Abstract: Strengthening the awareness of security and responsibility is the primary condition for data security management. People are the most important factor in the construction of data security. All data security management specifications and technical measures are based on people. From the perspective of data security compliance, this article fully analyzes the corporate data security protection obligations in accordance with the Data Security Law, and innovatively designs the corporate data security responsibility matrix and data security incident accountability matrix to provide enterprises with the construction of data security compliance management. The design ideas for the key functions required by each stakeholder in the system process, and a practical accountability plan based on the key functions, can implement the Data Security Law for various industries and units, and build a data security organization. And the incident accountability mechanism to provide sufficient reference.

Key words: data security, security management, data security responsibilities, data security incident accountability, data security management system

摘要： 强化安全意识和责任意识是做好数据安全管理工作的首要条件，人是数据安全建设中最重要的因素，一切数据安全管理规范和措施都是以人为基础的.从数据安全合规视角出发，依据《中华人民共和国数据安全法》(以下简称《数据安全法》)，充分分析企业数据安全保护义务，创新设计了企业数据安全责任矩阵和数据安全事件追责矩阵，为企业提供建设数据安全合规管理体系过程中各利益攸关方所需的关键职能的设计思路，并依据关键职能给出了切实可行的问责方案，可以为各行业各单位落实《数据安全法》、构建数据安全组织建设和事件问责机制提供充分的参考.

关键词: 数据安全, 安全管理, 数据安全职责, 数据安全事件问责, 数据安全管理体系