About the confidentiality level of confidential computers in confidential units

In order to further strengthen the confidentiality management of confidential computer information, eliminate hidden dangers of leaks, and ensure the security of state secrets, this system is formulated in accordance with the "Law of the People's Republic of China on the Protection of State Secrets" and in light of actual conditions.

Article 1: The office is responsible for the unified construction and management of the unit's computer network and maintaining the normal operation of the network. The disciplinary committee assigned to each office shall not install other equipment on the network without authorization.

Article 2: State secret information shall not be stored, processed, or transmitted in computers connected to the international Internet (extranet). Confidential materials must be physically separated from the international Internet (extranet). The computers of the Disciplinary Committee assigned to each office are not allowed to access the Internet.

Article 3: All information posted on the Internet must be reviewed by the unit’s confidentiality work leading group to ensure that confidential information is not posted online and information posted online is not confidential. Adhere to the principle of "whoever surfs the Internet is responsible", strengthen confidentiality education and management of Internet users, improve the confidentiality concept of Internet users, enhance prevention awareness, and consciously implement relevant regulations.

Article 4: The use of e-mail for online information exchange shall abide by the relevant national confidentiality regulations, and e-mail shall not be used to transmit, forward or copy state secret information.

Article 5: Any maintenance of computer equipment involving state secret information shall ensure that the stored state secret information is not leaked. Go to the maintenance point designated by the confidential work department to carry out repairs, and send technicians to be responsible for supervision on site.

Article 6: After discovering computer system leaks, each office shall take timely remedial measures and report to the county state confidentiality unit within 24 hours as required.

Article 7: When confidential computer information is printed out, the printed files shall be managed according to the corresponding confidentiality level documents, and the residual, defective and waste pages generated during the printing process shall be destroyed in a timely manner.

Article 8: Anyone who fails to manage and use confidential computers in accordance with regulations and causes leaks will be held accountable in accordance with laws and regulations. If a crime is constituted, the person will be transferred to judicial organs for processing.

Article 9 This system is explained by the unit confidentiality work leading group office.

Article 10 This system will be implemented from June 1, 2009.

II. Confidentiality Management System for Confidential Mobile Storage Media

In order to strengthen the management of confidential laptops and mobile storage media in our unit and ensure the security of national secrets, according to the "People's Republic of China *The Law of the People's Republic of China on the Protection of State Secrets", this system was formulated based on the actual situation of our unit.

Article 1: The office is responsible for establishing and improving systems for the use of copying, transfer, carrying, handing over, keeping, and destroying, and for supervising and inspecting the implementation of this system by the disciplinary committees dispatched by each office. The unit's confidentiality work leading group defines confidential and non-confidential removable storage media (including hard drives, mobile hard drives, floppy disks, U disks, optical disks and various memory cards) and laptop computers, and registers them in the office.

Article 2: The Discipline Inspection Committee dispatched by each office must designate a dedicated person to be responsible for the daily management of laptop computers and confidential removable storage media in the department. Confidential mobile storage media and laptops must be properly stored. Those in daily use will be kept by the user, and those that are temporarily in use will be kept by a designated person.

Article 3: Confidential laptops and confidential mobile storage media can only be used within the unit and are strictly prohibited from being used outside the Internet. If you really need to take confidential laptops and confidential mobile storage media out for work, you must report to the unit leader for approval, perform relevant procedures, and adopt strict confidentiality measures. It is strictly prohibited to lend confidential laptops and confidential mobile storage media to outside units for use.

Article 4: Non-confidential laptops and removable storage media cannot be mixed with confidential ones. It is strictly prohibited to bring private laptops and removable storage media into the unit for use.

Article 5: When confidential laptops and removable storage media need to be sent for external repair, they must be repaired by a unit with confidentiality qualification designated by the national security department, and the used storage media must be recovered. Confidential mobile storage media should be cleared of information before being scrapped.

