China: Closed consultation on the draft National Standard on Data Security Technology - Personal Information Protection Compliance Audit Requirements

Description

Closed consultation on the draft National Standard on Data Security Technology - Personal Information Protection Compliance Audit Requirements

On 11 September 2024, the Secretariat of the National Cybersecurity Standardization Technical Committee of China (TC260) closes the public consultation on the draft National Standard on Data Security Technology - Personal Information Protection Compliance Audit Requirements. The Standard aims to establish data protection standards and outlines principles and implementation requirements for personal information protection compliance audits. The Standard applies primarily to personal information processors but also serves as a reference for relevant institutions conducting audits of personal information processing activities. The Standard contains provisions for the implementation of the audit process, evidence handling, and authority of audit institutions, and it specifies auditor requirements.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
cross-cutting
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body

Complete timeline of this policy change

Hide details
2024-07-12
in consultation

On 12 July 2024, the Secretariat of the National Cybersecurity Standardization Technical Committee …

2024-09-11
processing consultation

On 11 September 2024, the Secretariat of the National Cybersecurity Standardization Technical Commi…