Home Cart Quotation Policy About-Us
www.ChineseStandard.net
SEARCH

GB/T 42775-2023 English PDF

Q: How long will the true-PDF of English version of GB/T 42775-2023 be delivered?

Upon your order, we will start to translate GB/T 42775-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 6 ~ 10 working days. The lengthier the document the longer the lead time.

Q: Can I share the purchased PDF of GB/T 42775-2023_English with my colleagues?

Yes. The purchased PDF of GB/T 42775-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Q: Does the price include tax/VAT?

Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries). Avoidance of Double Taxation Agreements (DTAs) between Singapore and 100+ Countries: https://www.iras.gov.sg/taxes/international-tax

Q: Do you accept my currency other than USD?

Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

US$1709.00 · In stock
Delivery: <= 10 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 42775-2023: Data security risk prevention and control for securities and futures industry - Guidelines of data classification
Status: Valid

Standard ID	USD	BUY PDF	Lead-Days	Standard Title (Description)	Status
GB/T 42775-2023	1709	Add to Cart	10 days	Data security risk prevention and control for securities and futures industry - Guidelines of data classification	Valid

Similar standards

JR/T 0197 JR/T 0154 GB/T 19584 GB/T 45249.1 GB/T 42777

Basic data

Standard ID: GB/T 42775-2023 (GB/T42775-2023)
Description (Translated English): Data security risk prevention and control for securities and futures industry - Guidelines of data classification
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: A11
Classification of International Standard: 03.060
Word Count Estimation: 90,984
Date of Issue: 2023-08-06
Date of Implementation: 2023-08-06
Issuing agency(ies): State Administration for Market Regulation, China National Standardization Administration

GB/T 42775-2023: Data security risk prevention and control for securities and futures industry - Guidelines of data classification

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 03.060 CCSA11 National Standards of People's Republic of China Data security risk prevention and control in the securities and futures industry Data Classification and Grading Guidelines Published on 2023-08-06 2023-08-06 Implementation State Administration for Market Regulation Released by the National Standardization Administration Committee

PrefaceⅠ Introduction II 1 Scope 1 2 Normative reference documents 1 3 Terms and Definitions 1 4 Applicable data range 2 5 Data classification and classification safeguard measures 2 5.1 Establish data classification and hierarchical organizational guarantee 2 5.2 Establish a data classification and hierarchical management system 3 5.3 Clarify business and data assets3 6 Data classification 3 6.1 Data classification principles 3 6.2 Concepts related to data classification methods 3 6.3 Key points of data classification 4 6.4 Data classification method 5 7 Data classification 9 7.1 Data classification principles 9 7.2 Key points of data classification 9 7.3 Data classification method 10 8 Handling key issues in data classification and grading 16 8.1 Determination of data volume and data level 16 8.2 Changes in data aggregation and data classification 16 8.3 Changes in data timeliness and data classification and classification 16 8.4 Acquisition and provision of data 16 8.5 Data summary, statistics, analysis and processing16 Appendix A (informative) Typical data classification and grading template for securities and futures industry 18 A.1 Data classification and grading template 18 A.2 Typical data classification and grading template for data collection management units 19 A.3 Typical data classification and grading template for general management units32 A.4 Industry association typical data classification and grading template 46 A.5 Typical data classification and grading template for securities companies 53 A.6 Typical data classification and grading template for futures companies 66 A.7 Typical data classification and grading template for fund management companies77 Reference 87

Foreword

This document complies with the provisions of GB/T 1.1-2020 "Standardization Work Guidelines Part 1.Structure and Drafting Rules of Standardization Documents" Drafting. Please note that some content in this document may be subject to patents. The publisher of this document assumes no responsibility for identifying patents. This document is under the jurisdiction of the National Financial Standardization Technical Committee (SAC/TC180). This document was drafted by. China Securities Regulatory Commission, China Financial Futures Exchange Co., Ltd., China Securities Information Technology Services Co., Ltd., Shanghai Stock Exchange (China Securities Museum), Shenzhen Stock Exchange, Shanghai Futures Exchange, Zhengzhou Commodity Exchange Exchange, Dalian Commodity Exchange, China Securities Depository and Clearing Co., Ltd., China Securities Investor Protection Fund Co., Ltd., China Securities Securities Finance Co., Ltd., China Futures Market Monitoring Center Co., Ltd., China Securities Data Co., Ltd., National Small and Medium Enterprises Stock Share Transfer System Co., Ltd., Securities Association of China, China Futures Association, China Securities Investment Fund Association, Shanghai Financial Futures Information Technology Co., Ltd., China Galaxy Securities Co., Ltd., Haitong Securities Co., Ltd., CITIC Securities Co., Ltd., Huatai Securities Co., Ltd., Industrial Securities Co., Ltd., Guotai Junan Futures Co., Ltd., Huatai Futures Co., Ltd., CITIC Prudential Fund Management Co., Ltd., Bank of Communications Schroder Fund Management Co., Ltd. The main drafters of this document. Yao Qian, Jiang Dongxing, Liu Tiebin, Zhou Yunhui, Wang Dongming, Mao Jiawei, Wang Kai, Gao Hongjie, Zhu Xiang, Guo Yun, Qi Bo, Cao Lei, Xu Kaiwen, Shi Guangwei, Lu Jidong, Zhang Yingbo, Zhang Qianli, Zhu Shaopeng, Lu Dexu, Yu Peiyan, Zhou Yu, Zhu Mingkang, Weng Nianlong, Lin Lin, Xie Ran, Wang Xin, Shao Chen, Wang Lipeng, He Chongyu, Zhang Jingyan, Jiang Bingli, Wu Zhonghua, Gao Jingyu, Cui Huiyang, Huang Lu, Chen Ming, Liao Pengcheng, Xiang Chuncheng, Zhao Gang, Ai Qing, Zheng Wentian, Deng Tingxun, Wang Dong, Wu Baojie, Li Chen, Zhou Sijia, Wang Yue, Wan Xiaoying, Hu Weining, Chen Yixin, Dong Mingyu, Tang Hua.