Article 6: The hard disks and removable storage media of confidential notebook computers must be destroyed at the destruction point designated by the county’s national confidentiality unit or sent to the county’s national confidentiality unit for unified destruction after approval by the main leader of the unit. The Discipline Inspection Committee dispatched by each office shall not destroy it without authorization. It is prohibited to sell confidential mobile storage media as scrap.

Article 7: Anyone who fails to manage and use confidential laptops and confidential mobile storage media in accordance with regulations and causes leaks will be held accountable in accordance with laws and regulations. If a crime is constituted, the case will be transferred to judicial authorities for processing.

Article 8: The unit’s confidentiality work leading group office is responsible for interpreting this system.

Article 9 This system will be implemented from June 1, 2009.

3. Computer and network confidentiality management system

1. Computer operators must abide by relevant national laws, and no one may use computers to engage in illegal activities.

2. Computer operators are not allowed to provide internal information and materials, user names, passwords, etc. without the approval of the leadership.

3. Network equipment must be equipped with anti-virus tools and have vulnerability scanning and intrusion prevention functions for real-time monitoring and regular detection.

4. Computer operators should frequently check computer systems to prevent loopholes. It is prohibited to transmit confidential documents through the network. Storage media such as floppy disks and optical disks must be numbered and filed by the relevant responsible person and kept strictly. Except for copies that need to be archived and must be retained, all documents generated in the computer system will be deleted, and samples generated during processing must be destroyed immediately.

5. When a computer with Internet access permissions accesses the Internet and other networks, it is strictly prohibited to browse, download, disseminate, or publish illegal information. Receiving emails from unknown sources is strictly prohibited.

6. Regularly back up important data and make regular copies to prevent data loss due to damage to storage tools. Backup tools can be in the form of CDs, hard drives, floppy disks, etc., and should be kept properly.

7. When computer operators are transferred, relevant materials, files, and software should be handed over to other staff members. After transfer, any content that needs to be kept confidential must be kept strictly confidential. The replacement should readjust the system and reset the user name and password.

8. Anyone who violates these regulations and leaks secrets will be held accountable depending on the severity of the case.

9. This system shall be implemented from the date of issuance.

IV. Provisions on confidentiality management of repair, replacement, and scrapping of confidential computers

1. When maintaining and overhauling confidential computer systems, it is necessary to ensure that the stored confidential information is not leaked. Security and confidentiality measures such as transferring, deleting, and off-site transfer of confidential information should be adopted for confidential information. When the above measures cannot be taken, security personnel and the computer system maintenance personnel of the confidential unit must be at the maintenance site to supervise the maintenance personnel, maintenance objects, maintenance content, and pre- and post-repair conditions and make detailed records.

2. Each secret-related room (each dispatched disciplinary committee) should record the fault phenomenon, cause of failure, and expansion of the equipment of the room (committee) in the maintenance file record book of the equipment.

3. Any confidential equipment that needs to be sent out for repair must be approved by the confidentiality work leading group and the leader of the unit in charge, and the confidential information must be irrecoverably deleted before implementation.

4. The office is responsible for the installation of office computer software and the maintenance and repair of equipment. Users are strictly prohibited from installing computer software without authorization and disassembling computer equipment without authorization.

5. Confidential computers will be scrapped and destroyed at designated points by dedicated personnel from the confidentiality leading group.

6. This system shall be implemented from the date of issuance.

5. Computer network information confidentiality management system

Our unit is a key department for confidentiality. Confidential information includes the handling of letters and calls, case inspections, case trials, case appeals and the investigation and handling of major disciplinary and illegal cases generated by the disciplinary committees of each office. Although it is not a state secret during the investigation of the case, it is a work secret that should not be disclosed, involving confidential documents, technical information, business information and other commercial secrets of the inspected unit. All personnel in our unit shall strictly abide by the relevant national regulations on the security and confidentiality management of computer information systems.

