Register of regional state information systems. Successes of import substitution or interesting statistics based on the register of federal government information systems. Distribution by departments

1. State information systems are created in order to implement the powers of state bodies and ensure the exchange of information between these bodies, as well as for other purposes established by federal laws.

2. State information systems are created, modernized and operated taking into account the requirements stipulated by law Russian Federation on the contract system in the field of procurement of goods, works, services to meet state and municipal needs or the legislation of the Russian Federation on public-private partnership, on municipal-private partnership, legislation on concession agreements, and in cases where the operation of state information systems carried out without attracting budget funds budget system Russian Federation, in accordance with other federal laws.

3. State information systems are created and operated on the basis of statistical and other documented information provided by citizens ( individuals), organizations, government bodies, local governments.

4. Lists of types of information provided on a mandatory basis are established by federal laws, the conditions for its provision - by the Government of the Russian Federation or relevant government bodies, unless otherwise provided by federal laws. In the event that during the creation or operation of state information systems it is intended to implement or process publicly available information provided for by the lists approved in accordance with Article 14 of the Federal Law of February 9, 2009 N 8-FZ "On ensuring access to information about the activities of government bodies and local governments", state information systems must ensure the placement of such information on the Internet in the form of open data.

(see text in the previous edition)

4.1. The Government of the Russian Federation determines cases in which access via the Internet to information contained in state information systems is provided exclusively to information users who have been authorized in the unified identification and authentication system, as well as the procedure for using the unified identification and authentication system.

5. Unless otherwise established by the decision on the creation of a state information system, the functions of its operator are carried out by the customer who has entered into a state contract for the creation of such an information system. In this case, the commissioning of the state information system is carried out in the manner established by the specified customer.

5.1. In the case of the creation or modernization of a state information system on the basis of a concession agreement or a public-private partnership agreement, the functions of the operator of this system are carried out by the concessionaire or private partner within the limits, to the extent and within the time frames provided for by the relevant agreement.

6. The Government of the Russian Federation approves the requirements for the procedure for the creation, development, commissioning, operation and decommissioning of state information systems, further storage of information contained in their databases, including the list, content and timing of implementation of the stages of measures for the creation, development , commissioning, operation and decommissioning of state information systems, further storage of information contained in their databases.

(see text in the previous edition)

7. It is not allowed to operate the state information system without properly registering the rights to use its components, which are objects of intellectual property.

8. Technical means, intended for processing information contained in state information systems, including software and hardware and information security tools, must comply with the requirements of the legislation of the Russian Federation on technical regulation.

9. Information contained in state information systems, as well as other information and documents available to state bodies are state-owned information resources. The information contained in government information systems is official. State bodies, determined in accordance with the regulatory legal act regulating the functioning of the state information system, are obliged to ensure the reliability and relevance of the information contained in this information system, access to this information in cases and in the manner provided for by law, as well as the protection of this information from unlawful access, destruction, modification, blocking, copying, provision, distribution and other illegal actions.

(see text in the previous edition)

Alexey Lukatsky

I decided to figure out what the state information system is, for the protection of which the 17th order and the manual on protective measures were developed. It turned out to be difficult. There are several controversial points of view on this issue. I'll start with the opinions of my colleagues:

  • Artem Ageev believes that essentially only those information systems that are in the register of the Ministry of Telecom and Mass Communications can be considered GIS.
  • Andrey Prozorov, that not every IP in a government agency is state-owned and falls under the 17th order.
  • Mikhail Novokreshchenov thinks similarly, but at the same time, if an IS is put into effect by order and introduced into a government agency, then it is already a GIS.