Introduction

With the advancement of information technology and the further deepening of application in the industry in recent years, including the direct management of the national securities and futures industry authorities, Various market entities, including industry organizations, industry associations, and securities and futures operating institutions, have accumulated a large amount of data. On the one hand, it needs to be effective Identify rational data usage needs, clarify technical standards for key links, and determine the scope of new technologies; on the other hand, it is necessary to combine In response to the development and changes of the industry, we must effectively identify new risks and hazards, continue to strengthen data security management, establish and improve data management systems, and take necessary data management measures. According to safety protection measures, the safe operation of the market and the legitimate rights and interests of investors are maintained. There are many types of businesses in the securities and futures industry, and the data is characterized by high complexity and diversity. Adopt standardized data classification and grading methods Laws can help industry organizations clarify data, determine the importance or sensitivity of data, and take appropriate and reasonable management measures and security measures in a targeted manner. protective measures to form a set of scientific and standardized data management and protection mechanisms, thereby promoting data openness and sharing on the basis of ensuring data security. Enjoy. Data classification is a key part of data protection work. It is the basis for establishing a unified, accurate and complete data architecture and the realization of centralized The basis for Sinochemical, professional and standardized data management. Industry organizations follow a unified data classification method and analyze the generated and generated data based on their own business characteristics. Classification of data collected, processed, used or managed is conducive to clearly clarifying data assets, achieving standardized management of data, and providing data Provide support for maintenance and expansion. Data classification is based on data classification, using standardized and clear methods to distinguish the importance and sensitivity of data. Gain differences and determine data levels. Data classification helps industry organizations determine the role of data at each stage of its life cycle based on different levels of data. Data security protection strategies and control measures that should be adopted in each link, thereby improving the data management and security protection level of industry organizations and ensuring that data Data integrity, confidentiality and availability. This document provides guiding principles for data classification and grading work, and is based on JR/T 0176.1-2019 "Securities and Futures Industry Data Model No. Part 1.Based on the business line division of "Abstract Model Design Method", combined with the characteristics of the securities and futures industry, a step-by-step approach from business to data is proposed. The divided data classification and grading method is also provided with relevant suggestions on data classification and grading management for reference by relevant institutions in the securities and futures industry. this In addition, it can be used as a reference for the securities and futures industry when formulating relevant standards for data management, data security and protection. Data security risk prevention and control in the securities and futures industry Data Classification and Grading Guidelines

1 Scope

This document provides the applicable data scope, safeguard measures, principles and methods for data classification and grading in the securities and futures industry, Suggestions on how to deal with key issues in data classification and grading. This document is applicable to various institutions in the securities and futures industry (referred to as "industry institutions") to carry out data classification and analysis when preventing and controlling data security risks. level use. Other relevant agencies can be used as references. This document does not apply to data involving state secrets.

2 Normative reference documents

The contents of the following documents constitute essential provisions of this document through normative references in the text. Among them, the dated quotations For undated referenced documents, only the version corresponding to that date applies to this document; for undated referenced documents, the latest version (including all amendments) applies to this document. GB/T 10113 General terms for classification and coding GB/T 22240-2020 Information security technology network security level protection grading guide JR/T 0171-2020 Technical specifications for personal financial information protection JR/T 0176.1-2019 Securities and futures industry data model Part 1.Abstract model design method JR/T 0197-2020 Financial Data Security Data Security Classification Guide

3 Terms and definitions

The following terms and definitions apply to this document. 3.1 data data A formal representation of information that can be interpreted so as to be suitable for communication, interpretation, or processing. Note. Data can be processed by manual or automated means. [Source. GB/T 5271.1-2000,01.01.02] 3.2 Confidentialityconfidentiality The characteristic that information is not available or disclosed to unauthorized persons, entities, or processes. [Source. GB/T 29246-2017,2.12] 3.3 availabilityavailability Features that are accessible and usable at the request of the authorized entity. [Source. GB/T 29246-2017,2.9] ......

Image

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 42775-2023_English be delivered?

Answer: Upon your order, we will start to translate GB/T 42775-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 6 ~ 10 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 42775-2023_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 42775-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.