Article 1 In order to ensure the security of our unit’s computer network information and prevent the occurrence of computer network information loss and leakage incidents, this system is specially formulated.

Article 2: Information involving state or department secret matters (documents marked with confidentiality levels) shall not be stored in the computers of the Discipline Inspection Committee of each office or department. If it must be preserved, it must be reported to the relevant departments and leaders for approval, and relevant confidentiality and security regulations must be followed.

Article 3 The use of computers in this unit is limited to software related to disciplinary inspection and supervision work, and computers are not allowed to be used for non-work purposes during working hours.

It is strictly prohibited for computer users assigned by the Discipline Inspection Committee of each office to install and uninstall computer software without permission.

Article 4 When using external data disks, viruses must be detected and cleared before use. If anti-virus still cannot be removed, you should contact the office in time to prevent viruses from invading computers and network systems and causing serious consequences.

Article 5 Personnel from other units and family members of our own staff are not allowed to use our unit’s computers and ancillary equipment. Any use of computer equipment across offices (committees) requires the consent of the person in charge of the office (committee).

Article 6 Computer and system setting parameters (such as user accounts, login passwords, IP addresses, system paths, etc.) are the internal working secrets of the unit, and no one may disclose them to the outside world under any excuse.

Article 7 It is strictly prohibited to steal other people's passwords to log in to the OA system. You are not allowed to use the system when others are logged in. If you need to use it, you must first log out of other people's accounts and log in with your own user name. After completing the work You should log out immediately to maintain the security, confidentiality, and order of the information system.

Article 8 It is necessary to implement physical isolation from the Internet, and it is strictly prohibited to mix the internal and external networks of the same machine.

Article 9 The intranet of the unit is only for use by personnel within the unit. Without the consent of the department head, personnel from other units are strictly prohibited from using the intranet of the unit.

Article 10. Software related to adjusting system settings must not be run or modified at will during network operations. When opening a shared directory, you should pay attention to setting an access control password (such as a shared folder), and close the share immediately after completing the work to ensure the security and confidentiality of local files.

Article 11 The confidentiality management of online information adheres to the principle of "whoever releases it is responsible". No state secret information or work secret information may be published, discussed or disseminated in chat rooms, electronic bulletin systems, or online news.

Article 12 The use of electronic mail for online information exchange shall comply with state confidentiality regulations, and electronic mail shall not be used to transmit, forward or copy state secret information.

Article 13 Discipline work committees and individuals dispatched by each office shall not privately connect hubs (HUBs), modems (MODEMs) and other network equipment without the consent of the main leaders of the unit.

Article 14 It is strictly prohibited to download, purchase, or install hacker software. Anti-virus software must be used regularly to detect whether there are Trojans and virus programs on the machine.

Article 15 Computers involved in our unit’s internal work information shall not be directly or indirectly connected to the Internet or other public information networks.

Article 16. When bringing a computer or mobile storage medium to work in an inspected unit, the person carrying the computer or mobile storage medium shall be the first person responsible for the computer or mobile storage medium and shall not give internal information about our unit’s work to the inspected unit or other entities. Personnel review, transfer, etc.

Article 17: Carrying computers and storage media with confidential work-related information when going out must be approved by the leader in charge, and necessary confidentiality measures must be taken. Take your work computer or storage media home. You are not allowed to use the computer to access the Internet, and necessary confidentiality measures must be taken.

Article 18 When maintaining and overhauling confidential computer systems, it is necessary to ensure that the stored confidential information is not leaked. Confidential information should be transferred, deleted, and transferred to storage media in other places. and other security and confidentiality measures. When the above measures cannot be taken, the leader of the confidential room must be at the maintenance site to supervise the maintenance personnel, maintenance objects, maintenance content, and pre- and post-maintenance conditions and make detailed records.

Article 19 Any confidential computers or storage media that need to be sent out for repair must be approved by the leader in charge, and the confidential information must be irrecoverably deleted before it can be implemented.

