The first step, grading
System classification is the first step of the work to be guaranteed. As we all know, the basic requirements of grade protection are divided into five grades. If the system level is uncertain, it is impossible to choose which level to be insured. The scoring process includes: "Determine the scoring object->; Preliminary determination of grade-> expert review-> review by competent authorities-> filing and review by public security organs-> linear grading process "Final determination of grade", ensuring that after 2.0, the system grading must go through expert review and review by competent authorities before filing with public security organs.
The second step is to file a case.
After the system level is determined, the classified materials shall be submitted to the network security department of the municipal public security organ for filing. After successful filing, the local network security department will issue a "Record Certificate". The record certification information includes: company name, system name, system level and other information. Obtain the "Record Certificate" to determine the system level.
The third step is construction and rectification.
After successful filing, the existing information system operators and users shall purchase and use corresponding information security products, build security facilities, implement security technical measures and complete system rectification according to the determined information security protection level and management norms and technical standards for level protection.
Step 4: Grade evaluation.
After the construction rectification, the evaluation institution will test and evaluate the evaluated system according to the provisions of the national network security level protection system and relevant management norms and technical standards, verify whether the system meets the level protection security requirements, and issue a level evaluation report.
The fifth step is supervision and inspection.
After the assessment is completed, the assessed unit will submit a grade assessment report to the network security department of the municipal public security organ. After the network security department receives the evaluation report, the evaluation work is completed. The network security department of the public security organ is responsible for the supervision, inspection and guidance of the classified protection network.
If you need insurance assessment service, you can write privately in the background. Lulu Information Technology integrates the technical advantages of cloud security products, and provides one-stop service for the safety project by combining high-quality safety consulting and safety evaluation cooperation resources, covering the safety level, filing, construction rectification and evaluation stages in an all-round way, efficiently passing the safety evaluation, and implementing the network safety level protection.