金融领域数据安全能力体系构建方法研究OA

The Data Security Law of the People's Republic of China requires that institutions should establish and improve a whole-process data security management system and carry out data-processing activities in accordance with the provisions of laws and regulations.The Measures for the Management of Data Security in the Business Field of the People's Bank of China(Draft for Public Comments)puts forward the general requirements for data security protection in the financial field,data classification and grading,and data security protection measures.In order to help financial institutions implement relevant national and industry da-ta security requirements,this paper proposes a data security capability system construction method based on Data Security Capa-bility Maturity Model(DSMM).Building data security capabilities is carried out in four dimensions,such as organizational con-struction,institutional processes,technical tools and personnel capabilities,respectively.The proposed method can help financial institutions comprehensively improve their data security protection capabilities,so as to meet compliance requirements as well as their own development needs.