Job description of a security specialist. Job description of a specialist in information security in key information infrastructure systems Job descriptions of information security

Download job description
security specialist(.doc, 61KB)

I. General Provisions

The security professional should know:
1. 1.1. Legislation on security, on private security activities, on the protection of information, on operational search activities, on weapons, etc.
2. 1.2. Enterprise charter, internal labor regulations.
3. 1.3. The structure of the enterprise, the main responsibilities of the heads of the departments of the enterprise.
4. 1.4. The principles of organizing the security of the facilities of the enterprise, its personnel and information that is a commercial secret.
5. 1.5. Characteristics of technical means of protecting objects, information from unauthorized access to them.
6. 1.6. The tactics of protecting objects, information, personnel of the enterprise from criminal encroachments.
7. 1.7. Characteristics of technical means (signaling systems, communications, information protection, etc.).
8. 1.8. Requirements for the development of internal documents on the regime at facilities, instructions for access to the resources of the enterprise (financial, inventory, information, etc.).
9. 1.9. Rules for the maintenance of especially valuable commodity-material, financial and other resources.
10. 1.10. Rules for accompanying executives of the enterprise.
11. 1.11. Methods for safety briefing, control measures.
12. 1.12. Fundamentals of Labor Law.
Appointment to the position of a security specialist and dismissal from office is made by order of the head of the enterprise on the proposal of _______________________________________.
The security specialist reports directly to _______________________________________.
During the absence of a safety specialist (illness, vacation, etc.), his duties are performed by a person appointed in established order... This person acquires the corresponding rights and is responsible for the quality and timely performance of the duties assigned to him.

II. Job responsibilities

Security Specialist:

Carries out work on the legal and organizational protection of the enterprise, on the protection of commercial secrets.
Organizes work on the distribution of additional duties among the personnel in order to ensure the security regime.
Conducts interviews with newly hired employees in order to identify their loyalty and assign employees additional to the main official duties in the enterprise security system.
Draws up obligations on non-disclosure of information constituting a commercial secret.
Develops a methodology for personnel actions in the event of a threat to the security of the enterprise.
Provides education and training of personnel on security issues.
Organizes a special regime of office work, excluding unauthorized receipt of information under the special access regime.
Prevents unjustified admission and access to information and work that constitutes a commercial secret of the enterprise.
If necessary, organizes and ensures the on-site access control and empowers the appropriate personnel in this case.
Evaluates the need to involve the security service of the Ministry of Internal Affairs, commercial security structures on a contractual basis for the protection of the object.
Leads the organization of contractual work with such structures.
Monitors compliance with security requirements by employees and visitors.
Organizes a study of probabilistic situations and illegal actions of intruders and competitors.
Reveals and localizes unauthorized physical admission of unknown persons to the protected area, calls, if necessary, a police squad.
Organizes and conducts official investigations on the facts of disclosure of information, loss of documents, valuables and other violations of the security of the enterprise.
Participates in the development of fundamental documents in order to consolidate the requirements for ensuring the safety of the enterprise (instructions, regulations, rules).
Organizes escort of especially valuable resources (cash, material, information), as well as especially important employees of the enterprise in the event of a threat to their safety.
Makes proposals for improving legal, organizational and engineering measures to protect the safety of the enterprise.
Keeps records and analyzes of violations of the regime.

III. Rights

The security specialist has the right to:

Provide employees of the enterprise with mandatory instructions on the safety of the enterprise.
Sign and endorse documents within their competence.
To study all aspects of the commercial, industrial, financial and other activities of the enterprise for the development and adjustment of security systems at the enterprise.
Study the personal files of the employees of the enterprise.
Provide binding instructions to staff and visitors on how to comply with the security regime.
Give recommendations on the observance of personal protective measures by the responsible employees of the enterprise.
To get acquainted with the documents defining his rights and obligations in the position held, the criteria for assessing the quality of the performance of official duties.
Submit proposals for improving the work related to the responsibilities provided for in this instruction for the management's consideration.
Require the management of the enterprise to ensure organizational and technical conditions and the execution of the established documents necessary for the performance of official duties.

