|
|||||||||
|
| Structure
of the UK Scheme Certification Body The UK Scheme is administered by a Certification Body managed by CESG and based at Cheltenham. The Scheme and its operation are explained in the publication "Description of the UK IT Security Evaluation and Certification Scheme" (UKSP01) (pdf). Quality Accreditation The Certification Body of the United Kingdom IT Security Evaluation and Certification Scheme is now accredited to the European Standard for Certification Bodies (EN45011:1998). The Certification Body Security Evaluation was granted a certificate by the United Kingdom Accreditation Service on 16th March 2000 to provide conformity certification for Common Criteria, IT Security Evaluation Criteria and UK Systems Security Confidence Levels UKL1- UKL6. Where stakeholders of the Scheme feel that their needs and advice are not being addressed by the Certification Body in accordance with UKSP01 “Description of the Scheme” then they may inform the United Kingdom Accreditation Service. What is a CLEF? Evaluations under the UK Scheme are performed by CommerciaL Evaluation Facilities (CLEFs). These are commercial organisations appointed by the Certification Body of the Scheme. Appointments are either Provisional or Full. The former is granted to allow evaluations to be performed or monitored to enable the appropriate UKAS quality accreditation to be awarded (ISO17025); a Full Appointment is granted to cover evaluations where the assurance level falls within the scope of the UKAS accreditation. CLEFs are subject to basic requirements and conditions of operation specified in the document "CLEF Requirements: Startup and Operation" (UKSP02 Part1) (pdf). These conditions cover:
|
 |
|||
|