Commercial COMSEC Evaluation

The CCEP allows an agreement to be forged between the NSA and a vendor to develop and produce products that help improve the IA posture of DoD customers.

Overview

The Commercial COMSEC Evaluation Program (CCEP) is a development program for Information Assurance (IA) products. Under the CCEP, the National Security Agency (NSA) enters into a business relationship with a vendor to develop and produce products that are of a direct benefit to improving the IA security posture for Department of Defense customers. NSA applies its IA resources to evaluate products that best provide for widespread availability of high-quality, low-cost, secure communication systems for use by the U.S. Government.

Interested vendors must complete a CCEP Product Summary Questionnaire (PSQ), detailing the product. The information provided will be measured against national IA standards, needs, and priorities to determine the suitability of a potential product for acceptance into the program.

Process

  1. Product vendor contacts Client Advocates
  2. NSA provides vendor with CCEP Product Summary Questionnaire (PSQ)
  3. Vendor completes and submits PSQ
  4. A business case is determined
  5. Vendor then submits a detailed proposal
  6. Detailed proposal is reviewed for technology and market
  7. Product is accepted into program
  8. NSA and Vendor enter into a legal agreement
  9. NSA and Vendor participate in a security evaluation
  10. NSA certifies the security embedded within the product/service

Please contact IAD's Client Contact Center for more information.

Last Reviewed: 13 May 2015