Some opinions on strengthening national network safety standardization

Some opinions on strengthening national network safety standardization

All provinces, autonomous regions, municipalities, Xinjiang Production and Construction Corps Party Committee Network Safety and Information Technology Leading Group, Central and State Organizations: Network Security Standardization is an important part of the construction of network security system, building safety network space, promoting network governance The system change plays basic, normative and leading role.

In recent years, with the rapid development of network information technology, the network security situation is more complicated and has been more complicated, and higher requirements are put forward on standardization work. In order to implement the strategy of network strong country, deepen the standardization work reform, build a unified authority, scientific and efficient network security standard system and standardized work mechanism, support network security and information development, with the consent of the Central Network Security and Informatization Leading Group, now proposed the following . I. Establish a work mechanism for coordination and division of labor (1) to establish a national standard working mechanism for unified authority.

Network security standardization work should adhere to unified planning, unified deployment, close to actual needs, hold the safety bottom line.

Under the leadership of the National Information Security Standardization Technical Committee, under the leadership of the National Standards Committee and the support of the relevant network security department, the network security national standards were unified, unified organization, and reporting and approval.

Other national standards involving network security content should solicize the views of the Central News Network Office and the relevant network security authorities to ensure the coordination of relevant national standards and network security standards systems.

  (2) Promote the ordered development of industry standards.

Explore the establishment of a network security industry standard liaison mechanism and conhanging mechanism to ensure industry standards and national standards coordination and cohesive supporting, avoid cross-contradiction between industry standards. (3) Promote the close interaction between industrial applications and standardization. Strengthen the technical research and development, industrial development, industrial policies, etc.

Establish major projects, major scientific and technological project standard information sharing mechanisms, promote national network security related major projects or research projects into national standards, and clarify the standard requirements in the project assessment indicators and professional and technical qualification reviews, and give full play to the leadership of the industry. And pull the effect.

  (4) Promote the compatibility of military and civilian standards.

Establish military and civilian network security standard coordination mechanisms and liaison mechanisms, strengthen close cooperation between military and civilian standardization authorities. Promote the technical standard two-way communication in the network security field, prioritize national standards in the field of defense network security, research and formulate military and civilian standards for economic construction and national defense construction, and jointly promote basic standards of military and civilians.

  Second, strengthen the construction of standard system (5) Scientific construction standard system.

Promote network security standards and the supporting connection between national laws and regulations, taking into account my country’s international obligations in international organizations such as World Trade Organization (WTO). According to the development and realistic needs of international domestic network security situation, we will continue to improve the network security standard system.

Give full play to the planning layout role of standard system, regularly release network security standard system construction guidelines, and guide standard development work has a plan, and there is steps to advance. Promote network security standards and information application standard synchronization planning, synchronous formulation. (6) Optimize and improve the standards of all levels. In accordance with the requirements of deepening standardization work reform programs, integrated streamlined compulsory standards, mandatory national standards are developed in the fields of key information infrastructure protection, confidential networks. Optimize the improvement of the recommended standards, develop the recommended national standard in the infrastructure. Watch the standard of recommendation in the field of special needs in the industry. In principle, the network security local standard is not set. (7) Promote the development of urgently needed standards. Adhere to the urgent use, around the "Internet +" action plan, "China Manufacturing 2025" and "Outline of China Made 2025" and Outline of China "to speed up key information infrastructure protection, network security review, network space trusted identity, key information Technical products, network space confidential protection supervision, industrial control system security, big data security, personal information protection, smart urban security, Internet security, new generation communication network security, Internet TV terminal product safety, network security information sharing and other fields Research and formulate work. Third, enhance the standard quality and basic capabilities (8) to improve standard applicability. In the standard formulation, insist on opening the transparent and fairness and fair principles, pay attention to the pre-research, consulting, testing, publicity, etc., guaranteeing the standards to fully meet the needs of network security management, industrial development, user use, and ensure standard pipes, It is easy to use. Improve the participation and extensive participation and extensive development of standards, encourage and absorb more companies, colleges, research institutes, test certification bodies and users and other substantive participation standards, and pay attention to the role of enterprises.

  (9) Improve standard advancement. Tight tracking network security technology and information technology development trends, timely transformation of scientific and technological innovation results, enhance standards and technical levels.

Shorten standard revision cycle, in principle no more than 2 years, ensure that standards meet the needs of network security, emerging technology and industrial development. (10) Improve the normative norms of standards. Strengthen the process management of standards, establish and establish a complete network security standard development process management system and work procedure, refine the rules of procedure, optimize standard projects and approval procedures, to standardize the quality of the standards. (11) Strengthen the construction of standardized basic capacity.

Improve standard information service capabilities and standard compliance testing capabilities, and improve standardization comprehensive service levels. Strengthen Network Security Standardization Strategy and Basic Theory Research. IV. Strengthen the standard publicity implementation (12) Enhanced standard propaganda interpretation. Public distribution of network security national standards is publicly issued through a variety of channels such as traditional media and the Internet.

Combine standards to promote the work of network security management, promote the standards of application departments, enterprises, research institutes, etc., understand standards, standards. Carry out network security outstanding practical case selection activities and promote publicity and promotion.

Use all kinds of media to increase the interpretation and propaganda of standards. (13) Increase standard implementation. Plays the role of various regions and departments in the implementation of network security standards, and actively adopt national standards during policy documents and relevant work deployments. The supervisory departments of various industries should implement implementation guidelines and norms in accordance with the national standards of network security, and guide network security management.

Organize the priority standards, implementation, feedback and standard implementation effect evaluation work, improve standard effectiveness and applicability. 5. Strengthen international standardization work (14) substantive participation in international standardization activities.

Actively participate in network space international rules and international standard rules, improve words and influence. Actively participate in the development of relevant international standards and play, contribute to Chinese wisdom, and propose Chinese programs.

Promote the transformation of autonomous national standards into international standards, and promote the "go out" of autonomous technology products. Combined with the current status of my country’s industrial development, actively adopt applicable international standards.

  (15) Promote international standardization work normalization and continuous.

Create a team of professionalism and foreign language strong composite international standardization experts, and improve the number of registered experts from international standardization organizations. Recommended experts as international standards organizations, actively participate in the international standardization conference, ensure the persistence and stability of the work. Sixth, do a good job in the construction of the standardized talent team (16) actively carry out educational training.

Choose Conditional, intentional key colleges, establish a network security standardization related course, and cultivate a team of standardized professional talents.

Encourage school-enterprises to cooperate to support students to enterprise internships and corporate personnel to school to receive standardized training.

Encourage conditional enterprises to carry out standardized knowledge training. (17) Introducing and cultivating high-end talents. Increase network security standardization and intelligence, encourage local governments, key companies introduce a group of high-end international standardized talents. Establish a network security standardization expert library.

Professional and technical talents participating in the national standards of network security are tilted in terms of improving treatment, promotion positions. 7. Do a good job in funding (18) Do a good job in financial funding. All departments, all localities should attach great importance to network security standardization, using the central and local financial channels, and do the funding guarantee for network safety standardization.

  (19) Encourage social support.

Encourage enterprises to increase capital investment on standard development and application. Guide the social public welfare fund support network security standardization activities, establish a network security standard excellent award, reward the standards for advanced applications, contributing highlights. The State Administration of Quality Supervision, Inspection and Quarantine, the Office of the Office of the Office of the Central Network Security and Informatization, August 12, 2016.