Differences

This shows you the differences between two versions of the page.

Link to this comparison view

en:znalostni_baze:co_je_neni_isvs [2021/06/04 14:29] – created Tomáš Šedivecen:znalostni_baze:co_je_neni_isvs [2021/06/04 14:31] (current) Tomáš Šedivec
Line 7: Line 7:
 ===== Subject of this material ===== ===== Subject of this material =====
  
-Past practice shows that it is not always easy for public authorities to determine which of the information systems under their management are ISVS or not, or into which category they fall. Public administrations may encounter the need to distinguish between different types of information systems when drawing up an information concept, i.e. a document setting out the long-term quality and security management objectives for managed ISVs, the general principles for acquiring, creating and operating ISVs. The information concept should also include the characteristics of each ISVS managed by the public administration authority; for each ISVS, the public administration authority must maintain operational documentation ((The structure and content of the information concept and operational documentation are laid down in Decree No. 529/2006 Coll.+Past practice shows that it is not always easy for public authorities to determine which of the information systems under their management are ISVS or not, or into which category they fall. Public administrations may encounter the need to distinguish between different types of information systems when drawing up an information concept, i.e. a document setting out the long-term quality and security management objectives for managed ISVs, the general principles for acquiring, creating and operating ISVs. The information concept should also include the characteristics of each ISVS managed by the public administration authority; for each ISVS, the public administration authority must maintain operational documentation ((The structure and content of the information concept and operational documentation are laid down in Decree No. 529/2006 Coll.))
 on requirements for the structure and content of the information concept and operational documentation and on requirements for security and quality management of public administration information systems (Decree on long-term management of public administration information systems). on requirements for the structure and content of the information concept and operational documentation and on requirements for security and quality management of public administration information systems (Decree on long-term management of public administration information systems).
 The public administration body is also obliged to transmit data on managed ISVS to the relevant part of the basic register of rights and obligations (RPP), which replaced the former information system on public administration information systems, i.e. the so-called Register of ISVS (hereinafter referred to as the "RISVS"). The administrator of this basic register is the Ministry of the Interior. The public administration body is also obliged to transmit data on managed ISVS to the relevant part of the basic register of rights and obligations (RPP), which replaced the former information system on public administration information systems, i.e. the so-called Register of ISVS (hereinafter referred to as the "RISVS"). The administrator of this basic register is the Ministry of the Interior.
Line 17: Line 17:
 ==== List of legislation used ==== ==== List of legislation used ====
  
-**Act No. 365/2000 Coll., on public administration information systems and on amendments to certain other acts, as amended.+Act No. 365/2000 Coll., on public administration information systems and on amendments to certain other acts, as amended.
  
-**Act No. 111/2009 Coll.**, on basic registers, as amended+Act No. 111/2009 Coll., on basic registers, as amended
  
-**Act No. 181/2014 Coll.**, on cyber security, as amended+Act No. 181/2014 Coll., on cyber security, as amended
  
-**Act No. 499/2004 Coll.**, on archiving and file service and on amendments to certain acts, as amended.+Act No. 499/2004 Coll., on archiving and file service and on amendments to certain acts, as amended.
  
-**Decree No. 529/2006 Coll., on requirements for the structure and content of the information concept and operational documentation and on requirements for security and quality management of public administration information systems (Decree on long-term management of public administration information systems).+Decree No. 529/2006 Coll., on requirements for the structure and content of the information concept and operational documentation and on requirements for security and quality management of public administration information systems (Decree on long-term management of public administration information systems).
  
-**Decree No. 530/2006 Coll**., on the procedures of attestation centres in assessing the long-term management of public administration information systems.+Decree No. 530/2006 Coll., on the procedures of attestation centres in assessing the long-term management of public administration information systems.
  
-**Decree No. 53/2007 Coll. on the technical and functional requirements for the implementation of links between public administration information systems through a reference interface (Decree on the reference interface).+Decree No. 53/2007 Coll. on the technical and functional requirements for the implementation of links between public administration information systems through a reference interface (Decree on the reference interface).
  
