• We are a U.S. National Information Assurance Partnership (NIAP) – approved accredited Common Criteria Testing Laboratory that performs IT security evaluations for conformance to the Common Criteria for Information Technology Security Evaluation.
• We evaluate products against NIAP- approved Protection Profiles.
• The benefit of completing Common Criteria Evaluation is twofold: achieving a valuable product certification and improving the security of the product.

The Common Criteria certification consists of the following steps:

1. A Common Criteria workshop can be held by the laboratory either at a vendor’s site or remotely. The workshop covers all applicable Common Criteria and Protection Profile requirements as they apply to the vendor’s product.

2. We analyze the product information obtained during the workshop and existing vendor documentation. We then conduct a gap analysis to determine potential areas of non-compliance with the requirements of the Common Criteria standard and the requirements of the Protection Profiles.

3. The vendor corrects deficiencies identified during the gap analysis phase, if any.

4. The vendor and the laboratory enter into an evaluation agreement for the evaluation of the product.

5. The vendor submits the product and the product documentation, including the Security Target document, to the laboratory.

6. An evaluation start-up meeting is conducted.

7. The laboratory works with the vendor and the Common Criteria validators to conduct the Common Criteria evaluation of the product. The vendor addresses any deficiencies that are found during the evaluation.

8. After successful completion of the evaluation the laboratory submits the evaluation documents to the NIAP.

9. Upon resolution of validators’ comments, and submission of the final evaluation documents to the NIAP the Common Criteria Certificate is issued.