China: China’s Academy of Information and Communications Technology launches data security management capability certification

On 25 November 2021, the China Academy of Information and Communications Technology (CAICT), a government research institute, launched the Data Security Management Capability Certification, which aims to guide and help enterprises to improve their data security management capabilities and comply with the Chinese Data Security Law. To assess the entity's data security management capability, the CAICT will use 15 indicators divided into two dimensions, data security system implementation requirements and technical implementation requirements. Regarding data security system implementation requirements, the CAICT will analyse data assets, data approval, management audit, partner management, reporting and complaints and emergency response. Regarding technical implementation capabilities it will consider data identification, operation audit, data anti-leakage, interface security management and sensitive data protection. CAICT started to accept submissions and will publish the certifications between 1 December 2021 and 15 January 2022.