This document stipulates the terms and definitions of data security risk assessment, assessment principles, assessment team and personnel, assessment indicators, assessment methods, assessment process, and result feedback and application. This document is intended for data security risk assessment.