THE MINISTRY OF INFORMATION ANDCOMMUNICATIONS | | THE SOCIALIST REPUBLIC OF VIETNAM
Independence - Freedom - Happiness |
No. 13/2018/TT-BTTTT | | Hanoi, October 15, 2018 |
CIRCULAR
Providing the list of cyberinformation security products imported under permits and the order, procedures and dossiers for grant of permits for import of cyberinformation security products[1]
Pursuant to the November 19, 2015 Law on Cyberinformation Security;
Pursuant to the June 12, 2017 Law on Foreign Trade Management;
Pursuant to the Government’s Decree No. 108/2016/ND-CP of July 1, 2016, stipulating in detail conditions for provision of cyberinformation security products and services;
Pursuant to the Government’s Decree No. 69/2018/ND-CP of May 15, 2018, detailing a number of articles of the Law on Foreign Trade Management;
Pursuant to the Government’s Decree No. 17/2017/ND-CP of February 17, 2017, defining the functions, tasks, powers and organizational structure of the Ministry of Information and Communications;
In furtherance of the Government’s Resolution No. 19/2017/NQ-CP of February 6, 2017, on continuing to implement major tasks and solutions to improve the business environment and raise the national competitiveness in 2017, with orientations toward 2020;
At the proposal of the Director of the Authority of Information Security,
The Minister of Information and Communications promulgates the Circular providing the list of cyberinformation security products imported under permits and the order, procedures and dossiers for grant of permits for import of cyberinformation security products.
Chapter I
GENERAL PROVISIONS
Article 1.Scope of regulation
This Circular provides the list of cyberinformation security products imported under permits and the order, procedures and dossiers of application for permits for import of cyberinformation security products (below referred to as import permits).
Article 2.Subjects of application
This Circular applies to enterprises that have been granted licenses for dealing in cyberinformation security products and services and import of cyberinformation security products on the list.
Article 3.Cyberinformation security products imported under permits
1. The list of cyberinformation security products imported under permits is provided in Appendix I to this Circular.
2. A cyberinformation security product imported under permit is a complete device which has its technical specifications and commodity descriptions conformable with technical indicators and structural design, and may operate independently; components or spare parts of products are not regarded as cyberinformation security products.
Article 4.Validity of import permits
The validity period of an import permit granted to an enterprise is 2 (two) years or equal to the validity period of the enterprise’s license for dealing in cyberinformation security products or services in case the remaining validity period of such license is less than 2 (two) years.
Article 5.Fees for grant and re-grant of import permits
Cyberinformation security product importers shall pay fees for grant and re-grant of import permits under the Minister of Finance’s Circular No. 269/2016/TT-BTC of November 14, 2016, prescribing rates, and the collection, remittance, management and use of charges and fees in the field of information security.
Chapter II
GRANT OF IMPORT PERMITS
Article 6.Import permit-granting agency
The Ministry of Information and Communications (the Authority of Information Security) is the import permit-granting agency.
Article 7.Dossiers of application for import permits
A dossier of application for an import permit shall be made in 1 (one) set, comprising:
1. An application for an import permit, made according to Form No. 01 provided in Appendix II to this Circular.
2. A copy of the license for dealing in cyberinformation security products and services.
3. A certified copy or a copy enclosed with the original for comparison of the certificate or declaration of standard or regulation conformity;
4. A Vietnamese- or English-language copy of the technical document describing the functions of the to-be-imported product.
Article 8.Receipt of dossiers and grant of import permits
1. An enterprise shall submit its dossier by one of the following modes:
a/ Submitting the dossier directly;
b/ Using postal services provided by public postal service providers prescribed by the Prime Minister or another enterprise or individual, or authorizing others to submit the dossier under law;
c/ Submitting the dossier online.
2. For a dossier submitted directly or by post, the recipient is the Authority of Information Security, 8thfloor, the Authority of Radio Frequency building, No. 115 Tran Duy Hung street, Trung Hoa ward, Cau Giay district, Hanoi.
3. For a dossier submitted directly, the dossier-receiving date is the date the Authority of Information Security receives the dossier directly submitted by the enterprise.
4. For a dossier sent by post, the dossier-receiving date is the date the Authority of Information Security receives the dossier from the postal service provider.
5. Regarding the mode of online submission, the Authority of Information Security shall comply with the roadmap on provision of online public services of the Ministry of Information and Communications.
6. Enterprises shall receive import permits directly at the head office of the Authority of Information Security or by post.
7. Import permits granted to enterprises shall be published on the Vietnam National Single Window portal, the national public service portal, and the Ministry of Information and Communications’ portal.
