China: Closed Consultation on National Standard on Information Security Technology Cloud Computing Service Security Capability Assessment Method

Description

Closed Consultation on National Standard on Information Security Technology Cloud Computing Service Security Capability Assessment Method

On 4 April 2024, the public consultation of the Secretariat of the National Network Security Standardization Technical Committee on the draft version of the National Standard on Information Security Technology Cloud Computing Service Security Capability Assessment Method ended. The standard specifies the security capabilities required for cloud service providers. The standard categorises security capability requirements into general, enhanced, and advanced levels, with the latter two serving as supplements and reinforcements to the lower-level requirements. This document also provides assessment methods and is intended to guide third-party assessment organisations in conducting security assessments. It can also serve as a reference for cloud service providers conducting self-assessments.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
infrastructure provider: cloud computing, storage and databases
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body

Complete timeline of this policy change

Hide details
2024-02-04
in consultation

On 4 February 2024, the Secretariat of the National Network Security Standardization Technical Comm…

2024-04-04
processing consultation

On 4 April 2024, the public consultation of the Secretariat of the National Network Security Standa…