Emergency Response Plan of the Shanghai Municipality for Network Security Incidents (2019 Edition)
Emergency Response Plan of the Shanghai Municipality for Network Security Incidents (2019 Edition)
Emergency Response Plan of the Shanghai Municipality for Network Security Incidents (2019 Edition)
October 30, 2019
Table of Contents
1 General Provisions
1.1 Purpose for Preparation
1.2 Basis of Preparation
1.3 Scope of Application
1.4 Working Principles
2 Organization System
2.1 Leading Body
2.2 Emergency Response Organization
2.3 Municipal Emergency Response Headquarters
2.4 Functional Division
2.5 Expert Advisory Bodies
3 Prevention and Warning
3.1 Prevention
3.2 Early Warning Level
3.3 Early Warning Monitoring
3.4 Release of Early Warning Information
3.5 Early Warning Response
3.6 Early Warning Release
4 Emergency Response
4.1 Information Reports
4.2 Response Levels
4.3 Emergency Disposal
4.4 Technology Implementation
4.5 Release of Information
5 Post-Disposal
6 Emergency Safeguards
6.1 Organization and Personnel
6.2 Materials Guarantee
6.3 Telecommunication Guarantee
6.4 Funding
6.5 Liability and Reward/Penalty
7 Supplementary Provisions
7.1 Interpretation of the Plan
7.2 Amendment to the Plan
7.3 Implementation of the Plan
1 General Provisions
1.1 Purpose for Preparation
The Plan is formulated to establish and improve the Municipality's emergency work mechanism for cyber security incidents, improve the ability to respond to unexpected cyber security incidents, prevent and reduce losses and harm caused by cyber security incidents, protect public interests, safeguard national security, public security and social order, and guarantee safe operation of the Municipality.
1.2 Basis for Preparation
The Plan is prepared according to the Emergency Response Law of the People's Republic of China, the Cyber Security Law of the People's Republic of China, the Administrative Measures for Emergency Response Plan, the National Emergency Response Plan for Cyber Security Incidents, the Measures of the Shanghai Municipality for Implementing the Emergency Response Law of the People's Republic of China, the Overall Emergency Response Plan of the Shanghai Municipality for Public Emergencies, and the Information Security Technology - Guidance on the Classification and Grading of Information Security Incidents (GB/Z 20986-2007).
1.3 Scope of Application
The Plan shall be applicable to the prevention and disposal of cyber security incidents occurring in the administrative region of Shanghai and those occurring in other areas that may affect the safe operation of Shanghai. In particular, the Shanghai Emergency Response Plan for Communication Guarantee shall apply to the communication guarantee of and communication recovery of basic telecommunication networks; and separate Plan shall be formulated to respond to security incidents related to information contents as well as cybersecurity incidents concerning classified networks and systems.
1.4 Working Principles
It shall be required to adhere to unified leadership and responsibilities assumed at different levels; adhere to unified command, close coordination, rapid response, and scientific disposal; adhere to prevention first, and combination of prevention and emergency response; and adhere to the principle of the department in charge being the department responsible, and the operation department being the department responsible, and give full play to the power of all parties to prevent and dispose of cyber security incidents.
2 Organization System
2.1 Leading Body
The Cyberspace Affairs Commission of the CPC Shanghai Municipal Committee (hereinafter referred to as the "Shanghai Cyberspace Affairs Commission") is responsible for coordinating and organizing the cybersecurity protection work of Shanghai Municipality, and exercising unified command of the handling of cybersecurity incidents of the Shanghai Municipality.
2.2 Emergency Response Organization
The Municipal Emergency Response Center is established in the Municipal Public Security Bureau. As a functional organ and command platform for the preliminary emergency response handling of emergencies of the Municipality, it shall perform the functions and duties of handling relatively serious and general emergency incidents through joint emergency response handling and organizing the joint emergency response entities to handle extremely serious or serious emergencies at an early stage. All joint emergency entities shall be responsible for the preliminary emergency response to emergencies within the scope of their respective functions and duties.