Article 20: Anyone who changes the computer network without permission (such as changing the internal network to the external network, private connection lines, etc.) will be disqualified from the year-end evaluation qualifications of the director (secretary) of the office (committee) and the private connection person upon discovery. .

Article 21 Anyone who fails to comply with the above terms and causes the leakage of confidential information or our unit's internal work information will be disqualified once discovered and will be dealt with seriously in accordance with relevant regulations. Those who intentionally or negligently disclose state or department secrets will be dealt with by the security department in accordance with the provisions of the "Implementation Measures for the Law of the People's Republic of China on the Protection of State Secrets".

This system will be implemented from the date of issuance.

VI. Paper Document Management System

In order to further standardize the management of various documents, in accordance with the spirit of relevant documents of the central and county committees and in combination with the specific circumstances of this unit, the following provisions are made:

1. Regarding the reading scope of documents

(1) Central documents (including Central Commission for Discipline Inspection and Supervision Department documents):

Central documents issued to the county and regiment levels , for the secretary to read.

(2) Provincial Party Committee documents (including Provincial Commission for Discipline Inspection and Supervision Department documents):

1. Provincial Party Committee documents sent to units above the state level for the secretary to read.

2. Provincial Party Committee documents sent to the county and regiment level can be read by party members and cadres at the department level or above. If the document indicates the scope of transmission, it shall be handled in accordance with the regulations.

(3) State Party Committee documents (including State Discipline Inspection and Supervision Bureau documents):

The reading scope shall be decided by the unit leader. If the document indicates the scope of transmission, it shall be handled in accordance with the regulations.

(4) Regulations on reading documents for retired and retired cadres:

Retired and retired cadres can read central documents and provincial documents at corresponding levels according to their original ranks or the political treatment they enjoy. Party committee documents and state committee documents shall be read or communicated by the party organization of the original unit according to the actual situation.

(5) If the document has leadership instructions, it shall be circulated according to the scope of the instructions.

II. Procedures for handling documents

1. Signing and unsealing: The sending and receiving of documents must be signed by a dedicated person, and other personnel are not allowed to sign or unseale at will. If an official document or letter is marked as being personally received or opened by a specific person, no one may open it except the authorized person, and it should be handed over intact to the person receiving it or the designated person. All kinds of official documents, important information, and publications received by the office must be delivered to relevant leaders and relevant offices (committees) in a timely manner and processed in a timely manner in accordance with relevant procedures and regulations to prevent delays and delays.

2. Registration: The registration document must clearly record the time of sending and receiving the document, the sending unit (sent to the unit), document font size, confidentiality level, title, priority procedure, number of copies and processing time, and processing status. .

3. Processing: The handling personnel must circulate and process the document promptly and quickly according to the content of the document and the scope of the review, without delay. Afterwards, they must sign the processing document or write down the processing process and results. , those who need to report the situation to the leadership must give timely feedback. Documents issued after the leader’s instructions should be processed according to the leader’s instructions. For all registered documents, the office should promptly supervise and inspect the handling of the documents and do a good job of urging them to avoid missed processing and delays.

4. Circulation: The word "quick" should be highlighted when circulating documents, so as to keep track of the whereabouts of the documents at any time and avoid missing, mistransmitted, delayed or lost documents.

(1) Strict registration procedures. When circulating documents, registration procedures should be completed or the circulator should be asked to sign for the circulation.

(2) When circulating documents, necessary document circulation folders and documents should be set up so that the county can distinguish them from other materials and leaders can sign and give instructions after reading them. Circulators should be reminded not to randomly extract files from the folder to avoid missing files.

(3) Document circulation should be carried out in the office, and documents should not be brought to the residence or public place for reading.

