Strengthening security assurance of information systems

Heads of departments and chairmen of People's Committees of districts, towns and cities shall perform the following tasks:

• Organize propaganda and thoroughly observe the Government's Directive No. 09/CT-TTg dated February 23, 2024 on complying with legal regulations and enhancing security assurance of information systems by level to officials,  civil servants and employees in the field of management of sectors and localities.

• Directly direct and take charge of ensuring information security in the operation of their agencies and localities.

• Focus on directing the full implementation of measures and plans to ensure security of information systems by classification.

• Organize the elaboration, appraisal and approval of dossiers of information system security grades for information systems under their management, according to regulations.  

• Ensure that 100% of information systems from level 1 to level 5 in operation must be approved for information system security level no later than July 2024 and fully implement the information security plan according to the approved level proposal by October 2024 at the latest.

• Regularly and effectively use information security support platforms provided by the Ministry of Information and Communications and the Department of Information and Communications.  

• Organize the effective, regular and continuous implementation of information security assurance according to the 4-layer model.

• Improve the capacity of the supervision layer, professional protection and maintain continuous, stable connection.

• Prioritize the use of cyberinformation security products, solutions and services produced or mastered by Vietnamese enterprises.

Department of Information and Communications is directed to:

• Provide professional guidance on information safety and security in a 4-layer model.

• Guide the establishment, appraisal and approval of dossiers of proposal for information security level and related contents for implementation in the province.  

• Organize training, urging, inspection, evaluation and activities to promote the synchronous and comprehensive implementation of cyberinformation security and information security. 

• Prioritize upgrading information security infrastructure, fully implement plans to ensure information system security for the provincial data center system to deploy shared information systems and databases of the province to inherit existing information security measures.

• Strengthen inspection of compliance with the law on information security at agencies, units and enterprises implementing digital platforms for digital transformation, development of e-government, digital government, digital economy and digital society.

• Strictly handle violations of the law on cyberinformation security according to its competence and regulations.

M.H