Differences
This shows you the differences between two versions of the page.
en:znalostni_baze:co_je_neni_isvs [2021/06/04 14:29] – created Tomáš Šedivec | en:znalostni_baze:co_je_neni_isvs [2021/06/04 14:31] (current) – Tomáš Šedivec | ||
---|---|---|---|
Line 7: | Line 7: | ||
===== Subject of this material ===== | ===== Subject of this material ===== | ||
- | Past practice shows that it is not always easy for public authorities to determine which of the information systems under their management are ISVS or not, or into which category they fall. Public administrations may encounter the need to distinguish between different types of information systems when drawing up an information concept, i.e. a document setting out the long-term quality and security management objectives for managed ISVs, the general principles for acquiring, creating and operating ISVs. The information concept should also include the characteristics of each ISVS managed by the public administration authority; for each ISVS, the public administration authority must maintain operational documentation ((The structure and content of the information concept and operational documentation are laid down in Decree No. 529/2006 Coll. | + | Past practice shows that it is not always easy for public authorities to determine which of the information systems under their management are ISVS or not, or into which category they fall. Public administrations may encounter the need to distinguish between different types of information systems when drawing up an information concept, i.e. a document setting out the long-term quality and security management objectives for managed ISVs, the general principles for acquiring, creating and operating ISVs. The information concept should also include the characteristics of each ISVS managed by the public administration authority; for each ISVS, the public administration authority must maintain operational documentation ((The structure and content of the information concept and operational documentation are laid down in Decree No. 529/2006 Coll.)) |
on requirements for the structure and content of the information concept and operational documentation and on requirements for security and quality management of public administration information systems (Decree on long-term management of public administration information systems). | on requirements for the structure and content of the information concept and operational documentation and on requirements for security and quality management of public administration information systems (Decree on long-term management of public administration information systems). | ||
The public administration body is also obliged to transmit data on managed ISVS to the relevant part of the basic register of rights and obligations (RPP), which replaced the former information system on public administration information systems, i.e. the so-called Register of ISVS (hereinafter referred to as the " | The public administration body is also obliged to transmit data on managed ISVS to the relevant part of the basic register of rights and obligations (RPP), which replaced the former information system on public administration information systems, i.e. the so-called Register of ISVS (hereinafter referred to as the " | ||
Line 17: | Line 17: | ||
==== List of legislation used ==== | ==== List of legislation used ==== | ||
- | **Act No. 365/2000 Coll., on public administration information systems and on amendments to certain other acts, as amended. | + | Act No. 365/2000 Coll., on public administration information systems and on amendments to certain other acts, as amended. |
- | **Act No. 111/2009 Coll.**, on basic registers, as amended | + | Act No. 111/2009 Coll., on basic registers, as amended |
- | **Act No. 181/2014 Coll.**, on cyber security, as amended | + | Act No. 181/2014 Coll., on cyber security, as amended |
- | **Act No. 499/2004 Coll.**, on archiving and file service and on amendments to certain acts, as amended. | + | Act No. 499/2004 Coll., on archiving and file service and on amendments to certain acts, as amended. |
- | **Decree No. 529/2006 Coll., on requirements for the structure and content of the information concept and operational documentation and on requirements for security and quality management of public administration information systems (Decree on long-term management of public administration information systems). | + | Decree No. 529/2006 Coll., on requirements for the structure and content of the information concept and operational documentation and on requirements for security and quality management of public administration information systems (Decree on long-term management of public administration information systems). |
- | **Decree No. 530/2006 Coll**., on the procedures of attestation centres in assessing the long-term management of public administration information systems. | + | Decree No. 530/2006 Coll., on the procedures of attestation centres in assessing the long-term management of public administration information systems. |
- | **Decree No. 53/2007 Coll. on the technical and functional requirements for the implementation of links between public administration information systems through a reference interface (Decree on the reference interface). | + | Decree No. 53/2007 Coll. on the technical and functional requirements for the implementation of links between public administration information systems through a reference interface (Decree on the reference interface). |
Line 37: | Line 37: | ||
=== Terms used === | === Terms used === | ||