(4) Documents must be circulated according to the prescribed document reading range, and delivered by a dedicated person in order or priority according to the unit leader. Circulated documents should be collected in a timely manner, and important documents should be delivered and collected on the same day. It is necessary to avoid the phenomenon of "horizontal transmission" of documents being transferred between the circulation objects, so as to avoid the loss of control of the circulating documents, resulting in backlog, loss and unknown whereabouts of documents. To speed up the circulation of documents, the document senders should try their best to understand the work rules and time arrangements of relevant leaders and relevant departments. If they have time to read, they should send them in time. If the leaders are out, the order of circulation can be appropriately adjusted and the number of documents should be reduced as much as possible. The residence time during circulation shortens the document circulation cycle.

3. Regarding the custody of documents

The custody and storage of documents must be clearly designated by designated personnel, and a sound management system must be established.

1. Documents that have been circulated and processed should be checked and inventoried in a timely manner, and kept and stored in categories.

2. When borrowing documents, you must comply with the prescribed document reading scope, go through the registration procedures for borrowed documents, and read them in the prescribed place. If you need to take documents out under special circumstances, you must obtain approval from the unit's supervisor and take necessary confidentiality measures. Confidential official documents and important internal information must be kept confidential.

Any confidential documents are not allowed to be copied at will. Due to work needs, they can only be copied with the consent of the person in charge of the office. The copies are managed as official documents.

3. The storage place of documents should be safe and confidential. Documents should not be placed randomly on the desk or stored in glass cabinets and open cabinets.

4. Regarding the removal and destruction of documents

It is necessary to establish a regular document cleaning system and do a good job in the removal and destruction of documents on a regular basis. Registration procedures must be strictly followed when returning and destroying documents. The destruction of documents must be approved by the leader in charge. Individuals are not allowed to destroy documents without authorization.

(1) The removal of central documents, provincial party committee documents, state party committee documents and county party committee documents should be done according to the documents issued by the county party committee office, and the documents that should be removed should be carefully checked and completed on time and in full. Send the cleared documents to the confidential office of the county party committee and go through the clearance and cancellation procedures.

(2) If all superior documents need to be archived, they must be cleaned and archived regularly according to relevant archiving requirements, and archiving procedures must be completed.

(3) Other documents, materials and internal publications that do not need to be archived should be cleared and destroyed in accordance with the regulations of the County Party Committee’s Confidentiality Office.

(4) When file management personnel are transferred or resigned, they should first go through the transfer procedures of documents and clear out all the documents they hold before going through the transfer or resignation procedures. No individual may take away documents without permission or destroy documents without permission.

5. Regarding document management responsibilities

1. The office is the functional department for document management. It should strengthen the management of documents, especially central documents and county party committee documents, and strictly implement relevant regulations and Maintain confidentiality discipline to fully utilize the role of each document while strictly preventing the occurrence of confidentiality breaches and leaks.

2. The office should regularly check the receipt, registration, circulation, storage, removal and destruction of documents, and strengthen document management and confidentiality education.

3. Office personnel responsible for document processing and storage should enhance their sense of responsibility and confidentiality, be loyal to their duties, strictly abide by relevant rules and regulations and confidentiality disciplines, and work diligently to ensure the normal operation of documents and prevent them from being lost.

This system will be implemented from the date of issuance.

7. Regulations on Computer and Network Management

In order to ensure the normal operation, standardization and management, use and maintenance of computers in all offices and disciplinary committees of our unit, these regulations are formulated :

1. Computer Management Regulations

1. Each office and each disciplinary committee must handle computer registration procedures, driver disks, instructions for use, warranty cards and configuration lists, etc. in the office The original data is kept by the office and the fixed assets ledger is registered at the same time.

2. Incorporate computer management into the scope of responsibilities of each office and each disciplinary committee, and designate daily users as dedicated personnel responsible for daily maintenance, cleaning, virus killing, data backup, etc. of computers. The office is responsible for supervision and inspection.

3. When a computer malfunction occurs, the dedicated personnel should report it to the office in a timely manner. If an external contact technician is required to inspect or repair the computer, the office will be responsible for contacting them. No one is allowed to hire outside personnel for maintenance without permission from the office, and is not allowed to add (delete) system software or disassemble hardware at will.

4. To ensure normal computer performance, each office and disciplinary committee should clean computers regularly. The office inspection includes virus detection and appearance cleanliness (screen, monitor, host, keyboard, mouse, etc.).

II. Computer Security Regulations

1. No one may use computers to carry out activities that infringe on the interests and legitimate rights and interests of the country, units and individuals.

2. Set a power-on password and a password for reading important files. The password is kept by a dedicated person and should be changed in a timely manner according to the situation and reported to the office for record.

3. Regularly back up files and data to prevent file loss and ensure data security.

4. According to the nature and importance of the files and data of each office and each disciplinary committee, files and data should be backed up in a timely manner according to a certain period (such as weekly or monthly), and important data should be properly Back up at any time, multiple backup jobs. If the backup data needs to be archived, please submit it to the office for archiving in a timely manner.

5. Each department, disciplinary committee or individual shall not install or use unlicensed software (including game software and other non-work-related software) without permission. Any software that needs to be installed on a computer with Internet access must be approved by the office before installation.

6. In order to prevent the spread of computer viruses, any use of external files must first be checked for viruses. Computers with anti-virus software installed must be checked for viruses regularly (once a week).

3. Computer usage regulations

1. In accordance with the principle of "who uses it, who is responsible", each office and each disciplinary committee shall regulate the daily use, cleaning, maintenance, and inspection of their computers. Detoxification and data backup.

2. Specialized personnel should frequently check the status of computers and equipment. If any abnormalities are found, they should be reported immediately. Hardware damage caused by irregular operations and other reasons is prohibited.

3. Personnel whose daily work involves the use of computers should pay attention to the learning and accumulation of relevant knowledge and continuously improve their application level.

4. Pay attention to saving at any time during use. In order to eliminate potential safety hazards, turn off the computer and ancillary equipment and cut off the power supply after get off work.

5. No one is allowed to use computers to carry out non-work-related activities, and no non-work-related materials are allowed to be stored on the computer (or network).

IV. Computer Network Management

1. Users should strictly abide by our unit's confidentiality system and are not allowed to obtain or disclose documents, information, data, etc. through the network at will.

2. Computers that can log in to the Internet are managed by dedicated personnel, and the anti-virus software is regularly updated online. Internet browsing, gaming or chatting is prohibited except for work needs.

3. Based on the principle of "good confidentiality, meeting needs, and lowest cost", e-mail addresses should be "timely downloaded and cleaned regularly", and unknown emails should be treated with caution to avoid the spread of viruses. Outgoing emails must be reviewed by the office, delivered promptly, and cleaned promptly without leaving any traces.

V. Computer confidentiality regulations

1. Confidential computer systems must be physically isolated from the Internet, and computers that process state secret information are strictly prohibited from accessing the Internet.

2. Take practical measures to strengthen the management of computer use. Computers used to access the Internet must be strictly separated from computers used to process confidential information. They should be dedicated exclusively to computers and must not be used for both Internet access and processing. State secret information.

3. Computers involved in documents, files, case management and case investigation are not allowed to access the Internet. And it has a dedicated plane and dedicated management.

4. Confidential information should be marked with the confidentiality level and confidentiality period. Floppy disks, hard disks, optical disks, U disks and printed documents that store confidential information should be regarded as "three secrets" and shall be determined by Dedicated management.

5. Information involving state secrets shall not be stored, processed, or transmitted in computer information systems connected to the Internet.

6. Computers and their networks may not be directly or indirectly connected to the international Internet without approval.

7. Without approval, personnel from outside the unit are strictly prohibited from using the computers and networks of the unit.

This regulation will be implemented from June 1, 2009.