However, these 3 somewhat similar positions differ from what other participants in the game think. For example, colleagues from RANEPA have a completely different opinion. It is more emotional, but still it is a position that is worth listening to. Still, RANEPA actively participates in the rule-making process and their views should not be discounted. So the position is literally as follows: " Everything that is done in a state body (since all its activities are the essence of the public sphere of legal relations) is done by force of law. Other activities are by definition illegal (a public body is prohibited from doing anything that is not directly prescribed by law). Accounting (personnel records, etc.), in general - any other supporting activity is also carried out only due to the requirements of certain laws. In the case of accounting, equally classified as public and civil organizations. The fact that this type of activity is not directly described in the Regulations on a particular department is a non-specific factor. Agencies implement many powers that they have been granted outside of the Regulations (for example, federal laws and presidential decrees). The absence of certain powers in the Regulations is, of course, an “untidy” matter, but if they arise from legislation, they are still powers. Thus, the accounting information system of a government agency is created a) on the basis of the law (common to any organization in the country), b) on the basis of a legal act of the government agency (put into operation by order, most likely, of the minister, c) it is needed to implement the powers of the government agency (“needed " = without it it is impossible to implement other powers of the department)". To summarize, RANEPA believes that any the information system in a government agency is state-owned.

The Ministry of Telecom and Mass Communications adheres to a similar position. Their logic is as follows. State information systems - federal information systems and regional information systems created on the basis of federal laws, laws of the constituent entities of the Russian Federation, and on the basis of legal acts of state bodies, respectively. Please note, not regulations, but legal acts. Those. on the basis of any authorized decision of a government body, for example, an ordinary order. And such a competent decision can be made not by an executive body, not by a government body in general, but by any ordinary government body. The frequent reference to PP-723 on the registration of certain types of GIS does not apply to all GIS, but only to some of them. According to the Ministry of Telecom and Mass Communications, PP-723 is mandatory only for federal executive authorities and only for GIS intended to provide government functions or provide public services. At the same time, the lack of registration does not change the status of an unregistered GIS as a state one. In other words, the presence of a regular order to put into operation an information system in a government agency makes it state, and in a municipal institution - municipal. And no registration is required for this (except for certain types of federal GIS).

There was a long one on FB

There are about 100 state information systems in the Russian Federation, they are divided into federal and regional. An organization operating any of these systems is required to comply with security requirements for the data processed within it. Depending on the classification, different information systems are subject to different requirements, for non-compliance with which sanctions are applied - from a fine to more serious measures.

The operation of all information systems in the Russian Federation is determined by the Federal Law of July 27, 2006 No. 149-FZ (as amended on July 21, 2014) “On Information, information technology and on the protection of information" (July 27, 2006). Article 14 of this law provides detailed description GIS. To operators of state information systems where information is processed limited access(not containing information constituting a state secret), the requirements set out in the Order of the FSTEC of Russia dated February 11, 2013 No. 17 “On approval of requirements for the protection of information that does not constitute a state secret contained in state information systems” are presented.

Let us recall that an operator is a citizen or legal entity engaged in the operation of an information system, including the processing of information contained in its databases.

If an organization is connected to a state information system, then FSTEC Order No. 17 obliges the system to be certified, and only certified information security tools (with valid FSTEC or FSB certificates) must be used to protect information.

There are often cases when the operator of an information system mistakenly classifies it as a GIS, when it is not one. As a result, excessive security measures are applied to the system. For example, if by mistake the operator of a personal data information system classified it as state-owned, he will have to comply with more stringent requirements for the security of the information being processed than required by law. Meanwhile, the requirements for the protection of personal data information systems, which are regulated by FSTEC Order No. 21, are less stringent and do not require certification of the system.

In practice, it is not always clear whether the system to which you need to connect is state-owned, and, therefore, what measures to build information security need to be taken. Nevertheless, the plan of inspections by regulatory authorities is growing, and fines are systematically increasing.

How to distinguish GIS from non-GIS

A state information system is created when it is necessary to ensure:

  • implementation of powers of government agencies;
  • information exchange between government agencies;
  • achieving other goals established by federal laws.

You can understand that the information system belongs to the state using the following algorithm:

  1. Find out if there is a legislative act requiring the creation of an information system.
  2. Check the availability of the system in the Register of Federal State Information Systems. Similar registers exist at the level of the constituent entities of the Federation.
  3. Pay attention to the purpose of the system. An indirect sign of classifying a system as a GIS will be a description of the powers that it implements. For example, each administration of the Republic of Bashkortostan has its own charter, which also describes the powers of local government bodies. The IS “Registration of citizens in need of residential premises on the territory of the Republic of Bashkortostan” was created to implement such powers of administrations as “adopting and organizing the implementation of plans and programs for the comprehensive socio-economic development of the municipal region”, and is a GIS.

