Skip to product information
1 of 11

PayPal, credit cards. Download editable-PDF and invoice in 1 second!

GB/T 40685-2021 English PDF (GBT40685-2021)

GB/T 40685-2021 English PDF (GBT40685-2021)

Regular price $230.00 USD
Regular price Sale price $230.00 USD
Sale Sold out
Shipping calculated at checkout.
Delivery: 3 seconds. Download true-PDF + Invoice.
Get QUOTATION in 1-minute: Click GB/T 40685-2021
Historical versions: GB/T 40685-2021
Preview True-PDF (Reload/Scroll if blank)

GB/T 40685-2021: Information technology service -- Data asset -- Management requirements
GB/T 40685-2021
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.080
CCS L 77
Information technology service - Data asset - Management
requirements
ISSUED ON: OCTOBER 11, 2021
IMPLEMENTED ON: MAY 01, 2022
Issued by: State Administration for Market Regulation;
Standardization Administration of the People's Republic of China.
Table of Contents
Foreword ... 3 
1 Scope ... 5 
2 Normative references ... 5 
3 Terms and definitions... 5 
4 General management rules ... 7 
4.1 Management principle ... 7 
4.2 Management framework ... 7 
5 Management object ... 9 
5.1 Overview ... 9 
5.2 Data asset characteristics ... 9 
5.3 Data asset information elements ... 9 
6 Management process ... 10 
6.1 Overview ... 10 
6.2 Data asset catalog management ... 10 
6.3 Data asset identification ... 10 
6.4 Data asset registration ... 11 
6.5 Data asset application ... 11 
6.6 Data asset inventory ... 12 
6.7 Data asset change ... 12 
6.8 Data asset disposal ... 13 
6.9 Data asset assessment ... 13 
6.10 Data asset audit ... 14 
6.11 Data asset security management ... 14 
7 Management assurance ... 15 
7.1 Overview ... 15 
7.2 Organizational guarantee ... 15 
7.3 Institutional guarantee ... 16 
7.4 Technical support ... 16 
Annex A (informative) Reference method for data asset value assessment ... 17 
A.1 Market method ... 17 
A.2 Income method ... 17 
A.3 Cost method ... 19 
A.4 Comprehensive assessment method ... 19 
Bibliography... 21 
Information technology service - Data asset - Management
requirements
1 Scope
This Standard specifies data asset management general principles, management objects,
management processes and management assurance requirements.
This Standard is applicable to the application and management of data assets of
organizations, and users including organizations that need to carry out data asset
management and provide data asset management services.
2 Normative references
The following referenced documents are indispensable for the application of this
document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
GB/T 25000.12-2017, Systems and software engineering-Systems and software
Quality Requirements and Evaluation (SQuaRE) - Part 12: Data quality model
GB/T 25000.24-2017, Systems and software engineering - Systems and software
Quality Requirements and Evaluation (SQuaRE) - Part 24: Measurement of data
quality
GB/T 33770.2-2019, Information technology service – Outsourcing - Part 2: Data
protection requirements
GB/T 35273-2020, Information security technology - Personal information security
specification
GB/T 37973-2019, Information security technology - Big data security management
guide
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1 data asset
legally owned or controlled data resources that can be measured and bring economic
and social value to the organization
[Source: GB/T 34960.5-2018, 3.3, modified]
3.2 management objective
the objective set for data asset management activities within a certain period of time,
based on organizational strategy
3.3 management domain
the collection of management objects, management processes and management
guarantees in the process of data asset management
NOTE: Intra-domain behavior is subject to a system-administered policy.
3.4 data asset catalog
a set of information that describes the characteristics of a data asset by means of
classification, grading, and coding
3.5 data asset identification
the activity to identify and register data assets from existing data sources according to
management objectives
3.6 data asset registration
the activity of registering and confirming the ownership of data assets in an organization
through technical means, so that it has attributes such as time, identity and content
3.7 data asset application
the activity to meet business scenarios and organizational development needs, and
promote the appreciation of data assets through sharing, circulation, use, and so on
3.8 data asset change
the activity to ensure consistency of data assets with catalog information through a
change control process
3.9 data asset assessment
the activity to quantitatively and qualitatively evaluate the status, quality, and value of
data assets within an organization
3.10 data asset audit
the activity to review and monitor the authenticity, consistency, correctness, legality,
5 Management object
5.1 Overview
The object of data asset management is the data asset itself. Identify data assets based
on characteristics in the management process. Describe and manage through the
information elements of data assets.
5.2 Data asset characteristics
The characteristics of data assets are as follows:
a) Value can be increased: The value of data assets is easy to change. It can be
increased with the application scenarios, the number of users and the frequency
of use. Its economic value and social value will continue to grow;
b) Can be shared: Under the premise of controllable permissions, data assets can be
copied and shared and applied by multiple entities inside and outside the
organization;
c) Can be controlled: To meet the requirements of risk controllability and operational
compliance, data assets need to have controllable permissions and traceable
behavior;
d) Can be quantified: The quality, cost and value of data assets are measurable and
assessable.
5.3 Data asset information elements
The elements of data asset information shall mainly include:
a) Basic attributes, including data source, type, structure, scale, update cycle,
standard and quality;
b) Business elements, including business descriptions, business indicators, business
rules and associations;
c) Management elements, including data ownership, classification and grading,
security information, data traceability, responsibilities, authority, and application;
d) Value elements, including market information, field information, geographical
information, application value and financial attributes.
6 Management process
6.1 Overview
The management process defines a series of activities for an organization to implement
data asset management. The data asset catalog is used to record and manage the
information elements of data assets. The identification, confirmation, application,
inventory, change and disposal of data assets are the core management activities.
Realize the life cycle management of data assets, as well as preserve and increase value.
Assessment, auditing and security management of data assets provide support for value
discovery, operational compliance and risk control of data assets.
6.2 Data asset catalog management
6.2.1 Purpose
Record all identified data asset information in the organization through the data asset
catalog. Support the whole process management of data asset identification, application,
change, inventory and disposal.
6.2.2 Requirements
The specific requirements that data asset catalog management shall meet are as follows:
a) Create a data asset catalog. Record data asset information elements;
b) Establish control mechanisms such as permissions, versions and releases for data
asset catalog management;
c) Categorize data...
View full details