IV. Responsibility

The safety specialist is responsible for:

For improper performance or non-performance of their duties provided for by this job description - within the limits established by the current labor legislation Russian Federation.
For offenses committed in the course of their activities - within the limits established by the current administrative, criminal and civil legislation of the Russian Federation.
For causing material damage the enterprise - within the limits established by the current labor and civil legislation of the Russian Federation.

JOB DESCRIPTION

Information Security Specialist

1. General Provisions

1.1. This instruction has been drawn up in accordance with the Decree of the Ministry of Labor of the Russian Federation of 08.21. No. 37 "Industry-wide qualification characteristics of the positions of workers employed in enterprises, institutions and organizations."

1.2. Information Security Specialist belongs to the category of professionals.

1.3. This job description sets out the rights, responsibilities and duties of an information protection specialist.

1.4. A person who has a higher professional (technical) education or secondary vocational education is appointed to the position of an information protection specialist without presenting requirements for work experience;

Information protection specialist of the II category - a person who has a higher professional (technical) education and work experience in the position of an information protection specialist or other positions replaced by specialists with higher vocational education at least 3 years;

Information protection specialist of the 1st category - a person who has a higher professional (technical) education and work experience in the position of an information protection specialist of the II category for at least 3 years.

1.5. Appointment to the position of a specialist in information protection and release from it is made by order of the director of the technical school on the proposal of the head of the information support department, networks and computers.

1.6. An information security officer should know:

Fundamentals of Labor Law;

Legislative acts, normative and methodological materials on issues related to ensuring the protection of information;

Specialization of the work of the technical school and the peculiarities of its activities;

Equipping the technical school with technical means, prospects for their development and modernization;

The system for organizing complex information protection operating in the industry;

Methods and means of monitoring protected information, identifying channels of information leakage, organizing technical intelligence;

Methods for planning and organizing work to protect information and ensure state secrets;

Technical means of control and protection of information, prospects and directions for their improvement;

Methods for conducting special studies and inspections, works to protect technical means of transmission, processing, display and storage of information;

The procedure for the use of abstract and reference and information publications, as well as other sources of scientific and technical information;

Achievements of science and technology in the country and abroad in the field of technical intelligence and information protection;

Methods and tools for performing calculations and computational work;

Fundamentals of Economics, Organization of Production, Labor and Management;

Rules and regulations for labor protection, safety, industrial sanitation and fire protection.

1.7. An information security specialist in his activities is guided by:

The Constitution of the Russian Federation;

The Civil Code of the Russian Federation;

Labor Code of the Russian Federation;

Federal Law of the Russian Federation of July 26, 2006, No. 152-FZ "On Personal Data";

Methodological instructions of the Department of Education of the city of Moscow "Creation of an information support service educational institution"From 2006;

The charter of the technical school;

Regulations on the structural unit;

Internal labor regulations;

This job description.

1.8. The information security specialist reports directly to the head of the information support department, networks and computers.

1.9. During the absence of an information protection specialist (vacation, illness, etc.), his duties are performed by a person appointed in accordance with the established procedure. This person acquires the corresponding rights and is responsible for the proper performance of the duties assigned to him.

2. Functions

2.1. Execution of works related to the provision of comprehensive information protection, observance of state secrets.

2.2 Determining the need for technical means protection and control.

2.3 Ensuring non-disclosure of confidential information.

3. Job responsibilities

The information security specialist performs the following duties:

3.1. Performs complex work related to the provision of comprehensive information protection based on the developed programs and methods, observance of state secrets.

3.2. Collects and analyzes the materials of the technical school in order to develop and make decisions and measures to ensure the protection of information and the effective use of automatic control means, to detect possible channels of leakage of information representing state, military, official and commercial secrets.

3.3. Analyzes existing methods and the means used to control and protect information, and develops proposals for improving them and increasing the effectiveness of this protection.

