You are here

Argentina

Country:
Survey Answer:

Administrative Decision No. 669/2004 of the President’s Chief of Staff Office established that the entities belonging to the national public sector were required to create committees on information security to monitor, regulate and guarantee the security of the information gathered by each entity. It also stipulated that the entities had to issue or adapt their existing information security policies in conformity with the Model Policy on Information Security (“Model Policy”). This document provides a model on which the various public entities can base their information security guidelines, by adapting them to their specific needs. The Model Policy is periodically updated, and the version currently in force was approved by Rule No. 1/2015 of the Argentine Office of Information Technologies (“ONTI”, due to its Spanish acronym).
The following entities issued regulations in order to comply with Administrative Decision No. 669/2004, create a security committee and establish their own internal security policies:
(a) The Argentine Nuclear Regulatory Authority through Resolution No. 135/2006.
(b) The Argentine Electric Regulatory Authority through Resolution No. 517/2006.
(c) The Argentine Health Ministry through Resolution No. 518/2007, comple-mented by Resolution No. 21500/2011.
(d) The Ministry of Labor, Employment and Social Security through Resolution No. 54/2006, complemented by Resolution No. 1012/2014.
(e) The Health Services Superintendence through Resolution No. 220/2006, complemented by Resolution Nos. 695/2008 and 1006-E/2017.
(f) The Argentine National Agriculture Health and Quality Service through Resolution No. 228/2006, complemented by Resolutions Nos. 570/2006 and 316/2009.
(g) The Labor Risks Superintendent's Office through Resolution No. 1343/2006, complemented by Resolution No. 231/2009.
(h) The Argentine Gas Regulatory Authority through Resolution No. I-841/2009.
(i) The Argentine Ministry of Agriculture, Livestock and Fisheries through Resolution No. 302/2010, complemented by Resolution No. 1066/2013.
(j) The Ministry of Economy and Public Finance by Resolution No. 339/2010, complemented by Resolution No. 271/2010.
(k) The Secretary of Treasury through Resolution No. 71/2010.
(l) The Argentine Tax Authority through Rule No. 42/2011.
(m) The Argentine Safety Authority through Resolution No. 4/2012.
(n) The Ministry of Interior and Transport through Resolution No. 104/2012, complemented by Rule No. 1/2013 and Resolution No. 2979/2013.
(o) The Argentine Civil Aviation Authority through Resolution No. 402/2013, complemented by Resolution No. 794/2013.
(p) The Chief Cabinet of Ministers through Resolution No. 970/2014, which was revoked and replaced by Resolution No. 1252/2015.
(q) The National Commission for Transport Regulation through Resolution No. 1381/2016.
(r) The Ministry of Environment and Sustainable Development through Resolu-tion No. 677-E/2017.
In addition, entities belonging to the national public sector must ensure that its contractors meet certain requirements, which may include matters connected with security. The ONTI is charged with approving a set of standards, the National Public Administration Technological Standards, which all national public sector entities must meet when conducting competitive bids for the procurement of information technology and communication services. The current version of the National Public Administration Technological Standards, which will be updated periodically, was approved by ONTI Rule 1-E/2018 and contains some sections on security matters.

Provided By:
Diego Fernandez: Marval, O´Farrell & Mairal