China: Announced Data security capability maturity certification (DSMM)

Announced Data security capability maturity certification (DSMM)

On 30 August 2019, the National Information Security Standardization Technical Committee (TC260) and the National Standardization Management Committee have announced that the "Information Security Technology Data Security Capability Maturity Model" (DSMM) will be implemented as a national standard from 1 March 2020 onwards. The DSMM aims to help companies to discover data security problems and develop response strategies on four dimensions: organizational construction, system processes, technical tools, and personnel capabilities.

Original source

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

cross-cutting

Implementation Level

national

Government Branch

executive

Government Body

other regulatory body

Complete timeline of this policy change

Hide details

2019-08-30

under deliberation

On 30 August 2019, the National Information Security Standardization Technical Committee (TC260) an…

2020-03-01

in force

The National Information Security Standardization Technical Committee (TC260) and the National Stan…

2021-11-25

adopted

On 25 November 2021, the China Academy of Information and Communications Technology (CAICT), a gove…

2022-01-06

in consultation

The China Academy of Information and Communications Technology (CAICT) has opened the registration …

2022-02-28

processing consultation

On 28 February 2022, the China Academy of Information and Communications Technology (CAICT) has clo…

Description

Announced Data security capability maturity certification (DSMM)

Scope

Complete timeline of this policy change