Common Criteria (ISO 15408) is a global information technology (IT) validation scheme that evaluates IT products using a common methodology to ensure achievable, repeatable, and testable requirements are met. Two evaluation types are available.
Protection profile | In the US, your IT product is evaluated against a protection profile. Profiles are technology-specific requirements specifications developed by international technical communities with representatives from industry, government, end users, and academia. |
EAL | Outside the US, your product may be evaluated against a protection profile or using evaluation assurance levels (EALs). The EAL model applies defined sets of security function requirements to your product against which your product is evaluated. |
Each IT product being evaluated requires substantial assurance documents including a security target, user guidance to ensure all security features are used properly, and for EALs, additional detailed design and other specifications. RAI works closely with your staff and your chosen CCEVS lab to develop the assurance documents needed to achieve compliance.
RAI has developed assurance documents for a wide variety of technology types including network switches, network data collectors and analyzers, a cryptographic library, full disk encryption.
To obtain a quote for services, call RAI at 978 251-7908 or email [email protected].
For more information:
You can read more about US evaluations using protection profiles here.
You can read more about evaluations using EALs here.