  
Line 37: Line 37:
 === Terms used === === Terms used ===
  
-**Information system** - a functional unit or a part of it providing a purposeful and systematic information activity. Each information system includes data that are organized in such a way as to enable their processing and access, as well as tools that enable the performance of information activities+Information system - a functional unit or a part of it providing a purposeful and systematic information activity. Each information system includes data that are organized in such a way as to enable their processing and access, as well as tools that enable the performance of information activities
  
-**Information systems of public administration** - a functional unit or a part thereof providing purposeful and systematic information activities for the purposes of public administration - § 2(b) of the ISVS Act.+Information systems of public administration - a functional unit or a part thereof providing purposeful and systematic information activities for the purposes of public administration - § 2(b) of the ISVS Act.
  
-**Information Concept of the Czech Republic** - created by the Ministry of the Interior and approved by the Government of the Czech Republic, it sets out the objectives of the Czech Republic in the field of public administration information systems and general principles for the acquisition, creation, management and operation of public administration information systems in the Czech Republic for a period of 5 years - Section 5a(1) of the ISVS Act.+Information Concept of the Czech Republic - created by the Ministry of the Interior and approved by the Government of the Czech Republic, it sets out the objectives of the Czech Republic in the field of public administration information systems and general principles for the acquisition, creation, management and operation of public administration information systems in the Czech Republic for a period of 5 years - Section 5a(1) of the ISVS Act.
  
-**Binding documents of the Information Concept of the Czech Republic** - binding documents according to the Resolution of the Government of the Czech Republic of 3 October 2018, No. 629, which develop the principles and objectives of the Information Concept of the Czech Republic, i.e. Methods of ICT management of public administration in the Czech Republic, Glossary of eGovernment concepts, National Architectural Framework and National Architectural Plan (published on the website [[https://archi.gov.cz|https://archi.gov.cz]]).+Binding documents of the Information Concept of the Czech Republic - binding documents according to the Resolution of the Government of the Czech Republic of 3 October 2018, No. 629, which develop the principles and objectives of the Information Concept of the Czech Republic, i.e. Methods of ICT management of public administration in the Czech Republic, Glossary of eGovernment concepts, National Architectural Framework and National Architectural Plan (published on the website [[https://archi.gov.cz|https://archi.gov.cz]]).
  
-**Information Concept of a Public Administration Authority** - in this information concept, public administration authorities set out their long-term objectives in the area of quality and security management of managed public administration information systems and define the general principles for the acquisition, creation, management and operation of their public administration information systems - see Section 5a(2) of the ISVS Act.+Information Concept of a Public Administration Authority - in this information concept, public administration authorities set out their long-term objectives in the area of quality and security management of managed public administration information systems and define the general principles for the acquisition, creation, management and operation of their public administration information systems - see Section 5a(2) of the ISVS Act.
  
-**Public administration authority** - state authorities (e.g. ministries, other administrative authorities) and local self-government units - see Section 1(1) of the ISVS Act.+Public administration authority - state authorities (e.g. ministries, other administrative authorities) and local self-government units - see Section 1(1) of the ISVS Act.
  
-**Operational documentation** - ISVS documentation that describes the functional and technical characteristics of the information system and elaborates the authorisations and obligations of its administrator, operator and user - see Section 2(s) of the ISVS Act.+Operational documentation - ISVS documentation that describes the functional and technical characteristics of the information system and elaborates the authorisations and obligations of its administrator, operator and user - see Section 2(s) of the ISVS Act.
  
-**Operational information system** - an information system providing information activities necessary for the internal operation of the competent authority, such as accounting, asset management or electronic mail - see Section 2(p) of the ISVS Act.+Operational information system - an information system providing information activities necessary for the internal operation of the competent authority, such as accounting, asset management or electronic mail - see Section 2(p) of the ISVS Act.
  
-**Reference interface** - a set of legal, technical, organisational and other measures creating a uniform integration environment of public administration information systems, which provides a quality set of common services of public administration information systems, including services for the exchange of legitimately required information between individual information systems, including with systems outside the Czech Republic - see § 2(h) of the ISVS Act.+Reference interface - a set of legal, technical, organisational and other measures creating a uniform integration environment of public administration information systems, which provides a quality set of common services of public administration information systems, including services for the exchange of legitimately required information between individual information systems, including with systems outside the Czech Republic - see § 2(h) of the ISVS Act.
  
