China: National Information Security Standardisation Technical Committee Guideline for Information Security Risk Management in Cybersecurity Technologies (GB/T 31722-2025) enters into force

National Information Security Standardisation Technical Committee Guideline for Information Security Risk Management in Cybersecurity Technologies (GB/T 31722-2025) enters into force

On 1 February 2026, the National Information Security Standardisation Technical Committee (TC260) Guideline for Information Security Risk Management in Cybersecurity Technologies (GB/T 31722-2025) enters into force. The standard replaces GB/T 31722-2015 in its entirety. It applies to organisations that establish and implement their own Information Security Management Systems and outlines methodologies aligned with current international practices for information security risk management.

Original source

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

cross-cutting

Implementation Level

national

Government Branch

executive

Government Body

other regulatory body

Complete timeline of this policy change

Hide details

2025-08-01

adopted

On 1 August 2025, the National Information Security Standardisation Technical Committee (TC260) iss…

2026-02-01

in force

On 1 February 2026, the National Information Security Standardisation Technical Committee (TC260) G…

Description

National Information Security Standardisation Technical Committee Guideline for Information Security Risk Management in Cybersecurity Technologies (GB/T 31722-2025) enters into force

Scope

Complete timeline of this policy change