3.4. Participates in the examination of objects of protection, their certification and categorization.

3.5. Develops and prepares for approval drafts of regulatory and teaching materials regulating the work on the protection of information, as well as provisions, instructions and other organizational and administrative documents.

3.6. Organizes the development and timely submission of proposals for inclusion in the relevant sections of long-term and current work plans and programs of measures to control and protect information.

3.7. Gives feedback and opinions on projects of newly built and reconstructed buildings and structures and other developments on information security issues.

3.8. Participates in the consideration of technical specifications for design, draft, technical and working projects, ensures their compliance with the current regulatory and methodological documents, as well as in the development of new schematic diagrams of control equipment, control automation equipment, models and information security systems, assessment of the technical and economic level and the effectiveness of the proposed and implemented organizational and technical solutions.

3.9. Determines the need for technical means of protection and control, draws up applications for their purchase with the necessary justifications and calculations for them, controls their delivery and use.

3.10. Verifies compliance with cross-industry and industry-specific requirements normative documents for information protection.

3.11. Does not disclose confidential information, the boundaries of its protection, including passwords and information about EDS keys.

3.12. Informs the management about the attempts of unauthorized persons that have become known to him to obtain information of a confidential nature.

3.13. Immediately notifies the head of the department of information support, networks and computing equipment about the facts of loss of the private EDS key, intentional or unintentional damage to the AS and EDS Tools, which may lead to the disclosure of protected confidential information, as well as about the reasons and conditions for the possible leakage of such information; does not violate the procedure for signing and sending an electronic payment document signed by an EDS; shall deposit a key document with a private EDS key, whenever there is no need to use it, as well as at the end of the working day, in the manner prescribed by this instruction.

3.14. Performs other instructions from the management of the technical school, which are not included in this job description, but arose in connection with production needs.

4. Rights

An information protection specialist has the right to:

4.1. To get acquainted with the draft decisions of the management of the technical school concerning its activities.

4.2. Submit proposals for improving the work related to the responsibilities provided for in this instruction for the management's consideration.

4.3. Within the limits of their competence, inform their immediate supervisor about all the shortcomings in the activities of the technical school revealed in the process of carrying out their official duties and make proposals for their elimination.

4.4. Request, personally or on behalf of your immediate supervisor, from the specialists of the departments, information and documents necessary for the performance of his official duties.

4.5. To involve specialists from all (individual) structural divisions in solving the tasks assigned to him (if this is provided for by the provisions on structural divisions, if not, then with the permission of their leaders).

4.6. Demand from his immediate supervisor, the management of the enterprise, to assist in the performance of his duties and rights.

5. Responsibility

The data protection officer is responsible for:

5.1. For improper performance or non-performance of their official duties provided for by this job description - within the limits determined by the current labor legislation of the Russian Federation.

5.2. For offenses committed in the course of carrying out their activities - within the limits determined by the current administrative, criminal and civil legislation of the Russian Federation.

5.3. For causing material damage - within the limits determined by the current labor and civil legislation of the Russian Federation.

5.4. For violation of the requirement federal law"On personal data" and other regulatory legal acts of the Russian Federation, as well as internal regulations of the technical school, regulating the protection of the interests of subjects of personal data, the procedure for processing and protecting personal data - within the limits established by the current legislation of the Russian Federation.

5.5. For non-fulfillment or improper fulfillment of their functions and duties provided for by this job description, orders, orders, instructions from the management of the technical school, which are not included in this job description, but arising in connection with production needs and other offenses - in accordance with the current legislation of the Russian Federation: remark, reprimand, dismissal.

6 interactions

Information protection specialist:

6.1. Works on a schedule based on a 40-hour working week and approved by the director of the technical school.

6.2. Receives from the head of the department of information support, networks and computer technology information of a regulatory and organizational and methodological nature, gets acquainted with the relevant documents on receipt.

6.3. Systematically exchanges information on issues within its competence with the deputy directors of the technical school, the staff of the technical school.

