Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
Drawn2022-04-15 14:17:59
Information Security
Drawn, 2022-04-15 14:17:59

How is Critical Infrastructure compiled?

Good afternoon, I wanted to know how to identify in a medical organization:
- all the processes that the organization performs (Managerial, Technological, financial, economic, production) and make a complete list?
-To identify the critical ones from all the processes?
-Listing critical processes?
For example, a medical enterprise.
We have the Internet, LAN, 1C, Video surveillance, the Glonass system for cars, what can be listed and how to arrange it correctly, maybe there is a link?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
N
nApoBo3, 2022-04-15
@nApoBo3

You probably received an order from above. If it is true. That in a reasonable way, such a problem is not solved.
The solution path is as follows.
We take departmental instructions and laws, build a "semantic graph" for "critical infrastructure", superimpose it on departmental instructions related to your institution and on your internal regulations. Unravel this hellish tangle. After that, you will have what and according to what laws you owe to whom and what belongs to the "critical" infrastructure.
People have been practicing for years in similar crocheting, this task is not solved at once, and even in such a way that it turns out that no money is needed and no one has been set up.

Report
C
CityCat4, 2022-04-16
@CityCat4

We start by reading the legislation related to CII - there is not much there. We are looking for all sorts of secondary documents, if I'm not mistaken, there was something about how CII is classified.
Here is a small list:
FZ-187
Decree of the Government of the Russian Federation No. 127 dated February 8, 2018 On approval of the rules for categorizing critical information infrastructure objects
FSTEC Order No. 239, as amended on February 20, 2020 On approval of the Requirements for ensuring the security of significant objects of critical information infrastructure
Information letter FSTEC dated April 17, 2020 "On the provision of lists of objects of critical information infrastructure to be categorized"
Decree of the President of the Russian Federation of March 30, 22 No. 166

Similar questions
D
dm2015-05-29 13:19:38
The name of the Cyrillic font in the picture? 6Reply
T
TroubleDealer2015-02-03 08:51:49
How to find inspiration in your specialty? 6Reply
M
Moolzv Rivers2019-07-03 19:11:12
Where can I find the kind of information security books I want? 3Reply
V
Valeria Smirnova2017-02-10 13:16:14
NtControlSvc and StaffCop - how to fight? 2Reply
A
Andrey Titov2019-07-10 09:12:39
How to Track User Registration in WordPress? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question