GB/T 20984-2007

Abolished

Information security technology - Risk assessment specification for information security

信息安全技术信息安全风险评估规范

Standard Type

GBT

ICS

35.040

CCS

L80

Status

Abolished

Issue Date

2007-06-14

Implementation

2007-11-01

Centralized Committee

国家标准委

Issuing Authority

中华人民共和国国家质量监督检验检疫总局、中国国家标准化管理委员会

Application Summary AI generated

This standard provides a framework and methodology for conducting risk assessments of information systems, covering asset identification, threat analysis, vulnerability evaluation, and risk calculation. It is applied by organizations in China across all industries—including government, finance, and telecommunications—to systematically evaluate and manage information security risks, ensuring compliance with national security regulations and improving cybersecurity posture.

Related Standards

GB/T 21049-2007 Chinese-sensible code GB/T 19245-2003 Specification for information interchange of electronic business card GB/T 16986-2003 Application identifiers for EAN·UCC system GB/T 16829-2003 Information technology--Automatic identification and data capture techniques--Bar code symbology specifications--Interleaved 2 of 5 GB/T 18391.2-2003 Information technology--Specification and standardization of data elements--Part 2: Classification for data elements GB/T 19253-2003 Information technology--Notation of format for data element values GB/T 2261.1-2003 Classification and codesof basic personal information--Part 1: Codes for sexual distinction of human GB/T 2261.2-2003 Classification and codesof basic personal information--Part 2: Codes for marriage status

Transparency note: The application summary and key sentences on this page were automatically generated by AI from the standard's original text. This content has not been human-verified and should not be used for compliance or regulatory purposes. Always refer to the official standard document from the issuing authority.