If the system involves the exchange of information between government agencies, it is also highly likely to be government (for example, a system of interdepartmental electronic document management).

This is GIS. What to do?

FSTEC Order 17 prescribes the following measures to protect information for GIS operators:

  • developing requirements for the protection of information contained in the information system;
  • development of an information security system for an information system;
  • implementation of the information security system of the information system;
  • certification of the information system according to information security requirements (hereinafter referred to as ISPD certification) and its commissioning;
  • ensuring the protection of information during the operation of a certified information system;
  • ensuring the protection of information during decommissioning of a certified information system or after a decision is made to terminate information processing.

Organizations that are connected to government information systems must perform the following actions:

1. Classify IP and identify security threats.

IP classification is carried out in accordance with clause 14.2 17 of the FSTEC order.

Threats to information security are determined based on the results

  • assessing the capabilities of violators;
  • analysis of possible information system vulnerabilities;
  • analysis (or modeling) possible ways implementation of threats to information security;
  • assessing the consequences of violating information security properties (confidentiality, integrity, availability).

2. Generate requirements for the information processing system.

System requirements must contain:

  • the purpose and objectives of ensuring information security in the information system;
  • information system security class;
  • a list of regulatory legal acts, methodological documents and national standards that the information system must comply with;
  • list of information system protection objects;
  • requirements for measures and means of information protection used in the information system.

3. Develop an information security system for the information system.

To do this you need to do:

  • designing an information security system for an information system;
  • development of operational documentation for the information security system of the information system;
  • prototyping and testing of the information security system of the information system.

4. Implement the information security system of the information system, namely:

  • installation and configuration of information security tools in the information system;
  • development of documents defining the rules and procedures implemented by the operator to ensure the protection of information in the information system during its operation (hereinafter referred to as organizational and administrative documents on information protection);
  • implementation of organizational measures to protect information;
  • preliminary testing of the information security system of the information system;
  • trial operation of the information security system;
  • checking the constructed information security system for vulnerability;
  • acceptance tests of the information security system of the information system.

5. Certify ISPDn:

  • conduct certification tests;
  • receive a certificate of conformity.

There is a widespread belief that in order to pass an inspection by regulatory authorities, it is enough to have organizational and administrative documents, so GIS operators often neglect to implement security measures. Indeed, Roskomnadzor pays close attention to documents and the implementation of organizational and administrative measures to protect personal data in the organization. However, if questions arise, specialists from FSTEC and the FSB may be involved in the inspection. At the same time, FSTEC looks very carefully at the composition technical protection information and verifies the correctness of the threat model, and the FSB verifies the implementation of the requirements regarding the use of cryptographic information protection means.

Oleg Necheukhin, information systems protection expert, Kontur-Security

In which government agencies are required to register their more or less serious (but not secret) information systems. It is quite small, for a long time I wanted to dig deeper into it and take a closer look at what the systems are and how they work, making the life of an ordinary citizen even easier and happier every day.

The register is hosted on the Roskomnadzor portal, which tries to be in the trend of transparency, so it has a section with open data sets - great! Download the latest archive of the Register from 02/16/2016, inside there is an xml download from September 2015... Nice try, citizen. We will have to supplement the “open data” with fresh information directly from the site, where everything has been done to make it difficult for enemies to parse the Registry. As a result, as of March 8, 2016, we got a list of 339 federal government information systems, some interesting infographics on which I want to present to you below.

For each GIS in the Registry, several supported OS and DBMS can be indicated at once, so it is impossible to understand exactly what software it works with in reality. Therefore, in the next three diagrams for such systems, the plus sign was placed in several categories at once.

1. Distribution by supported server OS

Of the domestic developments, only the mysterious Zircon operating system based on Solaris, Alt Linux and MSVS is mentioned.

2. Distribution by supported client OS

What exactly do several applicants mean by “Mobile operating system" - unclear.

3. DBMS used


Of the DBMSs, only Red Database (based on Firebird), IRBIS64 and LINTER-VS can be considered domestic developments.

4. Data storage formats

The font size corresponds to the prevalence of support.


Using this diagram, you can play an exciting game called “Find in the picture the office document formats approved by GOST R ISO/IEC 26300-2010 and do not receive their support in the GIS.” Formats that, back in 2011, before the era of import substitution, should have become a single standard for government document flow. But it seems that something went wrong again. 3 years ago I already wrote about how, to put it mildly, Open Document was slowly being implemented on the websites of government agencies. Things are still there today. Only for 10 GIS support for GOST formats is mentioned.

5. Using office software

Those GISs that contained other software (not an office suite) or no data at all were not taken into account.

In general, some members of the Registry have a rather strange understanding of such a term as Free software(there is such a column in the Registry), adding Internet Explorer, Delphi and even CCleaner to its ranks.

6. Distribution of GIS by date of commissioning


What is noteworthy is that, apparently, in order not to be late as always, Slow Russian Post has set the commissioning date for its State Information System of Housing and Communal Services as early as July 2016. This is the only GIS from the future.

7. Distribution by departments

The larger the area of ​​the rectangle, the greater the number of GIS owned by this department.

8. Amount of funds spent on development, modernization and operation

The Register contains the field “Information on sources of financing for the creation, operation, modernization of FSIS,” which contains information in free form about the cost of the system for the taxpayer. The obligation and frequency of entering this information into the Register is not clear, but it gives an approximate idea of ​​the amount of costs.

Only 7 information systems account for half of all funds spent (amounts are indicated in thousand rubles):


The first and second places with a minimal gap are occupied by the State Autonomous Administration Elections and Justice. An honorable 3rd place goes to the automated system of the Ministry of Internal Affairs with the self-explanatory name IBD-F. This mighty troika of GIS accounts for more than a quarter of all expenses indicated in the Register - 61 billion rubles.

State portals, websites

  • ESIA. one system identification and authentication - esia.gosuslugi.ru
  • EPSU. Unified portal of public services - gosuslugi.ru
  • Public services portal of St. Petersburg - gu.spb.ru
  • Portal of government and municipal services Leningrad region- gu.lenobl.ru
  • Portal of state and municipal services of the city of Moscow - mos.ru
  • EFRSDYUL. Unified Federal Register of Information on the Activity of Legal Entities - fedresurs.ru
  • Federal Tax Service. Electronic services- nalog.ru
  • FIAS. Federal information address system - fias.nalog.ru
  • GIS housing and communal services - dom.gosuslugi.ru
  • Software register. Single register Russian programs for electronic computers and databases (Ministry of Telecom and Mass Communications) - reestr.minsvyaz.ru
  • Unified Register of Prohibited Sites (Roskomnadzor) - eais.rkn.gov.ru
  • NAP register. Register of copyright infringers - nap.rkn.gov.ru
  • Register of information prohibited by law 398-FZ (Roskomnadzor) - 398-fz.rkn.gov.ru
  • GISP Industry. State information system of the Industrial Development Fund - gisp.gov.ru
  • KIO. Committee of Property Relations of St. Petersburg - commim.spb.ru
  • FSIS CS. Federal State Information System of Pricing in Construction - fgiscs.minstroyrf.ru
  • GIS USRZ. Unified State Register of Expert Review Conclusions of Design Documentation for Capital Construction Projects - egrz.ru
  • DOM.RF. Unified information system for housing construction - nash.dom.rf
  • GIS ESGFC. Portal of state and municipal financial audit - portal.audit.gov.ru
  • EISUX. Unified information system for personnel management of the state civil service - gossluzhba.gov.ru
  • The official website of the Russian Federation for posting information about bidding - torgi.gov.ru
  • EIS. Unified information system in the field of procurement - zakupki.gov.ru
  • AIS GZ. Automated information system for state procurement of St. Petersburg - start.gz-spb.ru
  • AIS GZ: Electronic store. AIS subsystem of the State order of St. Petersburg - estore.gz-spb.ru
  • Portal 223. Portal of AIS Civil Protection of St. Petersburg - 223.gz-spb.ru
  • Moscow supplier portal - market.zakupki.mos.ru
  • PIK EASUZ. Contract execution portal of the Unified Automated Procurement Management System of the Moscow Region - pik.mosreg.ru
  • EIS GOZ. Unified Information System of State Defense Order
  • EGISSO. Unified state information system for social security - egisso.ru

Reporting systems

  • Rosprirodnadzor. federal Service for supervision in the field of environmental management - rpn.gov.ru
  • Rosfinmonitoring. Reporting to the Federal Service for Financial Monitoring - portal.fedsfm.ru
  • FGIS EIAS FTS of Russia Unified Information Analytical System - eias.ru
  • IAS FST of St. Petersburg. Unified information analytical system - web.spbeias.ru
  • Rostekhnadzor. Reporting to the Federal Service for Environmental, Technological and nuclear supervision- gosnadzor.ru
  • Housing and communal services of St. Petersburg. Portal of Housing and Communal Services of St. Petersburg - gilkom-complex.ru
  • GZHI SPb. Reporting to the State Housing Inspectorate of St. Petersburg
  • AS AKOT. Federal State Information System for recording the results of a special assessment of working conditions (FSIS SOUT) - akot.rosmintrud.ru
  • Rostrud. Register of declarations of conformity of working conditions - declaration.rostrud.ru
  • Central Bank of the Russian Federation. Personal Area on financial markets - cbr.ru
  • ESOD. A unified data exchange system with external subscribers of the Central Bank of Russia - portal4.cbr.ru
  • GIS Energy Efficiency. Ministry of Energy of the Russian Federation - gisee.ru
  • Energy passport, GIS subsystem Energy efficiency - passport.gisee.ru
  • EGAIS Forest. Unified state automated information system for accounting of wood and transactions with it - lesegais.ru
  • Rosnedra. Personal account of the subsoil user - lk.rosnedra.gov.ru

News agencies for information disclosure

  • AK&M. Analysis, Consulting and Marketing - disclosure.ru
  • Interfax-TsRKI. e-disclosure Center for Corporate Information Disclosure. ru
  • PRIME. Agency economic information- disclosure.1prime.ru
  • SCREEN. System of comprehensive disclosure of information and news - disclosure.skrin.ru