- | **Information system** - a functional unit or a part of it providing a purposeful and systematic information activity. Each information system includes data that are organized in such a way as to enable their processing and access, as well as tools that enable the performance of information activities | + | Information system - a functional unit or a part of it providing a purposeful and systematic information activity. Each information system includes data that are organized in such a way as to enable their processing and access, as well as tools that enable the performance of information activities |
- | **Information systems of public administration** - a functional unit or a part thereof providing purposeful and systematic information activities for the purposes of public administration - § 2(b) of the ISVS Act. | + | Information systems of public administration - a functional unit or a part thereof providing purposeful and systematic information activities for the purposes of public administration - § 2(b) of the ISVS Act. |
- | **Information Concept of the Czech Republic** - created by the Ministry of the Interior and approved by the Government of the Czech Republic, it sets out the objectives of the Czech Republic in the field of public administration information systems and general principles for the acquisition, | + | Information Concept of the Czech Republic - created by the Ministry of the Interior and approved by the Government of the Czech Republic, it sets out the objectives of the Czech Republic in the field of public administration information systems and general principles for the acquisition, |
- | **Binding documents of the Information Concept of the Czech Republic** - binding documents according to the Resolution of the Government of the Czech Republic of 3 October 2018, No. 629, which develop the principles and objectives of the Information Concept of the Czech Republic, i.e. Methods of ICT management of public administration in the Czech Republic, Glossary of eGovernment concepts, National Architectural Framework and National Architectural Plan (published on the website [[https:// | + | Binding documents of the Information Concept of the Czech Republic - binding documents according to the Resolution of the Government of the Czech Republic of 3 October 2018, No. 629, which develop the principles and objectives of the Information Concept of the Czech Republic, i.e. Methods of ICT management of public administration in the Czech Republic, Glossary of eGovernment concepts, National Architectural Framework and National Architectural Plan (published on the website [[https:// |
- | **Information Concept of a Public Administration Authority** - in this information concept, public administration authorities set out their long-term objectives in the area of quality and security management of managed public administration information systems and define the general principles for the acquisition, | + | Information Concept of a Public Administration Authority - in this information concept, public administration authorities set out their long-term objectives in the area of quality and security management of managed public administration information systems and define the general principles for the acquisition, |
- | **Public administration authority** - state authorities (e.g. ministries, other administrative authorities) and local self-government units - see Section 1(1) of the ISVS Act. | + | Public administration authority - state authorities (e.g. ministries, other administrative authorities) and local self-government units - see Section 1(1) of the ISVS Act. |
- | **Operational documentation** - ISVS documentation that describes the functional and technical characteristics of the information system and elaborates the authorisations and obligations of its administrator, | + | Operational documentation - ISVS documentation that describes the functional and technical characteristics of the information system and elaborates the authorisations and obligations of its administrator, |
- | **Operational information system** - an information system providing information activities necessary for the internal operation of the competent authority, such as accounting, asset management or electronic mail - see Section 2(p) of the ISVS Act. | + | Operational information system - an information system providing information activities necessary for the internal operation of the competent authority, such as accounting, asset management or electronic mail - see Section 2(p) of the ISVS Act. |
- | **Reference interface** - a set of legal, technical, organisational and other measures creating a uniform integration environment of public administration information systems, which provides a quality set of common services of public administration information systems, including services for the exchange of legitimately required information between individual information systems, including with systems outside the Czech Republic - see § 2(h) of the ISVS Act. | + | Reference interface - a set of legal, technical, organisational and other measures creating a uniform integration environment of public administration information systems, which provides a quality set of common services of public administration information systems, including services for the exchange of legitimately required information between individual information systems, including with systems outside the Czech Republic - see § 2(h) of the ISVS Act. |
