Article 1 In order to protect the security of computer information systems, safeguard the public interests of the state and society, and promote the application and development of computers, these Provisions are formulated in accordance with the relevant provisions of the state and the actual situation of our province. Article 2 A computer information system (hereinafter referred to as a computer system) refers to an information processing system (including a single customs clearance system) consisting of computers and their related supporting equipment, facilities, information and personnel.

Computer system security refers to avoiding all kinds of unintentional errors and destruction, preventing computer systems and data from being illegally used or destroyed, and ensuring the normal operation of computer systems. Article 3 These Provisions shall apply to units and individuals that establish and apply computer systems in this province. Fourth public security computer security supervision departments at all levels are responsible for computer system security supervision. The security of the network system of party and government organs, financial departments and computing centers (stations) is the focus of supervision work; Computer systems used for teaching, industrial process control, aided design and individuals without important information should be registered and managed. Article 5 The principles of unified management, division of responsibilities, active prevention and emergency treatment, safety management and safety supervision shall be applied to the safety management of computer systems, and the safety management responsibility system shall be implemented with unified leadership of the competent department and overall responsibility of the management unit. Article 6 The main responsibilities of the public security computer security supervision department are:

(a) to urge the competent departments of computer systems, business units and individuals to implement relevant safety laws and regulations;

(two) to supervise, inspect and guide the safety management of computer system departments, economic management units and individuals and the safety status of computer systems, and do a good job in the technical service of computer system security;

(three) to investigate and deal with illegal acts that endanger the security of computer systems;

(four) for computer system security review, registration, filing and other procedures;

(five) to handle other matters related to the safety supervision of computing systems. Article 7 The competent department of the computer network center (station) is responsible for the safety management of the whole network; The management unit is responsible for the safety management of the computer system of the unit. Eighth leading comrades in charge of computer system departments and management units are responsible for computer system security, and establish a safety management organization with leading comrades.

Security management agencies are responsible for computer system security education, risk analysis and countermeasure research, check the implementation of security laws, regulations and systems, conduct regular internal audit and supervision on the effectiveness of information processing activities and security measures, and ensure the implementation of various security measures. Article 9 Departments, units and individuals that establish computer systems shall report to the public security computer safety supervision department, and can only use them after passing the safety inspection and going through the registration procedures; Departments, units and individuals that have established and applied computer systems shall go through the registration formalities within a time limit. Article 10 When establishing a computer network system, a computing center (station) or financial department shall apply to the local public security computer security supervision department for security review, and it can only be used after being approved by the computer security supervision department of the provincial public security department. Article 11 The research, production, development, distribution and use of computer systems shall conform to the national computer safety standards and safety norms. Article 12 Competent departments, management units and individuals of computer systems shall implement Safety Specifications for Electronic Computer Systems, Technical Requirements for Computing Station Sites (GB 2887-82) and Safety Requirements for Computing Station Sites (GB 936 1-88).

The competent department and management unit of computer system shall, according to the relevant provisions of the state, determine the security level of computer system (confidentiality level and reliability level), the security category of computer room, temperature, humidity and dust level. The determination and change of the grade, category and level of important computer systems shall be reported by the management unit to the competent department for approval and reported to the public security computer security supervision department for the record. Thirteenth computer system departments and management units should strengthen the employment review, regular inspection and regular safety education of relevant staff. Important computer systems should send personnel with good political quality, familiarity with business and strong discipline, and only after passing the corresponding safety training and examination can they take up their posts.

For those who are not suitable for computer system work, they should be transferred in time and do a good job in the safety of the transferred personnel. Fourteenth departments and management units should establish a strict operation approval system and log management system; Programs, instructions or data that have not been examined and approved shall not be loaded into the computer system for operation. Fifteenth computer system staff and related personnel should strictly abide by the safety regulations of computer systems, and it is strictly forbidden to endanger the safety of computer systems by taking advantage of their authority and work. Sixteenth departments and management units should establish access control systems in important areas such as computer rooms, and establish systems for the use and maintenance of hardware, software, networks and media. Seventeenth departments and management units should take strict control measures on the data flow and all links of computer systems, and formulate safety control rules for data collection, classification, verification, input, storage, processing, encryption, output, transmission, deletion and use. The establishment, modification, update, deletion, copying and use of data files must have complete procedures and be carried out within the scope of authorization. Unauthorized personnel are strictly prohibited from contacting and using computer system resources.