The National Information Security Standardisation Technical Committee issued the following five national standards relating to cybersecurity and data protection for public comments. These standards are the detailed implementing measures of the Cybersecurity Law of the People’s Republic of China.

  • Information security technology – security impact assessment guide of personal information
  • Information security technology – security controls of critical information infrastructure
  • Information security technology – cybersecurity protection requirements of critical information infrastructure
  • Information technology — security techniques — network security — part 1: overview and concepts
  • Information technology — security techniques — network security — part 2: guidelines for the design and implementation of network security

The public will have 25 July 2018 to submit comments. It is expected that the industry will be able to obtain detailed guidelines regarding the implementation of the Cybersecurity Law requirements after these standards take effect.

Please click here to read the full text (Chinese only) of these standards.