- | **Binding** **between public administration information systems** - mutual or unilateral provision of services of public administration information systems, for example data sharing - see § 2(o) of the ISVS Act; for the purposes of this methodological guideline, automated, mutual or unilateral provision of services between ISVS of different ISVS administrators. | + | Binding between public administration information systems - mutual or unilateral provision of services of public administration information systems, for example data sharing - see § 2(o) of the ISVS Act; for the purposes of this methodological guideline, automated, mutual or unilateral provision of services between ISVS of different ISVS administrators. |
- | **Web service** - a group of technologies and methods that connect information systems via the Internet and enable them to communicate and exchange information effectively with each other. | + | Web service - a group of technologies and methods that connect information systems via the Internet and enable them to communicate and exchange information effectively with each other. |
=== Abbreviations used === | === Abbreviations used === | ||
- | **ISVS** - public administration information system(s). | + | ISVS - public administration information system(s). |
===== Public Administration Information Systems ===== | ===== Public Administration Information Systems ===== | ||
Line 73: | Line 73: | ||
In accordance with Section 2(b) of the ISVS Act, an ISVS is a functional unit or part thereof providing a purposeful and systematic information activity for the purposes of public administration. This includes information systems providing activities pursuant to special laws. In order to determine whether a particular information system is also an ISMS, it is necessary to assess the relationship of that information system to the performance of public administration. In this context, it is necessary to define the concept of public administration. | In accordance with Section 2(b) of the ISVS Act, an ISVS is a functional unit or part thereof providing a purposeful and systematic information activity for the purposes of public administration. This includes information systems providing activities pursuant to special laws. In order to determine whether a particular information system is also an ISMS, it is necessary to assess the relationship of that information system to the performance of public administration. In this context, it is necessary to define the concept of public administration. | ||
- | **Public administration** can be characterised as the administration of public affairs which pursues public objectives and is carried out in the public interest (it is therefore the opposite of private administration, | + | Public administration can be characterised as the administration of public affairs which pursues public objectives and is carried out in the public interest (it is therefore the opposite of private administration, |
- | **Public administration** can be conceived in two ways, namely as a specific public activity (the so-called | + | Public administration can be conceived in two ways, namely as a specific public activity (the so-called functional concept of public administration) and as a set of bodies (subjects) that carry out this activity (the so-called organisational or institutional concept of public administration). |
- | For the purpose of defining the content of the concept of **public administration** in relation to ISMS under the Act\\ | + | For the purpose of defining the content of the concept of public administration in relation to ISMS under the Act\\ |
- | on ISVS **the relevant concept is the functional concept**, according to which public administration represents a publicly beneficial activity which pursues the fulfilment of a certain public (state, municipal, etc.) interest. | + | on ISVS the relevant concept is the functional concept, according to which public administration represents a publicly beneficial activity which pursues the fulfilment of a certain public (state, municipal, etc.) interest. |
- | The form of public administration activity may take the form of so-called | + | The form of public administration activity may take the form of so-called sovereign (sovereign) public administration. In this case, it is a prescriptive (authoritative) activity, which has the nature of public power((Public power means such power which authoritatively decides on the rights and obligations of subjects, either directly or indirectly. The subject whose rights or obligations are decided by a public authority is not in an equal position with that authority and the content of the decision of that authority does not depend on the will of the subject - see the Constitutional Court' |
)), when a public authority (e.g. a municipal authority) interferes in the legal relations of other persons (natural or legal persons). The existence of relations of superiority and subordination in which the public authority always stands above the person whose rights or obligations it decides on is typical for the public administration of a superiority. The classical result of the public administration of the superiors is administrative decisions issued in administrative proceedings ((The general procedural regulation in the field of public administration is Act No. 500/2004 Coll., Administrative Procedure Code. The Administrative Procedure Code regulates both the issue of administrative proceedings and other acts of administrative authorities - statements, certificates, | )), when a public authority (e.g. a municipal authority) interferes in the legal relations of other persons (natural or legal persons). The existence of relations of superiority and subordination in which the public authority always stands above the person whose rights or obligations it decides on is typical for the public administration of a superiority. The classical result of the public administration of the superiors is administrative decisions issued in administrative proceedings ((The general procedural regulation in the field of public administration is Act No. 500/2004 Coll., Administrative Procedure Code. The Administrative Procedure Code regulates both the issue of administrative proceedings and other acts of administrative authorities - statements, certificates, | ||
