公共数据安全评估规范

深圳市地方标准 DB4403/TXXXXX—XXXX 公共数据安全评估规范 Assessmentspecificationofcommondata security 送审稿 深 圳 市 市 场 监 督 管 理 局发 布 目次 前言.......................................................................................................................................................................III1范围...................................................................................................................................................................12规范性引用文件...............................................................................................................................................13术语和定义.......................................................................................................................................................14缩略语...............................................................................................................................................................25概述...................................................................................................................................................................25.1评估原则....................................................................................................................................................25.2评估职责....................................................................................................................................................25.3安全能力评估维度...................................................................................................................................35.4评估体系....................................................................................................................................................35.5评估方法....................................................................................................................................................35.6评估适用情形............................................................................................................................................45.7评估对象和评估指标说明.......................................................................................................................45.8评估流程....................................................................................................................................................56通用管理安全评估...........................................................................................................................................56.1总体数据安全策略...................................................................................................................................56.2数据安全管理机构与人员.......................................................................................................................66.3数据安全管理制度体系.........................................................................................................................117通用技术安全评估.........................................................................................................................................137.1数据分类分级保护.................................................................................................................................137.2数据安全评估..........................................................................................................................................157.3数据安全风险监测.................................................................................................................................177.4数据安全管控..........................................................................................................................................197.5数据安全应急处置.................................................................................................................................237.6数据安全审计..........................................................................................................................................258数据处理活动安全评估................................................................................................................................278.1数据收集..................................................................................................................................................278.2数据存储..................................................................................................................................................298.3数据传输..................................................................................................................................................328.4数据使用..................................................................................................................................................348.5数据加工..................................................................................................................................................378.6数据开放共享..........................................................................................................................................408.7数据交易......................................