ICS35.030 CCSL80 数据安全治理能力评估方法 2021-04-27发布 2021-07-01实施团体标准 T/ISC-0011-2021 中国互联网协会 发布Evaluationmethodofdatasecuritygovernancecapability 全国团体标准信息平台 全国团体标准信息平台 T/ISC-0011-2021 I目  次 前言.................................................................................................................................................................II 引言...............................................................................................................................................................III 1范围...................................................................................................................................................................1 2规范性引用文件...............................................................................................................................................1 3术语和定义.......................................................................................................................................................1 4概述...................................................................................................................................................................2 4.1评估原则...................................................................................................................................................3 4.2评估实施方法...........................................................................................................................................3 4.3评估实施过程...........................................................................................................................................3 5数据安全治理能力总体要求...........................................................................................................................4 6评估等级...........................................................................................................................................................4 6.1第一级：基础级.......................................................................................................................................4 6.2第二级：优秀级.......................................................................................................................................4 6.3第三级：先进级.......................................................................................................................................5 7数据安全战略...................................................................................................................................................5 7.1数据安全规划...........................................................................................................................................5 7.2机构人员管理...........................................................................................................................................7 8数据全生命周期安全.....................................................................................................................................10 8.1数据采集安全.........................................................................................................................................10 8.2数据传输安全.........................................................................................................................................12 8.3存储安全.................................................................................................................................................15 8.4数据备份与恢复.....................................................................................................................................17 8.5使用安全.................................................................................................................................................19 8.6数据处理环境安全.................................................................................................................................21 8.7数据内部共享安全.................................................................................................................................23 8