This standard proposes working methods for inspection and testing institutions to carry out network security protection, and builds a network security working framework from the aspects of defining network security objectives, identifying network security protection objects, conducting network security risk assessments, and selecting and constructing network security control measures. It proposes specific network security work items that inspection and testing institutions must implement or choose to carry out, such as network security level protection, data security management certification, and commercial password application security assessment, and provides the work content and work processes of these work items.
T/CIQA 39-2022 history
2022T/CIQA 39-2022 Guidelines on cyber practices of inspection and testing institutions