This standard specifies the general requirements for security assessment and extended security assessment requirements for different levels of graded protection objects. This standard is applicable to security assessment service agencies, operating units and competent departments of level protection objects to conduct security assessments and provide guidance on the security status of level protection objects. It is also suitable for reference use by network security functional departments when conducting network security level protection supervision and inspections. . Note: The fifth-level protection objects are very important supervision and management objects and have special management models and safety evaluation requirements, so they are not described in this standard.
GB/T 28448-2019 history
2019GB/T 28448-2019 Information security technology —Evaluation requirement for classified protection of cybersecurity
2012GB/T 28448-2012 Information security technology.Testing and evaluation requirement for classified protection of information system