Article 9.Appraisal of dossiers and grant of import permits
1. Within 2 (two) working days after receiving a dossier, the Authority of Information Security shall check it and send to the concerned enterprise a paper or an electronic notice on the completeness of the dossier under Article 7 of this Circular.
2. In case the dossier is incomplete, the enterprise shall supplement it as requested by the Authority of Information Security.
3. Within 7 (seven) working days after receiving a valid dossier, the Authority of Information Security shall appraise, complete and submit it to the Ministry of Information and Communications.
If the enterprise satisfies all the conditions prescribed in Clause 3, Article 48 of the Law on Cyberinformation Security, the Ministry of Information and Communications shall grant an import permit, made according to Form No. 03 provided in Appendix II of this Circular, to the enterprise.
If the enterprise fails to satisfy all prescribed conditions, the Ministry of Information and Communications (the Authority of Information Security) shall issue a written reply clearly stating the reason of refusal to grant a permit.
Article 10.Re-grant of import permits
1. In case its import permit, which remains valid, is lost or damaged, the concerned enterprise shall send a written request for re-grant of import permit, made according to Form No. 02 provided in Appendix II to this Circular, to the Ministry of Information and Communications (the Authority of Information Security).
2. Within 3 (three) working days after receiving a valid request, the Ministry of Information and Communications shall consider re-granting the import permit to the enterprise.
Chapter III
IMPLEMENTATION PROVISIONS
Article 11.Transitional provision
Pending the promulgation of the list of standards and national technical regulations on cyberinformation security products by the Ministry of Information and Communication, enterprises are not required to submit certificates or declarations of standard or regulation conformity prescribed in Clause 3, Article 7 of this Circular when submitting dossiers of application for permits for import of cyberinformation security products.
Article 12.Implementation provisions
1. This Circular takes effect on December 1, 2018.
2. The Chief of the Office and heads of units of the Ministry of Information and Communications, and related organizations and individuals shall implement this Circular.
3. Any problems arising in the course of implementation of this Circular should be reported to the Ministry of Information and Communications (the Authority of Information Security) for settlement.-
Acting Minister of Information and Communications
NGUYEN MANH HUNG
APPENDIX I
LIST OF CYBERINFORMATION SECURITY PRODUCTS IMPORTED UNDER PERMITS
(To the Minister of Information and Communications’ Circular No. 13/2018/TT-BTTTT of October 15, 2018)
HS code | Commodity names and descriptions | Descriptions of main functions on cyberinformation security |
8471 | Automatic data processing machines and units thereof; magnetic or optical readers, machines for transcribing data onto data media in coded form and machines for processing such data, not elsewhere specified or included. | |
8471.30 | - Portable digital automatic data processing machines, weighing not more than 10 kg, consisting of at least a central processing unit, a keyboard and a display: | |
8471.30.90 | - - Other | - Products for cyberinformation security examination and assessment: screening, checking, and analyzing the configuration, current stage, and log data of information systems; detecting vulnerabilities and weaknesses; making information security risk assessment; - Products for cyberinformation security supervision: supervising and analyzing data transmission in the information system; collecting and analyzing real-time log data; detecting and giving warnings about extraordinary events which may cause information unsafety; - Anti-attack and -intrusion products: preventing attacks against and intrusions into information systems. |
8471.41 | - - Comprising in the same housing at least a central processing unit and an input and output unit, whether or not combined: | |
8471.41.90 | - - - Other | - Products for cyberinformation security examination and assessment: screening, checking, and analyzing the configuration, current stage, and log data of information systems; detecting vulnerabilities and weaknesses of information systems; making cyber-information security risk assessment; - Products for cyberinformation security supervision: supervising and analyzing data transmission in the information system; collecting and analyzing real-time log data; detecting and giving warnings about extraordinary events which may cause information unsafety; - Anti-attack and -intrusion products: preventing attacks against and intrusions into information systems. |
8471.49 | - - Other, presented in the form of systems: | |
8471.49.90 | - - - Other | - Products for cyberinformation security examination and assessment: screening, checking, and analyzing the configuration, current stage, and log data of information systems; detecting vulnerabilities and weaknesses of information systems; making cyberinformation security risk assessment; - Products for cyberinformation security supervision: supervising and analyzing data transmission in the information system; collecting and analyzing real-time log data; detecting and giving warnings about extraordinary events which may cause information unsafety; - Anti-attack and -intrusion products: preventing attacks against and intrusions into information systems. |
* Appendix II to this Circular is not translated.
Vietnamese
Circular 13/2018/TT-BTTTT DOC (Word)
Circular 13/2018/TT-BTTTT PDF (Original)
