摘要
以中国国际航空股份有限公司实施个人信息保护为典型案例,阐述GB/T 35273—2020《信息安全技术个人信息安全规范》和GB/T 39335—2020《信息安全技术个人信息安全影响评估指南》等网络安全国家标准在国航关键业务流程、核心支撑应用系统中的实施情况,以及标准化工作在保障重要领域网络安全中发挥的引领作用,为各行业个人信息保护及标准化工作提供参考。
Taking the implementation of personal information protection by Air China as a typical case,this paper expounds the implementation of national network security standards such as the code GB/T 35273-2020 Information security technology-Personal information security specification and GB/T 39335-2020 Information security technologyGuidance for personal information security impact assessment in Air China’s key business processes and core support application systems.It also states that the leading role of standardization in guaranteeing cybersecurity in important areas,providing reference for personal information protection and standardization in various industries.
出处
《信息技术与标准化》
2022年第5期223-227,共5页
Information Technology & Standardization
