一、中心性质及概况
中国信息安全认证中心是经中央编制委员会批准成立,由国务院信息化工作办公室、国家认证认可监督管理委员会等八部委授权,依据国家有关强制性产品认证、信息安全管理的法律法规,负责实施信息安全认证的专门机构。
中国信息安全认证中心为国家质检总局直属事业单位。
中心简称为信安中心;英文全称:China Information Security Certification Center;英文缩写:ISCCC。
中心的质量方针是:客观公正,科学规范,优质高效。
二、中心主要职责
1、在国家认证认可监督管理委员会(以下简称国家认监委)批准的业务范围内,开展认证工作;
2、开展信息安全认证相关标准和检测技术、评价方法研发工作,为建立和完善信息安全认证制度提供技术支持;
3、在批准的业务范围内,开展认证人员培训工作。开展信息安全技术培训工作;
4、依据法律、法规及授权开展涉及信息技术安全领域的相关工作;
5、承担对本中心委托检测和检查机构的监督与管理工作;
6、依据国家法律、法规及授权开展信息安全相关领域的国际合作与交流活动;
7、承办总局和国家认监委交办的其他事项。
三、中心内设机构
中心内设10个处室,分别为办公室、综合业务处、产品认证处、体系认证处、服务认证处、培训处、质量监督处、科技与国际处、人事处、财务处,设立党委办公室,与办公室合署办公。
Introduction
China Information Security Certification Center (ISCCC for short) was established in 2006, with the approval of the State Commission Office for Public Sector Reform and authorized by eight government authorities and ministries, including Information Work Office of State Council, Ministry of Public Security of People’s Republic of China, Ministry of State Security, Ministry of Information Industry of People’s Republic of China, State General Administration of the People’s Republic of China for Quality Supervision and Inspection and Quarantine(AQSIQ), State Secrecy Administration, Certification and Accreditation Administration of the People’s Republic of China(CNCA) and State Cryptography Administration. According to national information security laws and regulations, ISCCC is the specialized organization to implement information security certification.
As a nonprofit organization directly governed by AQSIQ, ISCCC guarantees to be subjective and unbiased, scientific and normative, with high quality and great efficiency.
Main Responsibilities of ISCCC
1. To engage in certification within the business scope approved by CNCA;
2. To engage in research and development of standards, testing techniques and assessment methods related to information security certification, and to provide technical support for the establishment and perfection of the information security certification system;
3. To provide training for certification personnel within the approved business scope, and to provide training in information security technologies;
4. To engage in works related to the field of information technology security in compliance with laws, regulations and authorization;
5. To supervise and manage the activities committed by ISCCC to testing and inspection organizations;
6. To participate in international cooperation and exchanges related to information security in accordance with national laws and regulations as well as authorization; and
7. To undertake other affairs assigned by AQSIQ and CNCA.
Internal Departments of ISCCC
There are 10 departments in ISCCC, including the General Office(also as Party Committee Office), Department of Comprehensive Service, Department of Product Certification, Department of Management System Certification, Department of Service Provider Qualification Certification, Department of Training, Department of Quality Supervision, Department of Science and Technology and International Co-operation,Department of Personnel, Department of Finance. |
