China: National Cybersecurity Standardisation Technical Committee closes consultation on draft Cybersecurity Standards Practice Guide - Industrial Enterprise Data Security Capability Maturity Model

On 18 January 2026, China’s National Cybersecurity Standardisation Technical Committee (TC260) closes the public consultation, which has been open since 4 January 2026, on the draft Cybersecurity Standards Practice Guide - Industrial Enterprise Data Security Capability Maturity Model. The Practice Guide sets out an industrial enterprise data security capability maturity model and maturity level evaluation methods. Further, the Practice Guide defines capability elements, five maturity levels, and process domains covering industrial enterprise data across the full data lifecycle and general security. It also provides reference frameworks, assessment methods, and baseline requirements to guide industrial enterprises in building and evaluating data security capabilities.