On 16 April, the China Electronic Standardization Institute (CESI), the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT), the National Information Security Research Center (NISRC), and three local officer device enterprises, jointly submitted to TC260/WG5 a new standard proposal: Information security technology – security specification for office devices. The new standard proposal aims to replace two currently effective standards used to ensure the information security of office devices, namely GB/T29244-2012 Information security technology - Basic security requirements for office devices, and GB/T 38558-2020 Information security technology－Security test method for office devices – which had both been adopted by the IT Product Information Security Certification owned by the China Cybersecurity Review Technology and Certification Centre.

The proposal remarks the need to adopt a new standard, as GB/T29244-2012 and GB/T 38558-2020 can no longer meet the needs of printing technology which is constantly iterating and updating; at the same time, the two current standards do not address aspects such as potential risks in supply chain, hardware, application software, data security, etc. Therefore, the proposed standard highlights a series of measures to mitigate such risks, in particular supply chain security. Specifically, the Draft stipulates that officer devices providers shall: