Cyber security: have you done your self-assessment?

13 June 2019

The MIIT (Ministry of Industry and Information Technology) has recently announced that organizations falling under its scope have until the 10th of July 2019 to perform and submit to the authorities their self-assessment of their implementation of the MLPS (the applicable cyber security protection framework made mandatory under the China Cyber security Law) and of the current cyber security conditions of their systems and networks.

The Ministry of Public Security has also warned that all organizations need to quickly (1) determine and file with the proper authorities their cybersecurity level under the MLPS  if it has not been done yet, and (2) implement corresponding obligations.

Who is concerned? 

Every company must complete the self-assessment and file it with authorities.

These authorities have declared that they will, in the very coming months, conduct numerous random checks and on-site inspections to verify if organizations are compliant, order non-compliance to be rectified and take sanctions against offenders.

No doubt that organizations which fail to heed these warnings run heightened risks of finding themselves, very soon, in hot waters. Suspension and disruption of activities are to be anticipated for companies that have not complied yet with their obligations.

Where does your company stand, as of today, in terms of CSL compliance program?

If you want to know more about self-assessment, feel free to contact Maxime Oliva and Bruno Grangier (contact@tl-group.com.cn)

The TL Group is a team providing tech and legal services.

The alliance between Leaf, a law firm, and TekID, a Data intelligence firm, is providing a comprehensive cyber security and data management offering which will help you enhance your security with a holistic approach. This team of cyber / data experts and lawyers can offer services to companies and managers such as compliance audits and programs in cybersecurity, structuring deals involving data assets, understanding and managing the life cycle of data and the associated risks, forensic investigations, among others.