NIAP and COTS Product Evaluations
The National Security Agency (NSA) manages the National Information Assurance Partnership (NIAP), which provides common criteria for testing and validations of commercially developed Information Technology.
The National Security Agency (NSA) manages the National Information Assurance Partnership (NIAP), a United States Government Program originating from the need to meet security testing concerns of customers and producers of Information Technology (IT). Through NIAP's Common Criteria Evaluation and Validation Scheme (CCEVS), approved Common Criteria Testing Laboratories (CCTLs) evaluate commercial products.
The CCEVS Validation Body:
- Provides technical guidance to CCTLs
- Validates the results of IT security evaluations for conformance to the International Common Criteria for IT Security Evaluation, and
- Serves as an interface to other nations for the recognition of such evaluations.
The CCEVS Validation also contains lists of IT products and Protection Profiles:
- NIAP Validated Products, those completed under the CCEVS
- Products and Protection Profiles in Evaluation, those in progress
- Certified Products List, those completed under the schemes of authorized
signatures to the arrangement on the Mutual Recognition of Common Criteria
Certificates in the field of IT Security.
Please contact IAD's Client Contact Center for more information.