)), but also other acts of administrative authorities which affect the rights and obligations of the addressees of public administration (e.g. various certificates, | )), but also other acts of administrative authorities which affect the rights and obligations of the addressees of public administration (e.g. various certificates, | ||
- | However, public administration may also take another form of activity, which consists in providing certain public needs. In the case of this care or management activity, we speak of **non-sovereign (non-exclusive, | + | However, public administration may also take another form of activity, which consists in providing certain public needs. In the case of this care or management activity, we speak of non-sovereign (non-exclusive, |
=== Categories of ISVS === | === Categories of ISVS === | ||
Line 98: | Line 98: | ||
For the unambiguous identification of an ISVS, the situation is easiest in cases where a legal regulation regulates the management of an ISVS (which meets the characteristics of an ISVS listed in Section 2(b) of the ISVS Act), explicitly designating it as such, possibly with reference to the ISVS Act. However, this is not the case in all cases. | For the unambiguous identification of an ISVS, the situation is easiest in cases where a legal regulation regulates the management of an ISVS (which meets the characteristics of an ISVS listed in Section 2(b) of the ISVS Act), explicitly designating it as such, possibly with reference to the ISVS Act. However, this is not the case in all cases. | ||
- | **The following examples document the ways in which the legislation regulates the maintenance of ISVS:** | + | The following examples document the ways in which the legislation regulates the maintenance of ISVS: |
- | | + | * The legislation regulates the management of a specific information system, at the same time designating it as an ISMS and referring to the ISMS Act: |
<WRAP centre round box 100%> | <WRAP centre round box 100%> | ||
Line 113: | Line 113: | ||
- | | + | * The legislation regulates the maintenance of a specific register (record, register, etc.), i.e. the term " |
<WRAP centre round box 100%> | <WRAP centre round box 100%> | ||
Line 126: | Line 126: | ||
- | | + | * The legislation regulates the maintenance of a specific information system, register, register, register, list, database, portal, etc., refers to it as ISVS, does not refer to the ISVS Act. |
<WRAP centre round box 100%> | <WRAP centre round box 100%> | ||
Line 135: | Line 135: | ||
- | | + | * The legislation regulates the maintenance of the ISVS but does not explicitly designate it as an ISVS. |
<WRAP center round box 100%> | <WRAP center round box 100%> | ||
Line 150: | Line 150: | ||
The management of an ISVS does not have to be explicitly regulated by a specific legal regulation (i.e. a legal regulation different from the ISVS Act), or the existence of an ISVS does not have to be explicitly mentioned in any legal regulation. | The management of an ISVS does not have to be explicitly regulated by a specific legal regulation (i.e. a legal regulation different from the ISVS Act), or the existence of an ISVS does not have to be explicitly mentioned in any legal regulation. | ||
- | For example, municipalities, | + | For example, municipalities, |
=== Registration of ISVS in the ISVS register in the RPP === | === Registration of ISVS in the ISVS register in the RPP === | ||
Line 195: | Line 195: | ||
If the answers to these questions are YES, the information system under consideration is most likely an ISVS. | If the answers to these questions are YES, the information system under consideration is most likely an ISVS. | ||
- | **However, an information system that is expressly declared to be an ISVS by law, even if it does not meet the characteristics of an ISVS under section 2(b) of the ISVS Act, will always be an ISVS.** | + | However, an information system that is expressly declared to be an ISVS by law, even if it does not meet the characteristics of an ISVS under section 2(b) of the ISVS Act, will always be an ISVS. |
If you evaluate the information system you manage as an ISVS, you must next determine the extent to which the ISVS Act applies to you. Section 1 of the Act sets out which ISVS are not covered by the Act, or are covered to a specified extent. | If you evaluate the information system you manage as an ISVS, you must next determine the extent to which the ISVS Act applies to you. Section 1 of the Act sets out which ISVS are not covered by the Act, or are covered to a specified extent. | ||
Line 249: | Line 249: | ||
It is recommended that the public authority should include in the information concept all the information systems of which it is the administrator, | It is recommended that the public authority should include in the information concept all the information systems of which it is the administrator, | ||
- | **Summary - in the information concept of the public administration** | + | Summary - in the information concept of the public administration |
*the ISMS for which the authority is the administrator must be listed, | *the ISMS for which the authority is the administrator must be listed, | ||
*the operational IS of selected categories for which the public authority is the administrator must be listed, | *the operational IS of selected categories for which the public authority is the administrator must be listed, |