-**Binding** **between public administration information systems** - mutual or unilateral provision of services of public administration information systems, for example data sharing - see § 2(o) of the ISVS Act; for the purposes of this methodological guideline, automated, mutual or unilateral provision of services between ISVS of different ISVS administrators.+Binding between public administration information systems - mutual or unilateral provision of services of public administration information systems, for example data sharing - see § 2(o) of the ISVS Act; for the purposes of this methodological guideline, automated, mutual or unilateral provision of services between ISVS of different ISVS administrators.
  
-**Web service** - a group of technologies and methods that connect information systems via the Internet and enable them to communicate and exchange information effectively with each other.+Web service - a group of technologies and methods that connect information systems via the Internet and enable them to communicate and exchange information effectively with each other.
  
 === Abbreviations used === === Abbreviations used ===
  
-**ISVS** - public administration information system(s).+ISVS - public administration information system(s).
  
 ===== Public Administration Information Systems ===== ===== Public Administration Information Systems =====
Line 73: Line 73:
 In accordance with Section 2(b) of the ISVS Act, an ISVS is a functional unit or part thereof providing a purposeful and systematic information activity for the purposes of public administration. This includes information systems providing activities pursuant to special laws. In order to determine whether a particular information system is also an ISMS, it is necessary to assess the relationship of that information system to the performance of public administration. In this context, it is necessary to define the concept of public administration. In accordance with Section 2(b) of the ISVS Act, an ISVS is a functional unit or part thereof providing a purposeful and systematic information activity for the purposes of public administration. This includes information systems providing activities pursuant to special laws. In order to determine whether a particular information system is also an ISMS, it is necessary to assess the relationship of that information system to the performance of public administration. In this context, it is necessary to define the concept of public administration.
  
-**Public administration** can be characterised as the administration of public affairs which pursues public objectives and is carried out in the public interest (it is therefore the opposite of private administration, which is carried out by any natural or legal person who, on the contrary, pursues private objectives in his or her own private interest).+Public administration can be characterised as the administration of public affairs which pursues public objectives and is carried out in the public interest (it is therefore the opposite of private administration, which is carried out by any natural or legal person who, on the contrary, pursues private objectives in his or her own private interest).
  
-**Public administration** can be conceived in two ways, namely as a specific public activity (the so-called **functional concept** of public administration) and as a set of bodies (subjects) that carry out this activity (the so-called **organisational or institutional concept** of public administration).+Public administration can be conceived in two ways, namely as a specific public activity (the so-called functional concept of public administration) and as a set of bodies (subjects) that carry out this activity (the so-called organisational or institutional concept of public administration).
  
-For the purpose of defining the content of the concept of **public administration** in relation to ISMS under the Act\\ +For the purpose of defining the content of the concept of public administration in relation to ISMS under the Act\\ 
-on ISVS **the relevant concept is the functional concept**, according to which public administration represents a publicly beneficial activity which pursues the fulfilment of a certain public (state, municipal, etc.) interest.+on ISVS the relevant concept is the functional concept, according to which public administration represents a publicly beneficial activity which pursues the fulfilment of a certain public (state, municipal, etc.) interest.
  
