Chapter III Network Operation Security
Article 40
Translation Notice
This is an unofficial English translation prepared for general informational purposes only. It does not constitute legal advice. In case of any discrepancy, the official Chinese text published by the competent authority shall prevail.
本文为非官方英文翻译,仅供一般信息参考,不构成法律意见。如与主管机关发布的中文正式文本不一致,以中文正式文本为准。
Chinese Original
第四十条 关键信息基础设施的运营者应当自行或者委托网络安全服务机构对其网络的安全性和可能存在的风险每年至少进行一次检测评估,并将检测评估情况和改进措施报送相关负责关键信息基础设施安全保护工作的部门。
English Translation
Operators of critical information infrastructure shall, by themselves or by entrusting cybersecurity service institutions, conduct testing and assessment of the security and possible risks of their networks at least once each year, and submit the testing and assessment results and improvement measures to the relevant departments responsible for critical information infrastructure security protection.
Free web reference version. Editable bilingual Word/PDF/Excel packages may be provided separately after editorial review.