The YD/T 4558-2023 “General Data Security Governance Capability Assessment Method” industry standard developed by the Chinese Academy of Information and Communications Technology and drafted with the participation of companies such as Aurora will be officially implemented on April 1.The standard proposes a general evaluation method for data security governance capabilities, including evaluation implementation methods, classification of evaluation results, and specific requirements and evaluation rules for data security governance capabilities at each levelIt is suitable for enterprises to carry out data security governance work on the data they own, and to provide reference and guidance for evaluating their data security governance capabilities.
According to reports, the standard distills an enterprise's data security governance capability system framework, including15 competencies in the three layers of data security strategy, data lifecycle security, and basic security. The standard also proposes a general evaluation method based on this framework, that is, a comprehensive assessment is carried out from the four governance dimensions of organizational structure, institutional processes, technical tools, and personnel capabilities, and the evaluation results are divided into 5 governance levels, namely initial level, key implementation level, comprehensive governance level, quantitative evaluation level, and continuous optimization level.
The formal implementation of this standard will be of great significance in guiding the optimization of enterprise capabilities, promoting the upgrading of technological products, promoting the development of industry capabilities, and helping to implement laws and regulations. As a leading customer interaction and marketing technology service provider in China, Aurora has always attached great importance to data security and personal information protection. For example, Aurora has repeatedly cooperated with relevant departments such as the China Academy of Information and Communications Technology and the China Internet Association to hold compliance seminars, hold industry seminars, participate in the formulation of industry standards, etc., to vigorously promote the construction of data compliance and personal information protection and strengthen the security protection of personal information. This time, Aurora was once again honored to participate in the drafting of the “General Data Security Governance Capability Assessment Method” industry standard, proving that the regulatory authorities fully recognize Aurora in the field of compliance and personal information protection.
In the future, while continuing to adhere to the bottom line of compliance and personal protection, Aurora will also continue to iterate on product innovation, take practical actions, give full play to its leading role, and vigorously promote ecological compliance in the industry.
Source: WeChat account “Aurora JIGUANG”