-The form of public administration activity may take the form of so-called **sovereign (sovereign)** public administration. In this case, it is a prescriptive (authoritative) activity, which has the nature of public power((Public power means such power which authoritatively decides on the rights and obligations of subjects, either directly or indirectly. The subject whose rights or obligations are decided by a public authority is not in an equal position with that authority and the content of the decision of that authority does not depend on the will of the subject - see the Constitutional Court's resolution of 25 November 1993, Case No II ÚS 75/93.+The form of public administration activity may take the form of so-called sovereign (sovereign) public administration. In this case, it is a prescriptive (authoritative) activity, which has the nature of public power((Public power means such power which authoritatively decides on the rights and obligations of subjects, either directly or indirectly. The subject whose rights or obligations are decided by a public authority is not in an equal position with that authority and the content of the decision of that authority does not depend on the will of the subject - see the Constitutional Court's resolution of 25 November 1993, Case No II ÚS 75/93.
 )), when a public authority (e.g. a municipal authority) interferes in the legal relations of other persons (natural or legal persons). The existence of relations of superiority and subordination in which the public authority always stands above the person whose rights or obligations it decides on is typical for the public administration of a superiority. The classical result of the public administration of the superiors is administrative decisions issued in administrative proceedings ((The general procedural regulation in the field of public administration is Act No. 500/2004 Coll., Administrative Procedure Code. The Administrative Procedure Code regulates both the issue of administrative proceedings and other acts of administrative authorities - statements, certificates, communications (Part Four), public contracts (Part Five) and measures of a general nature (Part Six). According to the Administrative Procedure Code, an administrative procedure is a procedure of an administrative authority, the purpose of which is to issue a decision establishing, amending or revoking the rights or obligations of a named person in a particular matter or declaring that such person has or does not have rights or obligations in a particular matter. )), when a public authority (e.g. a municipal authority) interferes in the legal relations of other persons (natural or legal persons). The existence of relations of superiority and subordination in which the public authority always stands above the person whose rights or obligations it decides on is typical for the public administration of a superiority. The classical result of the public administration of the superiors is administrative decisions issued in administrative proceedings ((The general procedural regulation in the field of public administration is Act No. 500/2004 Coll., Administrative Procedure Code. The Administrative Procedure Code regulates both the issue of administrative proceedings and other acts of administrative authorities - statements, certificates, communications (Part Four), public contracts (Part Five) and measures of a general nature (Part Six). According to the Administrative Procedure Code, an administrative procedure is a procedure of an administrative authority, the purpose of which is to issue a decision establishing, amending or revoking the rights or obligations of a named person in a particular matter or declaring that such person has or does not have rights or obligations in a particular matter.
 )), but also other acts of administrative authorities which affect the rights and obligations of the addressees of public administration (e.g. various certificates, public law contracts, measures of a general nature, etc.). )), but also other acts of administrative authorities which affect the rights and obligations of the addressees of public administration (e.g. various certificates, public law contracts, measures of a general nature, etc.).
  
-However, public administration may also take another form of activity, which consists in providing certain public needs. In the case of this care or management activity, we speak of **non-sovereign (non-exclusive, fiscal)** public administration, which, on the contrary, is characterised by equal relations between public administration bodies and their addressees (e.g. management of state or municipal property). In non-sovereign public administration, public administration bodies enter into private law relations (e.g. civil law relations).+However, public administration may also take another form of activity, which consists in providing certain public needs. In the case of this care or management activity, we speak of non-sovereign (non-exclusive, fiscal) public administration, which, on the contrary, is characterised by equal relations between public administration bodies and their addressees (e.g. management of state or municipal property). In non-sovereign public administration, public administration bodies enter into private law relations (e.g. civil law relations).
  
 === Categories of ISVS === === Categories of ISVS ===
Line 98: Line 98:
 For the unambiguous identification of an ISVS, the situation is easiest in cases where a legal regulation regulates the management of an ISVS (which meets the characteristics of an ISVS listed in Section 2(b) of the ISVS Act), explicitly designating it as such, possibly with reference to the ISVS Act. However, this is not the case in all cases. For the unambiguous identification of an ISVS, the situation is easiest in cases where a legal regulation regulates the management of an ISVS (which meets the characteristics of an ISVS listed in Section 2(b) of the ISVS Act), explicitly designating it as such, possibly with reference to the ISVS Act. However, this is not the case in all cases.
  
-**The following examples document the ways in which the legislation regulates the maintenance of ISVS:**+The following examples document the ways in which the legislation regulates the maintenance of ISVS:
  
-  * **The legislation regulates the management of a specific information system, at the same time designating it as an ISMS and referring to the ISMS Act:**+  * The legislation regulates the management of a specific information system, at the same time designating it as an ISMS and referring to the ISMS Act:
  
 <WRAP centre round box 100%> <WRAP centre round box 100%>
Line 113: Line 113:
  
  
-  * **The legislation regulates the maintenance of a specific register (record, register, etc.), i.e. the term "information system" or "system" is not in the title; the legislation designates the register, record, register as ISVS and refers to the ISVS Act:**+  * The legislation regulates the maintenance of a specific register (record, register, etc.), i.e. the term "information system" or "system" is not in the title; the legislation designates the register, record, register as ISVS and refers to the ISVS Act:
  
 <WRAP centre round box 100%> <WRAP centre round box 100%>
Line 126: Line 126:
  
  
-  * **The legislation regulates the maintenance of a specific information system, register, register, register, list, database, portal, etc., refers to it as ISVS, does not refer to the ISVS Act.**+  * The legislation regulates the maintenance of a specific information system, register, register, register, list, database, portal, etc., refers to it as ISVS, does not refer to the ISVS Act.
  
