Digital Policy Alert logo

China: National Cybersecurity Standardisation Technical Committee announced cybersecurity incident management standard: guidelines for incident response planning and preparation

Policy overview

Description

National Cybersecurity Standardisation Technical Committee announced cybersecurity incident management standard: guidelines for incident response planning and preparation

On 24 February 2025, the National Cybersecurity Standardisation Technical Committee (TC260) announced the cybersecurity incident management standard: guidelines for incident response planning and preparation. The guidelines apply to organisations managing cybersecurity risks, including businesses and third-party incident management service providers. It outlines requirements for incident management policies, response planning, classification, reporting, collaboration, training, and continuous improvement. The guidelines also introduce revised vulnerability management processes and structural refinements.

Original source

Scope

Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
other service provider
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body

Complete timeline of this policy change

Hide details
2025-02-24
under deliberation

On 24 February 2025, the National Cybersecurity Standardisation Technical Committee (TC260) announc…

2025-03-20
in consultation

On 20 March 2025, the National Cybersecurity Standardisation Technical Committee (TC260) opened a p…

2025-05-19
processing consultation

On 19 May 2025, the National Cybersecurity Standardisation Technical Committee (TC260) closes a pub…

We use cookies and other technologies to perform analytics on our website. By opting in, you consent to the use by us and our third-party partners of cookies and data gathered from your use of our platform. See our Privacy Policy to learn more about the use of data and your rights.