China Certification of Information Security – CCIS

In the fall of 2015, the Chinese government began to allow foreign manufacturers to apply for CCIS Certification. China Certification of Information Security, or CCIS, is the information security equivalent of China Compulsory Certification, or CCC.  It is required for information security products to be procured by the Chinese government.

There are eight product categories within CCIS:

  • Border security, including firewalls, network security separated cards and line selectors, and security isolation and information exchange products
  • Communication security, such as secure routers
  • Authentication and access control, such as smart card chip operating systems
  • Data security, including data backup and recovery products, secure operating systems, and secure database systems
  • Content security, such as anti-spam products
  • Valuation, audit, and control, including intrusion detection systems, network vulnerability scanning products, and security audit products
  • Application security, such as website recovery products
China Certification of Information Security

The China Certification of Information Security (CCIS) mark diagram

Obtaining China Certification of Information Security is a multi-step process, including an application, type testing, factory inspection, product marking, and follow-up inspections after certification.

The CCIS mark is based on Chinese national standards, which outline the technical requirements that information security products must meet.

Depending on the type of information security product, it may be subject to cipher test certification through the Office of the State Commercial Cryptography Administration (OSCCA), Network Access License (NAL) certification, or Radio Type Approval (SRRC) certification. G&M Compliance has experts in both the U.S. and China to determine which types of certification are necessary for your product and guide you through the certification process. 


ISCCC is the certification body that issues the CCIS mark.  G&M Compliance has been building relationships with the ISCCC approval body since before its inception in 2013. With our compliance experts in the U.S. and China, we can personally facilitate the application, testing, and inspection process for your information security product. G&M Compliance is a full-service compliance solution with an established process that positions you for success entering the Chinese market.

Learn more about shipping your product to China and Chinese product certification:

Contact G&M Compliance or request a quote today to learn more about our compliance and certification services.