Current location - Education and Training Encyclopedia - Graduation thesis - What is information system security level protection?
What is information system security level protection?
? Information security level protection refers to classified security protection of state secret information, proprietary information of legal persons, other organizations and citizens, and information systems that disclose, store, transmit and process these information, classified management of information security products used in information systems, and classified response and disposal of information security incidents in information systems.

1. Legal basis:

? Regulations of People's Republic of China (PRC) on the Security Protection of Computer Information Systems (OrderNo. 147 of the State Council) "Computer information systems shall be protected by security levels, and the specific measures for security level classification and security level protection shall be formulated by the Ministry of Public Security jointly with relevant departments".

2. Policy basis:

The Opinions of the National Leading Group on Strengthening Information Security (Zhongfa [2003] No.27) stipulates that the basic information networks and important information systems related to national security, economic lifeline and social stability should be protected. , pay close attention to the establishment of information security level protection system, formulate information security level protection management measures and technical guidelines.

3. The main links and requirements of information security level protection.

Main link:

Classification, filing, safety construction rectification, grade evaluation and safety inspection.

Basic requirements:

All units and departments should carry out grading, filing, rectification and evaluation of grade protection in accordance with the requirements of quasi-grade, strict examination and approval, timely filing, serious rectification and scientific evaluation.

Public security organs should carry out supervision and inspection in a timely manner, strictly examine the level of information system setting, and strictly check the information system for filing, rectification and evaluation.

Those who deliberately set the security level of the information system at a low level and evade the supervision of the public security, confidentiality, password and other departments, causing major security accidents in the information system, should be held accountable by the units and relevant personnel.

4. The significance of information security level protection.

Implementing information security level protection can effectively improve the overall level of information and information system security construction in China, help to build information security facilities simultaneously in the process of informatization construction, and ensure the coordination between information security and informatization construction; It is conducive to providing systematic, targeted and feasible guidance and services for information system security construction and management, and effectively controlling the cost of information security construction; It is conducive to optimizing the allocation of information security resources, protecting information systems at different levels, and focusing on ensuring the security of basic information networks and important information systems related to national security, economic lifeline and social stability; It is conducive to clarifying the information security responsibilities of the state, legal persons, other organizations and citizens and strengthening information security management; It is conducive to promoting the development of the information security industry and gradually exploring the information security model that adapts to the development of the socialist market economy.