Qualification / Website filing / 信息系统安全等级保护备案_Sports Betting Game

Information system security grade protection record

Information system security level protection is the basic system, basic strategy and basic method of national information security work. Carrying out the classified protection of information system security is not only an important part of strengthening national information security work, but also a political task related to national security and social stability.

The information system security level protection evaluation work refers to the evaluation work in accordance with the national information security level protection system regulations, in accordance with the relevant management norms and technical standards, to non-involved countries The activity of testing and evaluating the security level protection status of secret information systems. When the public security organs and other security supervision departments conduct the supervision and inspection of the information security level protection, the system operation and use unit must submit the level evaluation report issued by the institution with the level evaluation qualification.

Information system security grade protection filing agency

County (city) level people's government public security organs

Consult now

Information system security level protection filing scope

All units and individuals using computer information systems within the territory of the People's Republic of China that directly or indirectly network with computer information systems outside the territory of the People's Republic of China (including Hong Kong, Macao and Taiwan regions) through physical communication channels shall be registered and filed.

Consult now

Grade Protection Rating

The first level, after the information system is damaged, will cause damage to the legitimate rights and interests of citizens, legal persons and other organizations, but will not damage national security, social order and public interests.

The second level, when the information system is damaged, it will cause serious damage to the legitimate rights and interests of citizens, legal persons and other organizations, or cause damage to social order and public interests, but does not damage national security .

The third level, when the information system is damaged, will cause serious damage to social order and public interests, or cause damage to national security.

The fourth level, when the information system is damaged, will cause particularly serious damage to social order and public interests, or cause serious damage to national security.

The fifth level, when the information system is damaged, will cause particularly serious damage to national security.

Information system security level protection policy document

Beijing Public Service Network and Information System Security Management Regulations.doc

Notice of the Ministry of Public Security on the filing of computer information systems connected to the international network.doc

Regulations of the People's Republic of China on the Security Protection of Computer Information Systems (Order No. 147 of the State Council).doc

Information system security level protection record

Information system security level protection evaluation

Assessment Basis
GB/T 28448-2012 "Information System Security Level Protection Evaluation Requirements"
GB/T 28449-2012 "Information System Security Level Protection Evaluation Process Guide"
GB/T 25058-2010 "Guidelines for the Implementation of Information System Security Level Protection"
GB/T 25070-2010 "Technical Requirements for Security Design of Information System Level Protection"
GB/T 22240-2008 "Guidelines for Graded Protection of Information System Security"
GB/T 22239-2008 "Basic Requirements for Classified Protection of Information System Security"
GB 17859-1999 "Guidelines for Classification of Security Protection Levels of Computer Information Systems"

Consultation

Basic requirements for level protection

1. Basic security requirements are security requirements for the basic security protection capabilities that information systems of different security protection levels should have. According to different implementation methods, basic security requirements are divided into two categories: basic technical requirements and basic management requirements.
2. Basic technical requirements are put forward from the aspects of physical security, network security, host security, application security and data security; basic management requirements are from security management system, security management organization, personnel security management, system construction management and system operation It is pointed out in several aspects of maintenance management that basic technical requirements and basic management requirements are two inseparable parts to ensure the security of information systems.

Classification protection implementation process

The whole level protection implementation process includes: system rating, security planning and design, security implementation/realization, security operation management and system termination.
System rating: Information system operation and use units determine the information system security level in accordance with the "Guidelines for the Grading of Information Security Levels of Information System Information".
Security planning and design: According to the grading situation and security requirements of the information system, design a reasonable overall design scheme that meets the requirements of grading protection.
Security implementation/realization: In accordance with the overall requirements of the information system overall plan, combined with the information system security construction plan, implement security measures in stages.
Safe operation: In the safe operation stage, activities such as operation management, change management and control, safety status monitoring, safety incident handling and emergency plan, safety assessment and continuous improvement, and supervision and inspection are carried out.
System Termination: Ensure that sensitive information within the system is properly handled when the information system is transferred, terminated or abandoned.

Service Scope and Content

"Quicker" provides corresponding security services for each stage in the implementation of graded protection. In the system grading stage, it can help identify the security protection level of the information system and confirm the security level of the information system. The security master planning phase provides specific security planning recommendations. The safety design and implementation stage can assist customers to test the implementation and effectiveness of safety measures. In the stage of safe operation and maintenance, services such as grade compliance inspection, safety rectification design, emergency plans and drills are provided. Finally, the customer information system can meet the basic requirements of national level protection.

Information system security grade protection filing service project

Rating

Public security filing

Grade evaluation

Submit filing materials

“Information system security level protection filing process”

Consulting business intentions(determine the type of business you handle)

Business cooperation negotiation(customized solutions for you)

Material Preparation(Assist you in preparing required materials)

Grading/filing/evaluation(Leave the rest to us)

Security level filing completed