Pdf Portable | Iso Iec 15408

The standard is now organized into five distinct parts, each covering a crucial aspect of the evaluation framework.

To use ISO/IEC 15408, organizations should follow these steps:

In an increasingly interconnected digital world, ensuring the security of Information Technology (IT) products is paramount. Organizations, governments, and consumers need a reliable mechanism to verify that the security claims of a software or hardware product are legitimate. This is where , globally known as the Common Criteria (CC) for Information Technology Security Evaluation , comes into play. iso iec 15408 pdf

If successful, the lab writes an Evaluation Technical Report (ETR) and the national body (e.g., NIAP in the US, BSI in Germany) issues a . This certificate is valid for the version of the product evaluated.

The specific IT product, system, or component that is undergoing the security evaluation. The standard is now organized into five distinct

A set of security requirements for a category of products (e.g., firewalls) that meet specific user needs.

ISO/IEC 18045:2022, also published in August 2022, replaced the previous version. It is the companion document to the ISO/IEC 15408 criteria. It describes the minimum actions an evaluator must perform to conduct a Common Criteria evaluation. To get the complete picture of the evaluation framework, you would ideally obtain both the 15408 and 18045 PDFs. This is where , globally known as the

A key strength of the Common Criteria is international cooperation through the . Member countries (including the US, UK, Canada, Germany, France, Japan, and many others) agree to mutually recognize each other's Common Criteria certificates. This means that if your smartcard product receives a certification from a lab in Germany, that same certification is automatically accepted in Japan, significantly reducing barriers to international trade.

The standard is valuable for several key stakeholders: