The National Technical Authority for Information Assurance
 
  ABOUT US   PRODUCTS & SERVICES   PUBLICATIONS   POLICY & TECHNOLOGIES   FIND A .....
Common Criteria & ITSEC
Introduction
Certified Products
CLEFs
Common Criteria Assurance Levels
Directory of Infosec Assured Products (pdf)
Formal Documentation
International Links
Introductory Guides
ITSEC Assurance Levels
Joint Interpretation Library
Security Evaluation Criteria
Structure of the UK Scheme
UK Evaluator Training Material
UK National Interpretations for Common Criteria
Scheme FAQs
Scheme History
Common Criteria portal

Business Questionnaire for Common Criteria and Tailored Assurance Services (doc)

 
Formal Documentation

Abbreviations and References This document lists references and abbreviations quoted in other publications pdf Icon
40k
CCRA - Common Criteria Recognition Arrangement The purpose of this Arrangement is to bring about a situation in which IT products and protection profiles which earn a Common Criteria certificate can be procured or used without the need for further evaluation. pdf Icon
437k
Mutual Recognition Agreement of IT Security Evaluation Certificates
Version 2.0.April 1999
This document supersedes document 017/97 Finally approved by Senior Officials Group Information Systems Security of the European Commission at their meeting on 26 November 1997. This document details the agreement by which products or systems awarded an IT Security Evaluation Certificate in one country can be used by parties in other countries without the need for them to be evaluated and certified again. pdf Icon
107k
Description of the scheme
UKSP01
Provides a complete overall description of the UK Scheme pdf Icon
73k
CLEF Requirements Part I - Start Up and Operation
(UKSP02 Part I)
Covers, in detail, the appointment and operation of CLEFs for the UK Scheme. Includes the following headings: Setting up a CLEF; Appointment & Assessment for New CLEFs and CLEF operation. pdf Icon
291k
CLEF Requirements Part II - Conduct of an Evaluation Covers CLEF organization, preparation, conduct and conclusion phases of an evaluation. pdf Icon
83k
Sponsor's Guide (Role of Sponsor in IT Security Evaluation and Certification) UKSP03 Covers a broad spectrum of issues concerning the Sponsor and the UK Scheme. Subjects include: Features and Benefits of the Scheme; Concepts of Security Evaluation; Roles and Responsibilities of Sponsors; Evaluation Preparation & Timescales and Project Management Issues. Some aspects also affect Developers. pdf Icon
240k
Guidance to Sponsors on TOE Scoping Provides guidance on questions of evaluation scope, including those of which product subset and configuration to submit for evaluation. pdf Icon
104k
TOE Scope information - Guidance to sponsors on TOE Scope Information Guidance to sponsors on TOE Scope Information pdf Icon
232k
UK CB Standard Cerification Work Programme This CWP outlines the certification work to be performed by the Certification Body (CB). pdf Icon
40k
VLA-Centric Evaluation: Improving Evaluations by Putting Vulnerabilities First Describes a ‘VLA-centric approach’ to CC evaluation, driven by vulnerability analysis and penetration testing. The structure of evaluation is changed, but the content of evaluation still covers all of the CEM evaluator action elements. pdf Icon
192k
 © Crown copyright, 2008. This CESG Website is maintained for your personal use and viewing. Access and use by you of this site constitutes acceptance of our terms and conditions which take effect from the date of first use. Click here for our terms and conditions CESGweb@cesg.gsi.gov.uk