Special authority to be formed in Armenia to regulate information  systems 

ArmInfo.  The Armenian government, based on advanced international experience, proposes to create a specialized body in the field of regulation of information systems.  On August 14, the Cabinet of Ministers of the Republic of Armenia  approved the draft laws "On Cybersecurity", "On Public Information",  "On Regulation of Information Systems", as well as a package of  related laws.

As stated in the explanation to the draft law "On Cybersecurity", the  adoption of the document is due to the need to ensure the safe and  reliable operation of information systems and critical information  infrastructures in physical and virtual spaces, which is a guarantee  of the proper provision of services in the public and private sectors  and ensuring their normal functioning.

"The scope of regulation of the proposed draft law covers relations  related to the uninterrupted functioning of information systems and  (or) critical information infrastructures used to provide vital  services in the Republic of Armenia, ensuring the availability,  integrity, confidentiality of information processed, distributed,  stored, transmitted and published in them, notification of cyber  incidents, their prevention and resolution, requirements for  cybersecurity service providers, compliance assessment or audit, as  well as the implementation of control and supervision over compliance  with the requirements of this law>, the document says.

The draft law clarifies the powers of the body developing state  policy in the field of cybersecurity, represented by the Ministry of  High-Tech Industry of the Republic of Armenia, and the body ensuring  the implementation of policy in the field of cybersecurity,  represented by the autonomous body, as well as other competent state  bodies in the specified area.

It is noted that the adoption of the bill will create a legal basis  for the development of a comprehensive state policy and action plan  in the field of cybersecurity, an inventory of cybersecurity  challenges and risks, their classification, the definition of  coordinated measures and principles for responding to cyber  incidents, strengthening cybersecurity in emergency situations and  under martial law, the development of an additional action plan and  corresponding scenarios, clarification of roles and responsibilities,  planning and conducting cyber exercises, and the implementation of  programs aimed at raising awareness among the general public and the  level of cyber literacy.

Within the framework of the draft law , it is  expected that the state information system will be established,  developed and modernized, a unified information policy will be  implemented, and the formation, development and modernization of the  state information system will create an opportunity for more  effective implementation of the goals of digitalization of Armenia,  digital transformation of public administration, economy and society.

The adoption of the draft law   will allow the creation of a relevant body in the Republic of Armenia  with the status of an autonomous body, which will ensure compliance  with the above-mentioned basic principles to the maximum extent  possible.

As noted in the explanatory note to the document, this body will  exercise regulatory powers in the following main areas:

Data Processing Center: Implementation, management and maintenance of  state decisions on digitalization, ensuring uninterrupted operation  in 24/7 mode, monitoring and ensuring the security of data, digital  storage and systems in accordance with international standards,  implementation of modern cloud infrastructures, services and  technologies, which will also be available to the private sector.

Cybersecurity Center: Development of cybersecurity standards and  verification of compliance of information systems in vital sectors,  expert consultations, monitoring of the level/state of cybersecurity,  development and adoption of minimum cybersecurity requirements, as  well as implementation of various programs to improve the cyber  literacy of citizens and civil servants.

"Within this area, in order to ensure the security of the state  information system, the body is assigned the function of limiting the  possibility of using state information systems and the level of data  exchange (x- road). It should be taken into account that these  systems are created and formed at the expense of the state budget,  are critical infrastructures, contain a security component and are  aimed at providing the population with uninterrupted, safe and  high-quality services. To implement this function, the body must have  clear legislative provisions and an authorizing regulatory framework.

With the adoption of the bill, the total amount of annual wages and  social security as a result of full staffing of the relevant  positions and employees of the body will be about 6 billion drams.  When calculating the costs, we took into account the fact that the  wages of employees of professional departments are high on the  market, and these teams will make up the bulk of the body's staff,"  the authors of the initiative noted.