6.4. When performing official duties related to the work of automated information systems, in other structural divisions of the technical school, must agree on a work execution plan with the head of the structural division in which the work will be performed.

6.5. Transfers to the head of the department of information support, networks and computer technology information received at meetings, seminars, immediately after receiving it.

6.6. Respects confidentiality.

1. General Provisions

1.1. For the position:

- an information security specialist is accepted by a person who has a higher professional (technical) education without presenting a requirement for work experience;

- an information protection specialist of the II category is accepted (transferred) by a person who has a higher professional (technical) education and work experience in the position of an information protection specialist or other positions replaced by specialists with higher professional education for at least 3 years;

- a specialist in the protection of information of the I category is accepted (transferred) a person who has a higher professional (technical) education and work experience as a specialist in the protection of information in the II category of at least 3 years.

1.2. An information security officer should know:

- legislative acts, normative and methodological materials on issues related to ensuring the protection of information;

- specialization of the organization and features of its activities;

- production technology in the industry, in the organization;

- equipment of computing centers with technical means, prospects for their development and modernization;

- the system of organizing complex information protection, operating in the industry, organization;

- methods and means of monitoring protected information, identifying information leakage channels, organizing technical intelligence;

- methods of planning and organizing work to protect information and ensure secrets protected by law (state, official, commercial);

- technical means of control and protection of information, prospects and directions for their improvement;

- methods of conducting special studies and inspections, works to protect technical means of transmission, processing, display and storage of information;

- the procedure for using abstract and reference and information publications, as well as other sources of scientific and technical information;

- achievements of science and technology in the country and abroad in the field of technical intelligence and information protection;

- methods and tools for performing calculations and computational work;

- fundamentals of economics, organization of production, labor and management;

- fundamentals of labor legislation;

- Internal labor regulations;

- rules of labor protection and fire safety;

1.3. An information security specialist in his activities is guided by:

- Regulations on the Information Protection Department;

- this job description;

— __________________________________________________________

(other acts and documents directly related to labor

By the function of a data protection officer)

1.4. The Data Protection Officer reports directly to

_________________________________________________________.

(name of the manager's position)

1.5. During the absence of an information protection specialist (vacation, illness, etc.), his duties are performed by an employee appointed in accordance with the established procedure, who acquires the relevant rights and is responsible for non-performance or improper performance of the duties assigned to him in connection with the replacement.

1.6. __________________________________________________________

2. Functions

2.1. Organization of comprehensive information protection.

2.2. Ensuring effective use of automatic controls.

3. Job responsibilities

The information security specialist performs the following duties:

3.1. Performs complex work related to the provision of comprehensive information protection based on the developed programs and methods, observance of secrets protected by law (state, official, commercial).

3.2. It collects and analyzes materials in order to develop and make decisions and measures to ensure the protection of information and the effective use of automatic control tools, to detect possible channels of leakage of information representing a secret protected by law (state, official, commercial).

3.3. Analyzes the existing methods and tools used to control and protect information, and develops proposals for improving them and increasing the effectiveness of this protection.

3.4. Participates in the examination of objects of protection, their certification and categorization.

3.5. Develops and prepares for approval drafts of normative and methodological materials regulating the work on the protection of information, as well as regulations, instructions and other organizational and administrative documents.

3.7. Gives feedback and opinions on projects of newly built and reconstructed buildings and structures and other developments on information security issues.

3.8. Participates in the consideration of technical assignments for the implementation of draft, technical and working projects, ensures their compliance with the current regulatory and methodological documents, as well as in the development of new schematic diagrams of control equipment, control automation equipment, models and information security systems, assessment of the technical and economic level and efficiency proposed and implemented organizational and technical solutions.

3.10. Checks compliance with the requirements of cross-sectoral and sectoral regulatory documents for the protection of information.

