China: Adopted Cybersecurity Standard Practice Guidelines - Cybersecurity Assessment Guidelines for Large Internet Platforms

On 25 June 2024, the National Information Security Standardization Technical Committee (TC260) issued the Cybersecurity Standard Practice Guidelines - Cybersecurity Assessment Guidelines for Large Internet Platforms. The guidelines aim to provide standardised practice guidance on network security laws, regulations, policies, standards, and current issues. Large internet platforms include intermediary platforms with over 50 million users in the last year, offering services such as instant messaging, social networks, e-commerce, live streaming, short videos, and online payments. The guidelines are designed to assist large-scale internet platforms in carrying out annual cybersecurity assessments. The suggested process involves establishing working groups, consider important changes in business data practices, assess business risks such as disaster recovery and control of data provided to third parties, and the compilation of a report. The Guidelines also include a template for the cybersecurity assessment.