GB/T 29246-2023
Information security technology—Information security management systems—Overview and vocabulary (English Version)

Standard No.
GB/T 29246-2023
Language
Chinese, Available in English version
Release Date
2023
Published By
General Administration of Quality Supervision, Inspection and Quarantine of the People‘s Republic of China
Latest
GB/T 29246-2023
Replace
GB/T 29246-2017
 
Introduction

The Standard GB/T 29246-2023, titled "Information Security Technology - Information Security Management System - Overview and Terminology", was published by the National Administration for Quality Supervision, Inspection and Quarantine (AQSIQ) of China on December 28, 2023. This standard is set to take effect from July 1, 2024. It provides a foundational understanding of information security management systems (ISMS), outlining key concepts and terminology that are essential for the effective implementation and operation of ISMS within organizations. The document aims to enhance clarity and consistency in communication regarding ISMS among various stakeholders including but not limited to auditors, consultants, managers, and technical staff involved in information security practices.

GB/T 29246-2023 history

  • 2023 GB/T 29246-2023 Information security technology—Information security management systems—Overview and vocabulary
  • 2017 GB/T 29246-2017 Information technology—Security techniques—Information security management systems—Overview and vocabulary
  • 2012 GB/T 29246-2012 Information technology.Security techniques.Information security management systems.Overview and vocabulary

Standard and Specification

GA/T 699-2007 Information security technology- Communication exchange criterion for alert of computer network intrusion YD/T 1799-2008 Evaluation Methods for Qualification of Network and Information Security Emergency Response Service GA/T 1177-2014 Information security technology.Security technique requirements for the second generation firewall products ISO/IEC 27004:2016 Information technology - Security techniques - Information security management - Monitoring, measurement, analysis and evaluation GB/T 22080-2016 Information technology.Security techniques.Information security management systems.Requirements GB/T 22081-2024 Network security technology information security control GB/T 20985.2-2020 Information technology—Security techniques—Information security incident management—Part 2: Guidelines to plan and prepare for incident response YD/T 3801-2020 Implementation Method for Data Security Risk Assessment of Telecom Networks and Internet GB/T 37094-2018 Information security technology—Security management requirements for office information systems GB/T 20985.1-2017 Information technology - Security techniques - Information security incident management - Part 1: Principles of incident management GB/T 32916-2023 Information Security Technology Information Security Control Assessment Guide GB/T 31497-2024 Information Technology Security Technology Information Security Management Monitoring, Measurement, Analysis and Evaluation GB/T 20274.1-2023 Information Security Technology Information System Security Assurance Assessment Framework Part 1: Introduction and General Model GB/T 37095-2018 Information security technology—Security basic technical requirements for office information systems GA/T 1717.1-2020 Information Security Technology Network Security Incident Notification and Early Warning Part 1: Terminology GB/T 29246-2017 Information technology—Security techniques—Information security management systems—Overview and vocabulary GA/T 1390.2-2017 Basic Requirements for Classified Protection of Network Security for Information Security Technology Part 2: Extended Requirements for Cloud Computing Security ISO/IEC 27050-1:2019 Information technology — Electronic discovery — Part 1: Overview and concepts GB/T 15843.2-2024 Network security techniques - Entity authentication - Part 2: Mechanisms using authentication encryption


Copyright ©2025 All Rights Reserved