3.11. __________________________________________________________

(other responsibilities)

4. Rights

An information protection specialist has the right to:

4.1. Participate in the discussion of draft decisions of the organization's management.

4.2. In agreement with the immediate supervisor, involve other employees in solving the tasks assigned to him.

4.3. Request and receive from employees of other structural divisions the necessary information and documents.

4.4. Participate in the discussion of issues related to the duties performed.

4.5. Require the management of the organization to assist in the performance of official duties.

4.6. __________________________________________________________

(other rights)

5. Responsibility

You can download the Data Protection Engineer Job Description for free. Responsibilities of an information security engineer I approve (Surname, initials) (name of the organization, its organizational - legal form) (director; another person authorized to approve the job description) 00.00.201_y. m. OFFICIAL INSTRUCTIONS FOR THE PROTECTION OF INFORMATION (name of institution) 00.00.201_y. No. 00 1. General provisions 1.1. This job description defines the job duties, rights and responsibilities of an information security engineer (hereinafter referred to as the "enterprise"). Institution name 1.2.

Job description of an information security engineer

Full name) Subdivision: Information Security Department Position: Information Security Engineer 00.00.0000

General Provisions

This job description defines functional responsibilities, rights and responsibilities of an information protection engineer. An information security engineer belongs to the category of specialists.

An information protection engineer is appointed and dismissed in accordance with the procedure established by the current labor legislation by order of the director of the enterprise on the proposal of the head of the information protection department. Relationships by position: 1.4.1 Direct subordination to the Head of the Information Security Department 1.4.2.

Job instructions

Important

Monitors activities to ensure the security of information in key information infrastructure systems; informational, material and technical, scientific and technical support for information security; monitoring the status of work to ensure the security of information in key information infrastructure systems and their compliance with the regulatory legal acts of the Russian Federation. 2.6. Provides feedback and opinions on projects of newly created and modernized facilities and other developments on information security issues in key information infrastructure systems.

2.7. Participates in the review of technical specifications for research and development work to ensure the security of information in key information infrastructure systems, assesses their compliance with the current regulatory and methodological documents. 2.8.
Participate in conducting inspections of the enterprise to comply with the requirements of regulatory and technical documentation for the protection of information. 2.16. Prepare proposals for the conclusion of contracts and the signing of agreements with other enterprises that provide services in the field of technical means of information security.
2.17.

Attention

Participate in the certification of premises, facilities, technical means, algorithms and programs for their compliance with the requirements for information protection in accordance with the relevant security classes. 2.18. Draw up applications for equipment, necessary materials and devices. 2.19. Conduct control checks of the effectiveness and efficiency of existing technical means and information protection systems.

2.20. Develop proposals aimed at increasing efficiency and improving the measures taken. 2.21. Draw up and execute acts of control checks. 2.22.

Job description of an engineer for technical protection of information

Draws up calculation methods and programs for experimental research on the technical protection of information, performs calculations in accordance with the developed methods and programs. 2.5. Conducts a comparative analysis of research and test data, examines possible sources and channels of information leakage.
2.6.

Carries out the development technical support information security systems, maintenance of information security means, takes part in the preparation of recommendations and proposals for improving and increasing the efficiency of information security, in the writing and execution of sections of scientific and technical reports. 2.7. Compiles informational reviews on the technical protection of information.

Information Security Engineer

Appointment to the position of an information protection engineer and release from it is made by order of the head of the enterprise on the proposal of the head of the information protection department. 1.4. An information security engineer must know: - regulations, orders, orders, methodological and regulatory materials on issues related to ensuring the technical protection of information; - specialization of the enterprise, its divisions and features of their activities; - methods and means of receiving, processing and transmitting information; - technical means of information protection; - software and mathematical means of information protection; - the procedure for drawing up technical documentation for the protection of information; - the procedure for using scientific and technical documentation, etc.

Information Security Engineer Job Description

Carries out work on the design and implementation of special technical and software-mathematical means of protecting information, providing organizational and engineering measures for protecting information, providing organizational and engineering measures for protecting information systems, conducting research in order to find and select the most appropriate practical solutions within the task at hand. 2.2. Carries out the selection, study and generalization of scientific and technical literature, normative and methodological materials on technical means with ways to protect information. 2.3. Participates in the consideration of draft technical specifications, plans and schedules for the technical protection of information, in the development of the necessary technical documentation. 2.4.

