In 2023, the People's Bank of China officially issued the financial industry standard "Guidelines for Capacity Building of Financial Data Centers" JR T 0265-2023 (hereinafter referred to as the "Guidelines").
The Guidelines stipulate the capability requirements for financial data center governance, site environment, network communication, operation management and risk control, and are applicable to the construction and management of financial data centers.
The requirements for capacity building of financial data centers in the Guidelines are divided into basic requirements and enhanced requirements. The basic requirements are the adaptability requirements put forward according to the characteristics of the financial industry on the premise of meeting the requirements of relevant national standardsThe enhanced requirements are to encourage financial data centers to further improve their safe and stable operation capabilities, and are required in terms of new technology application, low-carbon environmental protection, energy conservation and efficiency, and business continuity.
The issuance of the Guidelines will help guide financial institutions to strengthen their green, intelligent and new data center construction capabilities, improve the level of data center life cycle management, and strengthen data center governance and security operation guarantee capabilities, so as to provide strong support for the digital transformation of finance. It also shows that the People's Bank of China attaches great importance to the construction of new data centers in the financial industry. Previously, in 2015, the People's Bank of China (PBoC) issued two financial industry standards, namely the Specification for the Power System of the Information System of the Financial Industry (JR T 0131-2015) and the Specification for the Evaluation of the Power System of the Information System of the Financial Industry (JR T 0132-2015). A number of financial industry standards in the field of data centers have been formulated to standardize and guide the construction, operation and maintenance of data centers in the financial industry, ensure the business continuity of financial institutions, and meet the security requirements of data centers.
As a testing organization authorized by the Beijing National Fintech Certification Center, China Financial Certification Authority (CFCA) continues to help the financial industry implement national policies and regulations on information security protection and industry standards for data center construction and operation guarantee. CFCA provides infrastructure level certification and testing services and power system certification and testing services for information system rooms in the financial industry for data centers of various sizes and levels (including data centers built by financial institutions and institutions that provide hosting services for financial institutions).
After the data center passes the CFCA test, it will obtain the "Financial Industry Data Center Infrastructure Level Certification Service Certification" or the "Financial Industry Information System Computer Room Power System Certification Service Certification Certificate" issued by the Beijing National Fintech Certification Center, which not only meets the requirements of regulatory compliance, but also proves the high availability of the data center.
Detailed explanation of the two tests of infrastructure level certification and power system certification of the computer room
1.Data center infrastructure level certification and testing in the financial industry
Test basis: 1) "Data Center Design Code" (GB 50174-2017).
2) "Code for the Power System of the Computer Room of the Information System of the Financial Industry" (JR T 0131-2015).
3) "Code for Evaluation of Power System of Information System Room of Financial Industry" (JR T 0132-2015).
Detection scope: including building and structure, building and fire protection, building structure, location and equipment layout, environmental system, electrical system, air conditioning system, network and wiring system, environmental and equipment monitoring system, safety system, water supply and drainage and other aspects.
2.Certification and testing of power system in the computer room of the information system of the financial industry
Testing basis: 1) "Code for Power System of Information System Room of Financial Industry" (JR T 0131-2015).
2) "Code for Evaluation of Power System of Information System Room in Financial Industry" (JR T 0132-2015).
Detection scope: including power supply and distribution system architecture, power supply and distribution equipment, power supply quality, lightning protection and grounding system, power monitoring system.
Introduction to CFCA Information Security Services
CFCA is an authoritative third-party testing institution recognized by the People's Bank of China, the Ministry of Public Security, the State Administration for Market Regulation and other ministries and commissions, with comprehensive testing qualifications, and can provide a full range of product evaluation and testing services for industries and fields such as finance, telecommunications, transportation, government affairs, and the Internet of Things. The testing business covers chips, barcode payment terminals, data center infrastructure, multi-party security technology financial applications, blockchain technology products, commercial banking application APIs, trusted execution environments and their applications (TEE and TA), cloud computing platforms, and information security services such as commercial cryptography application security assessment.