENTIAL, SECRET and TOP SECRET classified data security threat assessment shall be permanently performed. Article 5 Information security measures and standards shall encompass as follows: - oversight of access to and handling of classified data - procedure during unauthorised disclosure and loss of classified data - planning of measures during emergency situations - founding of separate data bases for data classified in the Republic of Croatia and for classified data delivered by another country, international organization or institution that the Republic of Croatia cooperates with. Article 6 (1) Information security measures and standards for unclassified data protection shall be determined in accordance with measures and standards for the personal data protection as stipulated by law. (2) Information security measures and standards for the protection of RESTRICTED degree of secrecy shall be determined in accordance with paragraph 1 of this Article, with the addition of: - prior verification of the implementation of stipulated measures and standards for unclassified data - implementation of measures and standards stipulated for RESTRICTED degree of secrecy 2

Select target paragraph3

● ● ●

Information Security Act

Document

State

Croatia

Type of Document (for States): Legal Framework-Related Documents: Legislation

Topics

Data Protection
Incident and Emergency Response
International Cooperation
National Cyber Defense

United Nations Regional Group

Eastern European States

Issuing Body

Croatian Parliament

Summary: Establishes the notion of information security, information security measures and standards, information security areas and competent authorities for the adoption, implementation and oversight of information security measures and standards.

Source Link 1: https://www.uvns.hr/en/legislation/information-security-290

Source Link 2: https://www.uvns.hr/UserDocsImages/en/dokumenti/info-security/Information-Security-Act.pdf

Year Published: 2007

Date Published: Jul 13, 2007

Document Language(s)

English

Preview

Map

Latitude: 45.1

Longitude: 15.2000001

Map (linked Document): Croatia

Primary Documents

2007_Croatia_en_Information Security Act.pdf
English
Download View