China: National Cybersecurity Standardisation Technical Committee closes consultation on draft national standard for auditing information security management systems for cybersecurity technology
Description
National Cybersecurity Standardisation Technical Committee closes consultation on draft national standard for auditing information security management systems for cybersecurity technology
On 29 July 2025, the National Cybersecurity Standardisation Technical Committee (TC260) closes its public consultation on the draft national standard Guidelines for Auditing Information Security Management Systems for Cybersecurity Technology (GB/T 28450—XXXX/ISO/IEC 27007:2020). The consultation, which opened on 30 May 2025, covered auditing frameworks, risk assessment alignment, and auditor competencies for information security management systems (ISMS). Feedback submitted during the consultation will be consolidated by the TC260 Secretariat to inform the finalisation of the standard in reference to ISO/IEC 27007:2020 and GB/T 22080—XXXX.
Original sourceScope
Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
cross-cutting, software provider: other software
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body