RB/T 182-2023 English PDFUS$1119.00 · In stock
Delivery: <= 8 days. True-PDF full-copy in English will be manually translated and delivered via email. RB/T 182-2023: Evaluation specifications for personal information security of application software in smart mobile terminals Status: Valid
Basic dataStandard ID: RB/T 182-2023 (RB/T182-2023)Description (Translated English): Evaluation specifications for personal information security of application software in smart mobile terminals Sector / Industry: Chinese Industry Standard (Recommended) Classification of Chinese Standard: A00 Classification of International Standard: 03.120.20 Word Count Estimation: 56,520 Date of Issue: 2024-05-20 Date of Implementation: 2024-07-01 Issuing agency(ies): National Certification and Accreditation Administration RB/T 182-2023: Evaluation specifications for personal information security of application software in smart mobile terminals---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. ICS 03.120.20 CCSA00 Certification and Accreditation Industry Standards of the People's Republic of China Personal information security of mobile smart terminal application software Evaluation Standards Released on 2024-05-20 2024-07-01 Implementation The National Certification and Accreditation Administration issued Published by China Standards Press Table of ContentsPreface III 1 Scope 1 2 Normative references 1 3 Terms and Definitions 1 4 Evaluation Process 2 4.1 Overview 2 4.2 Main evaluation links 3 5 Evaluation Requirements 4 5.1 Team Building 4 5.2 Develop a plan 4 5.3 Implementation Evaluation 5 5.4 Result Record 5 6 Evaluation content and methods 5 6.1 Collection of Personal Information 5 6.2 Storage of Personal Information10 6.3 Use of Personal Information13 6.4 Rights of Personal Information Subjects17 6.5 Entrusted processing, sharing, transfer and public disclosure of personal information22 6.6 Handling of Personal Information Security Incidents 31 6.7 Requirements for personal information security management of organizations 32 7 Evaluation results and judgment 38 7.1 Document review results 38 7.2 Technical Verification Result Determination 38 7.3 Determination of on-site audit results 38 7.4 Certification Decision 39 Appendix A (Normative) Contents of Personal Information Security Assessment for Mobile Smart Terminal Application Software 40 Appendix B (Informative) Description of Evaluation Item Coding Rules 45 References 47ForewordThis document is in accordance with the provisions of GB/T 1.1-2020 "Guidelines for standardization work Part 1.Structure and drafting rules for standardization documents" Drafting. Please note that some of the contents of this document may involve patents. The publishing organization of this document does not assume the responsibility for identifying patents. This document is proposed and coordinated by the Certification and Accreditation Administration of the People's Republic of China. This document was drafted by. China Cybersecurity Review and Certification and Market Supervision Big Data Center, Beijing Software Product Quality Inspection and Testing Center Center, Shanghai Information Security Evaluation and Certification Center, the 15th Research Institute of China Electronics Technology Group Corporation, China Academy of Information and Communications Technology, Ministry of Public Security First Research Institute, Beijing University of Posts and Telecommunications, Institute of Software, Chinese Academy of Sciences. The main drafters of this document are. Zhang Xiaomei, Xu Jinghui, Xin Jianfeng, Wang Wei, Gu Min, Hu Shi, Yuan Cuihong, Chen Shujuan, Tian Qingyun, He Jing, Wen Yanli, Hao Weibo, Wang Yanhong, Ren Fengli, Han Yu, Ji Naijie, Su Purui, Zhang Miao, Yan Yan, and Wang Ye. Personal information security of mobile smart terminal application software Evaluation Standards1 ScopeThis document specifies the evaluation process, evaluation requirements, evaluation content and methods, and evaluation criteria for the personal information security of mobile smart terminal application software. Result determination. This document is applicable to certification bodies and technical verification bodies for testing, evaluating and Certification and other activities.2 Normative referencesThe contents of the following documents constitute essential clauses of this document through normative references in this document. For referenced documents without a date, only the version corresponding to that date applies to this document; for referenced documents without a date, the latest version (including all amendments) applies to This document. GB/T 35273-2020 Information security technology Personal information security specification3 Terms and definitionsThe terms and definitions defined in GB/T 35273-2020 and the following apply to this document. 3.1 Application software developed for mobile smart terminals, including third-party application software pre-installed in mobile smart terminals, and Internet service providers Application software provided by the provider for downloading, installing and upgrading through mobile application distribution platforms such as websites and app stores. Note. Abbreviated as “App”. [Source. GB/T 34975-2017, 3.3, modified] 3.2 Certification body An organization that engages in third-party certification activities related to products, services, processes, systems or people. NOTE. A certification body may carry out testing and inspection activities itself or entrust another body to carry out these activities on its behalf. [Source. RB/T 072-2021, 4.6] 3.3 Network operators who provide information services to users through mobile smart terminal application software are responsible for the operation of mobile smart terminal application software. Operate and assume legal responsibility for the security of personal information in mobile smart terminal application software. 3.4 The process by which professional technicians conduct compliance verification using methods such as testing, inspection and document verification. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of RB/T 182-2023_English be delivered?Answer: Upon your order, we will start to translate RB/T 182-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 5 ~ 8 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of RB/T 182-2023_English with my colleagues?Answer: Yes. The purchased PDF of RB/T 182-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