Information Security Engineer Job Responsibilities

Receive official information necessary to carry out their duties. 4. RESPONSIBILITY Engineer for technical protection of information is responsible for: 4.1.

For non-fulfillment or improper fulfillment of their duties provided for by this job description - in accordance with the current labor legislation. 4.2. For offenses committed during the period of carrying out their activities - in accordance with the current civil, administrative and criminal legislation.
4.3. For causing material damage - in accordance with applicable law. 5. CONDITIONS AND ASSESSMENT OF WORK 5.1. The mode of work of an engineer for technical protection of information is determined in accordance with the internal labor regulations established in the Organization.
5.2.

Within the limits of their competence, inform their immediate supervisor about all deficiencies in the activities of the enterprise (structural divisions) identified in the process of exercising official duties and make proposals for their elimination. 3.4. Request, personally or on behalf of your immediate supervisor, from the specialists of the departments, information and documents necessary for the performance of their official duties.

3.5. To involve specialists from all (individual) structural divisions in solving the responsibilities assigned to him (if this is provided for by the provisions on structural divisions, if not - with the permission of the head of the enterprise). 3.6. Demand from his direct manager, the management of the enterprise, to assist in the performance of his duties and rights. 3.7. ... 4.
Conducts control checks of the operability and efficiency of existing systems and technical means of information protection, draws up and draws up acts of control checks and develops proposals for improving and increasing the effectiveness of measures taken. 12. Studies and summarizes the experience of other organizations in the use of technical means and methods of protecting information in order to increase the efficiency and improve work on its protection and preservation of state secrets. 13.

Performs work on time at a high scientific and technical level, observing the requirements of the instructions for the mode of work. III. Rights An information protection engineer has the right to: 1.

To get acquainted with the projects of decisions of the management of the enterprise concerning its activities. 2.

Information Security Engineer Job Description Sample

Perform calculations in accordance with the developed programs and methods. 2.7. Examine possible channels of information leakage. 2.8. Carry out the development of technical support for the information protection system and Maintenance means of information protection. 2.9. Analyze test and research data. 2.10. Participate in the preparation of proposals and recommendations for improving and increasing the efficiency of information protection. 2.11. Prepare informational reviews on the technical protection of information. 2.12.

Participate in the writing and design of sections of scientific and technical reports. 2.13. To carry out operational tasks related to ensuring control of technical means and mechanisms of the information protection system.

2.14. Participate in the preparation of opinions and reviews on technical documentation and regulatory and methodological materials.

Hospital Information Security Engineer Job Description

Carries out work on the design and implementation of special technical and software-mathematical means of protecting information, providing organizational and engineering measures for protecting information, providing organizational and engineering measures for protecting information systems, conducting research in order to find and select the most appropriate practical solutions within the task at hand. 2. Carries out the selection, study and generalization of scientific and technical literature, normative and methodological materials on technical means and methods of information protection.

3. Participates in the consideration of draft technical specifications, plans and schedules for the technical protection of information, in the development of the necessary technical documentation. 4.

Download job description
information security specialist(.doc, 75KB)