2.3 Municipal Emergency Response Headquarters
In the event of extremely serious or serious cyber security incidents, after reporting to municipal leaders for decision, the functional departments shall change the Shanghai Cyberspace Affairs Commission to the Municipal Emergency Response Headquarters of Cyber Security Incidents (hereinafter referred to as the "Municipal Emergency Response Headquarters") for unified command of cyber security incidents handling in the Municipality. The commander-in-chief shall be determined by the leaders of the Shanghai Cyberspace Affairs Commission who are responsible for relevant work, and the members shall consist of leaders of relevant departments and entities, and the setting location shall be determined according to the needs of emergency disposal. Meanwhile, professional contact and disposal teams shall be set up in line with the needs of the situation, and work shall be carried out under the unified command of the Municipal Emergency Response Headquarters.
2.4 Functional Division
The Office of the Cyberspace Affairs Commission of the CPC Shanghai Municipal Committee (hereinafter referred to as the "Office of Shanghai Cyberspace Affairs Commission"), as the administrative office of the Shanghai Cyberspace Affairs Commission, shall undertake the specific tasks of planning, coordinating and organizing the cybersecurity incident response work of the Municipality, and establish and improve the cross-departmental linkage disposal mechanism.
2.5 Expert Advisory Bodies
The Office of Shanghai Cyberspace Affairs Commission is responsible for the establishment of handling network security incidents expert advisory group to provide decision-making advice and technical support for dealing with network security incidents.
3 Prevention and Warning
3.1 Prevention
All districts, departments and entities shall effectively deal with the risk assessment and hidden danger investigation of cyber security incidents, and timely take effective measures to avoid and reduce the occurrence and harm of cyber security incidents.
3.2 Early Warning Levels
There are four levels of early warning of cyber security incidents, which are indicated respectively in red, orange, yellow and blue from high level to low level, corresponding to the occurrence or possible occurrence of extremely serious, serious, relatively serious and general cyber security incidents.
3.3 Early Warning Monitoring
All districts, departments and entities shall organize the monitoring of cyber security of the network and information systems constructed and operated within the administrative scope thereof according to the requirements of " the department in charge being the department responsible, and the operation department being the department responsible ".
......
October 30, 2019
Table of Contents
1 General Provisions
1.1 Purpose for Preparation
1.2 Basis of Preparation
1.3 Scope of Application
1.4 Working Principles
2 Organization System
2.1 Leading Body
2.2 Emergency Response Organization
2.3 Municipal Emergency Response Headquarters
2.4 Functional Division
2.5 Expert Advisory Bodies
3 Prevention and Warning
3.1 Prevention
3.2 Early Warning Level
3.3 Early Warning Monitoring
3.4 Release of Early Warning Information
3.5 Early Warning Response
3.6 Early Warning Release
4 Emergency Response
4.1 Information Reports
4.2 Response Levels
4.3 Emergency Disposal
4.4 Technology Implementation
4.5 Release of Information
5 Post-Disposal
6 Emergency Safeguards
6.1 Organization and Personnel
6.2 Materials Guarantee
6.3 Telecommunication Guarantee
6.4 Funding
6.5 Liability and Reward/Penalty
7 Supplementary Provisions
7.1 Interpretation of the Plan
7.2 Amendment to the Plan
7.3 Implementation of the Plan
1 General Provisions
1.1 Purpose for Preparation
The Plan is formulated to establish and improve the Municipality's emergency work mechanism for cyber security incidents, improve the ability to respond to unexpected cyber security incidents, prevent and reduce losses and harm caused by cyber security incidents, protect public interests, safeguard national security, public security and social order, and guarantee safe operation of the Municipality.
1.2 Basis for Preparation
The Plan is prepared according to the Emergency Response Law of the People's Republic of China, the Cyber Security Law of the People's Republic of China, the Administrative Measures for Emergency Response Plan, the National Emergency Response Plan for Cyber Security Incidents, the Measures of the Shanghai Municipality for Implementing the Emergency Response Law of the People's Republic of China, the Overall Emergency Response Plan of the Shanghai Municipality for Public Emergencies, and the Information Security Technology - Guidance on the Classification and Grading of Information Security Incidents (GB/Z 20986-2007).