 <WRAP centre round box 100%> <WRAP centre round box 100%>
Line 135: Line 135:
  
  
-  * **The legislation regulates the maintenance of the ISVS but does not explicitly designate it as an ISVS.**+  * The legislation regulates the maintenance of the ISVS but does not explicitly designate it as an ISVS.
  
 <WRAP center round box 100%> <WRAP center round box 100%>
Line 150: Line 150:
 The management of an ISVS does not have to be explicitly regulated by a specific legal regulation (i.e. a legal regulation different from the ISVS Act), or the existence of an ISVS does not have to be explicitly mentioned in any legal regulation. The management of an ISVS does not have to be explicitly regulated by a specific legal regulation (i.e. a legal regulation different from the ISVS Act), or the existence of an ISVS does not have to be explicitly mentioned in any legal regulation.
  
-For example, municipalities, according to Act No. 565/1990 Coll., on local fees, collect local fees, e.g. from dog owners. In connection with this activity, a number of municipalities (or municipal authorities as local tax administrators) maintain as an information system **registration of dog owners** as local tax payers. This information system is an ISVS, and is maintained by decision of the public authority in support of the administrative activities carried out by it, i.e. it serves for the performance of public administration.+For example, municipalities, according to Act No. 565/1990 Coll., on local fees, collect local fees, e.g. from dog owners. In connection with this activity, a number of municipalities (or municipal authorities as local tax administrators) maintain as an information system registration of dog owners as local tax payers. This information system is an ISVS, and is maintained by decision of the public authority in support of the administrative activities carried out by it, i.e. it serves for the performance of public administration.
  
 === Registration of ISVS in the ISVS register in the RPP === === Registration of ISVS in the ISVS register in the RPP ===
Line 195: Line 195:
 If the answers to these questions are YES, the information system under consideration is most likely an ISVS. If the answers to these questions are YES, the information system under consideration is most likely an ISVS.
  
-**However, an information system that is expressly declared to be an ISVS by law, even if it does not meet the characteristics of an ISVS under section 2(b) of the ISVS Act, will always be an ISVS.**+However, an information system that is expressly declared to be an ISVS by law, even if it does not meet the characteristics of an ISVS under section 2(b) of the ISVS Act, will always be an ISVS.
  
 If you evaluate the information system you manage as an ISVS, you must next determine the extent to which the ISVS Act applies to you. Section 1 of the Act sets out which ISVS are not covered by the Act, or are covered to a specified extent. If you evaluate the information system you manage as an ISVS, you must next determine the extent to which the ISVS Act applies to you. Section 1 of the Act sets out which ISVS are not covered by the Act, or are covered to a specified extent.
Line 249: Line 249:
 It is recommended that the public authority should include in the information concept all the information systems of which it is the administrator, i.e. both ISVs and operational systems. When assessing which public administration information systems are subject to the obligation to include them in the information concept, it should also be taken into account that there is an obligation to include in the information concept those operational information systems which have links to public administration information systems which are not operational information systems. It is recommended that the public authority should include in the information concept all the information systems of which it is the administrator, i.e. both ISVs and operational systems. When assessing which public administration information systems are subject to the obligation to include them in the information concept, it should also be taken into account that there is an obligation to include in the information concept those operational information systems which have links to public administration information systems which are not operational information systems.
  
-**Summary - in the information concept of the public administration**+Summary - in the information concept of the public administration
   *the ISMS for which the authority is the administrator must be listed,   *the ISMS for which the authority is the administrator must be listed,
   *the operational IS of selected categories for which the public authority is the administrator must be listed,   *the operational IS of selected categories for which the public authority is the administrator must be listed,