Classified information is for the country a vital information, that must be protected against disclosure, misuse, damage, unauthorised duplication, destruction, loss or theft.
In accordance with the Classified Information Protection Concept, which the Authority completed in 2007, is the protection of the classified information in accordance of its security classification level focused on mitigating security risks to an acceptable level. These risks change dynamically depending on changes in the security environment. The set of defined classified information is therefore concentrated into lists of classified information.
The configuration of rules for protecting classified information was largely inspired by EU and NATO principles. A four-level system is used to classify information based on level of secrecy (Restricted, Confidential, Secret and Top Secret).
The Authority, as the central government body for the protection of classified information, conducts security clearance screenings of natural persons and legal entities, secures the protection of foreign information and functions as the central node for receiving and distributing such information, performs certification and authorisation activities, conducts compliance audits in accordance to the Act on Protection of Classified Information and conducts testing of security employees.
See national legislation on Protection of Classified Information.