Regulation Department
The Regulation Department deals with matters regulated by Act No 181/2014 Coll. on Cyber Security. It communicates with regulated entities, whether in relation to their regulation or in providing methodological support. Additionally, the department participates in the preparation of legislation on cyber security and plays a crucial role in identifying and protecting critical information infrastructure, important information systems, and essential services’ information systems within the Czech Republic. Regulation Department is divided into three units:
PRIVATE SECTOR REGULATION UNIT
Ensures the identification of operators of essential services. Applies, preserves and interprets Decree No 437/2017 Coll., on the Criteria for the Determination of an Operator of Essential Service. Ensures the identification of critical information infrastructures in the private sector. Provides interpretation and support in private sector regulation. Communicates with the relevant controllers.
PUBLIC SECTOR REGULATION UNIT
Ensures the identification of important information systems. Applies, preserves and interprets Decree No 317/2014 Coll., on Important Information Systems and their Determination Criteria. Ensures the identification of critical information infrastructures in the public sector. Provides interpretation and support in public sector regulation. Communicates with the relevant controllers.
CLOUD COMPUTING REGULATION UNIT
Provides assessment of cloud computing offers in accordance with the Public Administration Information Systems Act and the Act on Cyber Security. Applies, preserves and interprets the so-called Cloud Decree (expected effect in 2021 at the latest). Consults impacts of systems disruption for the purposes of cloud computing processes in public authorities. Provides interpretation and support in regulation of cloud computing services used by public authorities. Communicates with the relevant controllers.
In case of any questions or suggestions, particularly related to the identification of critical information infrastructure elements or operators of essential services; methodical support in the identification of important information systems or digital service providers; interpretation of the Act on Cyber Security and the implementation of cybersecurity legislation; as well as questions concerning supporting materials related to the law, please contact:
Audit Department
The Audit Department supervises the compliance of regulated entities with the requirements of the Act on Cyber Security. It is involved, together with the Regulation Department, in the preparation of legislation on cyber security and provides methodological support to regulated entities. In addition, the Audit Department cooperates with other audit authorities whose activities in cyber security overlap.