Electronic document management systems

  • SMEV. System of interdepartmental electronic interaction (certificate of an authorized person) - smev.gosuslugi.ru
  • Uniform State Health Information System. Unified state information system in the field of healthcare - portal.egisz.rosminzdrav.ru
  • UIIS Sotsstrakh - Unified integrated information system FSS "Sotsstrakh" (Electronic sick leave) - cabinets.fss.ru
  • ESSK. Unified system of the construction complex of St. Petersburg - essk.gov.spb.ru
  • AIS Project declarations for shared construction of the Ministry of Construction of Russia - dol.minstroyrf.ru
  • Urban planning portal of St. Petersburg - portal.kgainfo.spb.ru
  • AIS GATI. State Administrative and Technical Inspectorate of St. Petersburg - xc.gati-online.ru
  • FAU Glavgosexpertiza of Russia - gge.ru
  • State Autonomous Institution Lenoblgosekpertiza. Department of State Expertise of the Leningrad Region - loexp.ru
  • Gosstroyzhilnadzor NAO. State Inspectorate for Construction and Housing Supervision of Nenets Autonomous Okrug- stroy.adm-nao.ru
  • State Autonomous Institution "Office of State Expertise of the Republic of Bashkortostan" - lk.expertizarb.ru
  • State Autonomous Institution "Office of State Expertise of the Republic of Buryatia" - personal.ekspbur.ru
  • Center for Construction Audit and Support - csas-spb.ru
  • FBU ROSGEOLEXPERTIZA - rgexp.ru
  • GIS APK LO. Geographic information system of the agro-industrial complex of the Leningrad region - gisapk.lenreg.ru
  • Rosimushchestvo. Interdepartmental portal for state property management -mvpt.rosim.ru
  • FSIS of the Russian Accreditation Service - fsa.gov.ru
  • ARM MUNICIPAL. Municipal automated workstation system
  • CONTROL. State automated information system - gasu.gov.ru
  • GIIS Electronic budget. Subsystem "Budget planning" - ssl.budgetplan.minfin.ru
  • FSIS TP. Federal State Information System of Territorial Planning - fgis.economy.gov.ru
  • GIS GMP. State information system on state and municipal payments - gis-gmp.kck.ru
  • Federal Customs Service of Russia. Personal account of a foreign trade participant - edata.customs.ru
  • AIS Foreign trade information. Support for foreign trade participants (Ministry of Industry and Trade) - non-tariff.gov.ru
  • FIPS. Federal Institute for Industrial Property (Rospatent) - 1.fips.ru
  • FAS Russia. Filing applications and complaints to the Federal Antimonopoly Service
  • Rospotrebnadzor. Federal Service for Supervision of Consumer Rights Protection and Human Welfare - rospotrebnadzor.ru
  • IS Rossvyaz. Personal account of the telecom operator - is.rossvyaz.ru:8081/rossvyaz/
  • Russian public initiative - roi.ru
  • Notary EIS. Unified information system of notaries of Russia - fciit.ru
  • Local government self-government portal. Local government portal - app.fciit.ru/oms
  • Register of notifications of pledge of movable property - reestr-zalogov.ru
  • Information system Numeral-PNU - numeral.su
  • AS SEP. Automated system electronic vehicle passports - elpts.ru
  • Providing CASCO and OSAGO insurance policies in electronic form
  • ROSGOSTRAKH. Personal account - my.rgs.ru
  • AIS NSSO. National Union of Liability Insurers - nsso.ru
  • Supreme Court of the Russian Federation - vsrf.ru
  • GAS Justice. Service "Electronic Justice" - ej.sudrf.ru
  • Information system My Arbiter - my.arbitr.ru
  • Moscow City Court. Moscow City Court - mos-gorsud.ru
  • FSSP. Federal Bailiff Service - fssprus.ru
  • Traffic police Online appeals to the State Traffic Inspectorate - traffic police.rf
  • SMAO. Self-regulatory interregional association of appraisers - smao.ru
  • Ministry of Culture of the Russian Federation. Conclusion on the state historical and cultural examination
  • State Registration Bulletin - vestnik-gosreg.ru
  • IS State Bibliography. Russian Book Chamber, ITAR-TASS branch - online.bookchamber.ru
  • OEC. System for accepting legal deposits of printed publications in electronic form- oek.rsl.ru
  • EGISU R&D. Unified state information system for recording research, development and technological work for civil purposes - rosrid.ru
  • Moscow State University. Moscow State University them. Lomonosov - cpk.msu.ru
  • AIS Electronic voucher. Federal Agency for Tourism - russiatourism.ru
  • To the Far East.rf - nadalnivostok.rf
  • Petroelectrosbyt. EDI with JSC "Petersburg Sales Company" - pesc.ru
  • EDI with PJSC Rostelecom
  • EDI with State Unitary Enterprise "Vodokanal of St. Petersburg"
  • 1C-EDO. Electronic document management system
  • Synerdocs. Electronic document management system
  • ATI-DOKI - d.ati.su
  • Case. Electronic document management system
  • Diadoc. Electronic document management system with counterparties
  • INFINITUM. Electronic document management system of a specialized depository
  • Rosinvoice. Electronic document management system - docs.roseltorg.ru
  • Sbis. Electronic document management system
  • EDI SPHERE. Electronic document management system
  • Edisoft. Electronic document management system
  • EDO PORTAL. Electronic document management system (EXITE)
  • Sberbank Leasing - e-leasing.sberleasing.ru
  • Various corporate information systems for secure document management


Article rating:
1 Star2 Stars3 Stars4 Stars5 stars(No ratings yet)
Loading...
Share with friends:
Articles on a similar topic
Close
Find on the site
For example: types of drywall