I. General Provisions

For the position:
- an information protection specialist is appointed a person who has a higher professional (technical) education without presenting requirements for work experience;
- information protection specialist of the II category - a person who has a higher professional (technical) education and work experience in the position of an information protection specialist or other positions that are filled by specialists with higher professional education for at least 3 years;
- information protection specialist of the 1st category - a person with a higher professional (technical) education and work experience in the position of an information protection specialist of the II category for at least 3 years.
Appointment to the position of an information protection specialist and release from it is made by order of the director of the enterprise on the proposal of the head of the information protection department.
An information security officer should know:
1. 3.1. Legislative acts, normative and methodological materials on issues related to ensuring the protection of information.
2. 3.2. The specialization of the enterprise and the peculiarities of its activities.
3. 3.3. Manufacturing technology in the industry.
4. 3.4. Equipment of computing centers with technical means, prospects for their development and modernization.
5. 3.5. The system for organizing the complex information protection operating in the industry.
6. 3.6. Methods and means of control of protected information, identification of information leakage channels, organization of technical intelligence.
7. 3.7. Methods for planning and organizing work to protect information and ensure state secrets.
8. 3.8. Technical means of control and protection of information, prospects and directions for their improvement.
9. 3.9. Methods for conducting special studies and inspections, works to protect technical means of transmission, processing, display and storage of information.
10. 3.10. The order of using abstract and reference and information publications, as well as other sources of scientific and technical information.
11. 3.11. Achievements of science and technology in the country and abroad in the field of technical intelligence and information protection.
12. 3.12. Methods and tools for performing calculations and computational work.
13. 3.13. Fundamentals of economics, organization of production, labor and management.
14. 3.14. Fundamentals of Labor Law.
15. 3.15. Rules and regulations for labor protection, safety, industrial sanitation and fire protection.
During the absence of an information protection specialist (vacation, illness, etc.), his duties are performed by a person appointed in accordance with the established procedure. This person acquires the corresponding rights and is responsible for the proper performance of the duties assigned to him.

II. Job responsibilities

Information protection specialist:

Performs complex work related to the provision of comprehensive information protection based on the developed programs and methods, observance of state secrets.
It collects and analyzes materials from institutions, organizations and enterprises of the industry in order to develop and make decisions and measures to ensure the protection of information and the effective use of automatic control tools, to detect possible channels of leakage of information representing state, military, official and commercial secrets.
Analyzes the existing methods and tools used to control and protect information, and develops proposals for improving them and increasing the effectiveness of this protection.
Participates in the examination of objects of protection, their certification and categorization.
Develops and prepares for approval drafts of normative and methodological materials regulating the work on the protection of information, as well as regulations, instructions and other organizational and administrative documents.
Organizes the development and timely submission of proposals for inclusion in the relevant sections of long-term and current work plans and programs of measures to control and protect information.
Gives feedback and opinions on projects of newly built and reconstructed buildings and structures and other developments on information security issues.
Participates in the consideration of technical specifications for design, draft, technical and working projects, ensures their compliance with the current regulatory and methodological documents, as well as in the development of new schematic diagrams of control equipment, control automation equipment, models and information security systems, assessment of the technical and economic level and the effectiveness of the proposed and implemented organizational and technical solutions.
Determines the need for technical means of protection and control, draws up applications for their purchase with the necessary justifications and calculations for them, controls their delivery and use.
Checks compliance with the requirements of cross-sectoral and sectoral regulatory documents for the protection of information.

III. Rights

An information protection specialist has the right to:

To get acquainted with the projects of decisions of the management of the enterprise concerning its activities.
Submit proposals for improving the work related to the responsibilities provided for in this instruction for the management's consideration.
Within the limits of their competence, inform their immediate supervisor about all deficiencies in the activities of the enterprise (its structural divisions) identified in the process of carrying out official duties and make proposals for their elimination.
Request, personally or on behalf of your immediate supervisor, from the specialists of the departments, information and documents necessary for the performance of his official duties.
To involve specialists from all (individual) structural divisions in solving the tasks assigned to him (if this is provided for by the provisions on structural divisions, if not, then with the permission of their leaders).
Demand from his immediate supervisor, the management of the enterprise, to assist in the performance of his duties and rights.

IV. Responsibility

The data protection officer is responsible for:

For improper performance or non-performance of their official duties provided for by this job description - within the limits determined by the current labor legislation of the Russian Federation.
For offenses committed in the course of carrying out their activities - within the limits determined by the current administrative, criminal and civil legislation of the Russian Federation.
For causing material damage - within the limits determined by the current labor and civil legislation of the Russian Federation.