1.3 Scope of Application
The Plan shall be applicable to the prevention and disposal of cyber security incidents occurring in the administrative region of Shanghai and those occurring in other areas that may affect the safe operation of Shanghai. In particular, the Shanghai Emergency Response Plan for Communication Guarantee shall apply to the communication guarantee of and communication recovery of basic telecommunication networks; and separate Plan shall be formulated to respond to security incidents related to information contents as well as cybersecurity incidents concerning classified networks and systems.
1.4 Working Principles
It shall be required to adhere to unified leadership and responsibilities assumed at different levels; adhere to unified command, close coordination, rapid response, and scientific disposal; adhere to prevention first, and combination of prevention and emergency response; and adhere to the principle of the department in charge being the department responsible, and the operation department being the department responsible, and give full play to the power of all parties to prevent and dispose of cyber security incidents.
2 Organization System
2.1 Leading Body
The Cyberspace Affairs Commission of the CPC Shanghai Municipal Committee (hereinafter referred to as the "Shanghai Cyberspace Affairs Commission") is responsible for coordinating and organizing the cybersecurity protection work of Shanghai Municipality, and exercising unified command of the handling of cybersecurity incidents of the Shanghai Municipality.
2.2 Emergency Response Organization
The Municipal Emergency Response Center is established in the Municipal Public Security Bureau. As a functional organ and command platform for the preliminary emergency response handling of emergencies of the Municipality, it shall perform the functions and duties of handling relatively serious and general emergency incidents through joint emergency response handling and organizing the joint emergency response entities to handle extremely serious or serious emergencies at an early stage. All joint emergency entities shall be responsible for the preliminary emergency response to emergencies within the scope of their respective functions and duties.
2.3 Municipal Emergency Response Headquarters
In the event of extremely serious or serious cyber security incidents, after reporting to municipal leaders for decision, the functional departments shall change the Shanghai Cyberspace Affairs Commission to the Municipal Emergency Response Headquarters of Cyber Security Incidents (hereinafter referred to as the "Municipal Emergency Response Headquarters") for unified command of cyber security incidents handling in the Municipality. The commander-in-chief shall be determined by the leaders of the Shanghai Cyberspace Affairs Commission who are responsible for relevant work, and the members shall consist of leaders of relevant departments and entities, and the setting location shall be determined according to the needs of emergency disposal. Meanwhile, professional contact and disposal teams shall be set up in line with the needs of the situation, and work shall be carried out under the unified command of the Municipal Emergency Response Headquarters.
2.4 Functional Division
The Office of the Cyberspace Affairs Commission of the CPC Shanghai Municipal Committee (hereinafter referred to as the "Office of Shanghai Cyberspace Affairs Commission"), as the administrative office of the Shanghai Cyberspace Affairs Commission, shall undertake the specific tasks of planning, coordinating and organizing the cybersecurity incident response work of the Municipality, and establish and improve the cross-departmental linkage disposal mechanism.
2.5 Expert Advisory Bodies
The Office of Shanghai Cyberspace Affairs Commission is responsible for the establishment of handling network security incidents expert advisory group to provide decision-making advice and technical support for dealing with network security incidents.
3 Prevention and Warning
3.1 Prevention
All districts, departments and entities shall effectively deal with the risk assessment and hidden danger investigation of cyber security incidents, and timely take effective measures to avoid and reduce the occurrence and harm of cyber security incidents.
3.2 Early Warning Levels
There are four levels of early warning of cyber security incidents, which are indicated respectively in red, orange, yellow and blue from high level to low level, corresponding to the occurrence or possible occurrence of extremely serious, serious, relatively serious and general cyber security incidents.
3.3 Early Warning Monitoring
All districts, departments and entities shall organize the monitoring of cyber security of the network and information systems constructed and operated within the administrative scope thereof according to the requirements of " the department in charge being the department responsible, and the operation department being the department responsible ".
......