GB/T 40685-2021
Information technology service—Data asset—Management requirements (English Version)
- Standard No.
- GB/T 40685-2021
- Language
- Chinese, Available in English version
- Release Date
- 2021
- Published By
- General Administration of Quality Supervision, Inspection and Quarantine of the People‘s Republic of China
- Latest
- GB/T 40685-2021
- Scope
- This document specifies the general principles of data asset management, management objects, management process and management assurance requirements. This document is applicable to the application and management of data assets of organizations. Users include organizations that need to carry out data asset management work and provide data asset management services.
- Introduction
Analysis of the core framework of the standard
GB/T40685-2021 has built a four-layer architecture of "strategy-goal-management domain-value realization", emphasizing the management concept of taking business as the main line and value as the orientation. The standard divides the management domain into three modules: management object, management process and management guarantee, forming a complete closed-loop system.
Comparison of key management processes
Management process Core requirements Technical support Output Data asset confirmation Use blockchain/electronic certification technology Comply with GB/T33770.2 requirements Proof of ownership registration Data asset assessment Quality + value dual-dimensional assessment Refer to Appendix A method Assessment report Data asset audit Full process compliance review A traceability mechanism needs to be established Audit report
Implementation points
1. Data asset catalog construction
The standard requires the establishment of a four-dimensional information model including basic attributes, business elements, management elements, and value elements. A financial enterprise implementation case shows that the data retrieval efficiency can be improved by 40% through standardized classification (subject/theme/business).
2. Technical practice of property rights confirmation
It is recommended to use the
Blockchain Evidence Platform to realize the recording of three elements:
- Time attribute: timestamp service
- Identity attribute: digital certificate
- Content attribute: hash value evidence
Detailed explanation of evaluation method
Appendix A provides four evaluation methods:
- Market method: It is necessary to establish an adjustment coefficient system (quality coefficient 0.8-1.2, regional coefficient 0.9-1.1)
- Income method: The economic value discount rate is recommended to be 8%-12%, and the social value weight requires expert review
- Cost method: Including full cost accounting such as data collection, cleaning, and storage
- Comprehensive method: recommended weight ratio (cost method 30% + market method 20% + income method 50%)
Compliance requirements
The standard is linked to multiple regulations:
- Personal information protection: implement GB/T35273
- Data security: meet the classification requirements of GB/T37973
- Quality assessment: use GB/T25000.24 measurement indicators
GB/T 40685-2021 Referenced Document
- GB/T 25000.12-2017 Systems and software engineering—Systems and software Quality Requirements and Evaluation(SQuaRE)—Part 12: Data quality model
- GB/T 25000.24-2017 Systems and software engineering—Systems and software Quality Requirements and Evaluation(SQuaRE)—Part 24: Measurement of data quality
- GB/T 33770.2-2019 Information technology service—Outsourcing—Part 2:Data protection requirements
- GB/T 35273-2020 Information security technology—Personal information security specification
- GB/T 37973-2019 Information security technology—Big data security management guide
GB/T 40685-2021 history
- 2021 GB/T 40685-2021 Information technology service—Data asset—Management requirements